SenateS. 4930119th Congress

Unmanned System Command and Control Integration Assessment Act of 2026

Full Text

Official text as published. Use Ctrl+F / Cmd+F to search within the document.

[Congressional Bills 119th Congress]
[From the U.S. Government Publishing Office]
[S. 4930 Introduced in Senate (IS)]

<DOC>

119th CONGRESS
  2d Session
                                S. 4930

    To require the Secretary of Defense to assess and report on the 
feasibility of incorporating open-architecture, unmanned system command 
   and control frameworks into Department of Defense unmanned system 
  operations across all unmanned system tiers and domains, drawing on 
    lessons from allied and partner country systems, and for other 
                               purposes.

_______________________________________________________________________

                   IN THE SENATE OF THE UNITED STATES

                             June 24, 2026

  Mr. McCormick (for himself and Ms. Rosen) introduced the following 
   bill; which was read twice and referred to the Committee on Armed 
                                Services

_______________________________________________________________________

                                 A BILL

 
    To require the Secretary of Defense to assess and report on the 
feasibility of incorporating open-architecture, unmanned system command 
   and control frameworks into Department of Defense unmanned system 
  operations across all unmanned system tiers and domains, drawing on 
    lessons from allied and partner country systems, and for other 
                               purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Unmanned System Command and Control 
Integration Assessment Act of 2026''.

SEC. 2. ASSESSMENT OF UNMANNED SYSTEM COMMAND AND CONTROL FRAMEWORKS.

    (a) Assessment Required.--Not later than 180 days after the date of 
the enactment of this Act, the Secretary shall, in coordination with 
the Chairman of the Joint Chiefs of Staff, the Under Secretary of 
Defense for Acquisition and Sustainment, the Secretary of Defense for 
Research and Engineering, the Chief Information Officer, Joint 
Interagency Task Force 401, the Director of the Defense Information 
Systems Agency, the Commander of Joint Interoperability Test Command, 
and the Secretaries of the military departments, commence a 
comprehensive assessment of open-architecture, unmanned system command 
and control frameworks with demonstrated operational effectiveness.
    (b) Scope of Allied and Partner System Review.--The assessment 
commenced under subsection (a) shall review each of the following 
allied and partner country unmanned systems command and control 
frameworks and may include such additional frameworks as the Secretary 
determines appropriate:
            (1) Ukraine's Delta battlefield management and unmanned 
        aircraft systems coordination system, including an analysis of 
        its technical architecture, its operational effectiveness in 
        contested environments, the interoperability and integration 
        lessons learned from its deployment that are applicable to 
        United States Armed Forces unmanned aircraft systems command 
        and control operations, and its cybersecurity resilience under 
        active electronic warfare and cyber attack.
            (2) Israel's Multiple Drone Operating System, including an 
        analysis of its technical architecture, its demonstrated 
        operational effectiveness in managing simultaneous civilian, 
        commercial, and military unmanned aircraft systems operations, 
        the interoperability and integration lessons learned from its 
        deployment that are applicable to United States Armed Forces 
        unmanned aircraft systems command and control operations, and 
        its cybersecurity and emergency prioritization mechanisms.
    (c) Elements of Assessment.--The assessment commenced under 
subsection (a) shall address, at a minimum, each of the following 
elements:
            (1) Architectural analysis, including--
                    (A) a comparative analysis of the technical 
                architectures of the unmanned systems command and 
                control frameworks reviewed, including data formats, 
                communication protocols, interface standards, and 
                software design approaches;
                    (B) an evaluation of the degree to which each 
                framework employs open-architecture and modular open-
                systems architecture principles; and
                    (C) an identification of the architectural 
                characteristics most associated with operational 
                effectiveness, adaptability, and resilience in 
                contested environments.
            (2) Unmanned systems tier compatibility, including--
                    (A) an evaluation of each framework's capacity to 
                manage all unmanned systems within a single integrated 
                command and control environment;
                    (B) an identification of the technical and 
                doctrinal barriers to command and control 
                interoperability across unmanned systems s within a 
                single framework; and
                    (C) a recommendation for the minimum capability 
                requirements a Department unmanned systems command and 
                control framework must meet to support effective 
                employment of unmanned systems across all in a joint 
                operational environment.
            (3) Interoperability with existing Department systems, 
        including--
                    (A) a detailed assessment of the compatibility and 
                interoperability requirements for integrating an open-
                architecture unmanned system command and control 
                framework with current and future Department command 
                and control modernization, as designated by the 
                Secretary at the time of the assessment;
                    (B) an identification of the interface standards, 
                data translation requirements, and technical 
                integration pathways that would be necessary to achieve 
                such interoperability; and
                    (C) an assessment of the risks associated with 
                integration, including cybersecurity risks arising from 
                connecting an open-architecture system to existing 
                classified networks.
            (4) Cybersecurity and future-proofing, including--
                    (A) an assessment of the cybersecurity posture of 
                each framework reviewed, including its resilience to 
                electronic warfare, Global Positioning System denial, 
                communications jamming, and software-based cyber attack 
                in active contested environments;
                    (B) a recommendation for a cybersecurity standards 
                framework or updates to the Risk Management Framework 
                of the National Institute of Standards and Technology 
                applicable to a Department unmanned system command and 
                control system that--
                            (i) is based on the Cybersecurity Framework 
                        2.0, published by the National Institute of 
                        Standards and Technology, and applicable 
                        special publications of the Institute, and is 
                        designed to incorporate updated guidance from 
                        the Institute without requiring legislative 
                        action;
                            (ii) incorporates a comprehensive supply 
                        chain risk management strategy;
                            (iii) implements robust data-centric 
                        security controls, including end-to-end data 
                        encryption, data tagging for automated policy 
                        enforcement, and accredited cross-domain 
                        solutions to prevent compromise between 
                        classification levels and to enable secure data 
                        interoperability with mission partners;
                            (iv) establishes vulnerability disclosure 
                        and patch management standards enabling timely 
                        response to newly identified threats without 
                        requiring system-wide redesign;
                            (v) specifies a recurring review cycle of 
                        not less than once every 18 months to update 
                        cybersecurity standards as the National 
                        Institute of Standards and Technology and other 
                        relevant standards bodies publish new guidance, 
                        without requiring legislative action; and
                            (vi) mandates alignment with Zero Trust 
                        Architecture (ZTA), ensuring all data, 
                        applications, assets, and services are managed 
                        with the assumption that the network is already 
                        compromised;
                    (C) an assessment of how the architecture of the 
                framework can accommodate future unmanned systems 
                technologies, including autonomous systems, artificial 
                intelligence-enabled targeting and deconfliction, 
                swarming capabilities, and beyond-visual-line-of-sight 
                operations, without requiring full system replacement; 
                and
                    (D) a recommended technology refresh cycle and 
                associated governance process for keeping a Department 
                unmanned system command and control framework current 
                with advancing technology and evolving threats.
            (5) Tactical adaptability and field-level flexibility, 
        including--
                    (A) an assessment of the mechanisms within each 
                framework reviewed that enable tactical-level operators 
                and commanders to modify, adapt, or extend command and 
                control functionality without depending on centralized 
                software updates or acquisition processes, drawing on 
                documented examples from the conflict in Ukraine where 
                unmanned aircraft systems tactics evolved within weeks 
                in response to adversary countermeasures;
                    (B) a recommended design approach for a Department 
                framework that preserves appropriate security and 
                safety controls while enabling tactical-level 
                customization, including through the use of application 
                programming interfaces, modular software components, 
                and operator-accessible configuration tools; and
                    (C) an assessment of the doctrinal, training, and 
                organizational changes required to enable and sustain 
                field-level innovation within a structured command and 
                control architecture.
            (6) Classification and technology transfer, including--
                    (A) an assessment of the classification 
                implications of a Department unmanned system command 
                and control framework, including recommendations for 
                which components may operate at unclassified levels to 
                maximize interoperability with allied and commercial 
                systems, and which must be classified;
                    (B) an assessment of the technology transfer and 
                foreign military sales implications of the frameworks 
                reviewed, including intellectual property and national 
                security considerations associated with adopting or 
                adapting systems developed by or with foreign partners; 
                and
                    (C) recommendations for information-sharing 
                arrangements with other United States Government 
                organizations, allies, and partner nations that would 
                facilitate ongoing exchange of unmanned systems command 
                and control lessons learned and technical standards.
            (7) Implementation roadmap, including--
                    (A) a recommended phased implementation approach 
                for developing and fielding a Department unmanned 
                system command and control framework, including 
                recommended near-term pilot programs or exercises that 
                could demonstrate technical feasibility and operational 
                utility;
                    (B) an estimate of the resources, including 
                funding, personnel, and acquisition authorities, 
                required to develop and field the recommended 
                framework; and
                    (C) an identification of existing Department 
                programs, platforms, and acquisition vehicles that 
                could serve as the basis for or be accelerated by an 
                unmanned system command and control capability.

SEC. 3. INDEPENDENT ADVISORY PANEL.

    (a) Establishment.--Not later than 60 days after the date of the 
enactment of this Act, the Secretary shall establish an independent 
advisory panel (in this section referred to as the ``Panel'') to 
provide independent review and technical guidance to the assessment 
required under section 2.
    (b) Composition.--The Panel shall consist of not fewer than 10 and 
not more than 15 members appointed by the Secretary, including--
            (1) not fewer than two individuals who have direct 
        operational experience in unmanned aircraft systems employment 
        in a joint or combined military environment;
            (2) not fewer than two individuals who have technical 
        expertise in open-architecture software systems, modular 
        systems design, or command and control software architecture;
            (3) not fewer than two individuals who have expertise in 
        cybersecurity, including experience with operational technology 
        cybersecurity in contested environments;
            (4) at least three individuals who have expertise in 
        unmanned aircraft systems command and control operations, 
        doctrine, or command and control from an allied or partner 
        country with significant unmanned aircraft systems operational 
        experience, appointed in coordination with relevant allied or 
        partner country authorities;
            (5) at least one individual with experience in unmanned 
        aircraft system (UAS) traffic management in the National 
        Airspace System; and
            (6) such additional members as the Secretary determines 
        appropriate, which may include representatives from the defense 
        industrial base, federally funded research and development 
        centers, academic institutions with relevant expertise, and the 
        Department of Defense test and evaluation community to ensure 
        early consideration to interoperability, testability, and 
        certification requirements.
    (c) Limit on Active Government Employees.--Not more than two-thirds 
of the members of the Panel may be a full-time officer or employee of 
the United States Government.
    (d) Duties.--The Panel shall provide written assessments and 
recommendations on each element of the assessment described in section 
2(c) and shall have the opportunity to review and comment on draft 
findings before finalization.
    (e) Termination.--The Panel shall terminate on the date that is 90 
days after the date of the submittal of the final report required under 
section 4(b).
    (f) Compensation.--Members of the Panel who are not full-time 
officers or employees of the United States Government shall be 
compensated at a daily rate equal to the daily equivalent of the annual 
rate of basic pay for level IV of the Executive Schedule under section 
5315 of title 5, United States Code, for each day they are engaged in 
the performance of Panel duties and shall be allowed travel expenses as 
authorized under section 5703 of title 5, United States Code.

SEC. 4. REPORTS TO CONGRESS.

    (a) Interim Report.--Not later than 180 days after the date of the 
enactment of this Act, the Secretary shall submit to the congressional 
defense committees an interim report on the status of the assessment 
required under section 2, which shall include--
            (1) an identification of any additional allied and partner 
        country frameworks selected for review and analysis beyond 
        those specified in section 2(b);
            (2) a summary of findings from the architectural analysis 
        required under section 2(c)(1);
            (3) a preliminary assessment of interoperability 
        requirements under section 2(c)(3); and
            (4) any significant findings or challenges identified to 
        date.
    (b) Final Report.--Not later than one year after the date of the 
enactment of this Act, the Secretary shall submit to the congressional 
defense committees a final report containing the complete findings and 
recommendations of the Secretary with respect to the assessment 
required under section 2. The final report shall include--
            (1) a determination as to whether the development of a 
        Department unmanned system command and control framework based 
        on open-architecture principles is feasible, operationally 
        necessary, and cost-effective;
            (2) if the determination under paragraph (1) is 
        affirmative, a recommended framework architecture, phased 
        implementation roadmap, and legislative or regulatory actions 
        required to proceed;
            (3) if the determination under paragraph (1) is negative or 
        qualified, a description of the specific barriers identified 
        and recommendations for addressing them; and
            (4) a classified annex, as appropriate, containing any 
        elements that the Secretary determines must be protected from 
        public disclosure for national security reasons.
    (c) Form.--Reports required under this section shall be submitted 
in unclassified form, but may include a classified annex. Unclassified 
portions shall be made publicly available on the Department public 
website not later than 30 days after submission.
    (d) Annual Update.--For a period of five years following submission 
of the final report under subsection (b), the Secretary shall submit to 
the congressional defense committees, as part of the annual budget 
justification materials submitted to Congress in support of the budget 
of the Department (as submitted with the budget of the President under 
section 1105(a) of title 31, United States Code), an update 
describing--
            (1) actions taken by the Department in response to the 
        recommendations of the Secretary contained in the final report;
            (2) material changes in allied or partner country unmanned 
        systems command and control frameworks or practices relevant to 
        the assessment's conclusions;
            (3) emerging unmanned systems technologies or cybersecurity 
        threats that would materially affect the recommended framework 
        architecture; and
            (4) the status of any pilot programs, exercises, or 
        acquisition activities initiated pursuant to the 
        recommendations of the Secretary contained in the final report.

SEC. 5. CYBERSECURITY STANDARDS FOR ANY RECOMMENDED FRAMEWORK.

    (a) Requirements.--Any unmanned system command and control 
framework recommended in the final report required under section 4(b), 
and any system developed or procured pursuant to such a recommendation, 
shall--
            (1) employ a modular open systems architecture that permits 
        individual software and hardware components to be updated, 
        replaced, or patched in response to identified cybersecurity 
        vulnerabilities without requiring redesign of the system as a 
        whole;
            (2) apply a supply chain risk management framework 
        throughout the asset's and component's lifecycles;
            (3) comply with the most current version of the 
        Cybersecurity Framework 2.0 published by the National Institute 
        of Standards and Technology and applicable special publications 
        of the Institute, as updated from time to time, without 
        requiring amendment of this Act to conform to new guidance;
            (4) include a documented vulnerability disclosure policy 
        and a process for receiving, triaging, and patching reported 
        vulnerabilities within defined response time standards 
        established by the Secretary; and
            (5) undergo penetration testing by a National Security 
        Agency-certified red team not less frequently than once every 
        two years following initial fielding, with findings reported to 
        the Principal Cyber Advisor and, in summary form, to the 
        congressional defense committees.
    (b) Exclusion of Covered Foreign Entities.--No software, hardware, 
or service produced, provided, or operated by an entity on the Federal 
Communications Commission Covered List established under section 2 of 
the Secure and Trusted Communications Networks Act of 2019 (47 U.S.C. 
1601), or on the Department of Defense Covered Foreign Entity list 
maintained pursuant to section 4872 of title 10, United States Code, 
may be incorporated into any unmanned system command and control 
framework developed, procured, or fielded pursuant to this Act.
    (c) Living Standards Process.--The Secretary shall, in coordination 
with the Director of the National Security Agency, the Director of the 
Cybersecurity and Infrastructure Security Agency, and the Chief 
Information Officer of the Department, establish a process for 
reviewing and updating the cybersecurity standards applicable to a 
framework developed pursuant to this Act on a recurring basis of not 
less than once every 18 months, to ensure such standards remain current 
with the evolving threat environment and applicable Federal standards 
without requiring legislative action.

SEC. 6. COORDINATION WITH EXISTING DEPARTMENT OF DEFENSE PROGRAMS.

    (a) Required Coordination.--In conducting the assessment required 
under section 2, the Secretary shall ensure that the unmanned system 
command and control framework under consideration is assessed for 
compatibility with all current Department command and control 
modernization programs of record, as designated by the Secretary at the 
time of the assessment. The Secretary shall update this assessment as 
the portfolio of such programs evolves, ensuring that recommendations 
remain current with the Department's command and control modernization 
activities regardless of changes in program names, structures, or 
priorities.
    (b) Avoidance of Duplication.--In developing recommendations under 
section 2, the Secretary shall assess whether existing programs of 
record identified under subsection (a) can be extended or adapted to 
provide the unmanned system command and control capability described in 
this Act without developing a wholly new system and shall include in 
the final report a determination as to whether such extension or 
adaptation is technically feasible and operationally preferable.
    (c) Domestic Unmanned Aircraft Systems Industrial Base 
Compatibility.--The Secretary shall ensure that the assessment and any 
recommended framework account for the domestic small unmanned aircraft 
systems industrial base remediation efforts undertaken pursuant to 
section 914 of the National Defense Authorization Act for Fiscal Year 
2026 (10 U.S.C. 4811 note), including ensuring that unmanned aircraft 
systems platforms produced through those programs are compatible with 
any recommended command and control framework.

SEC. 7. SHARING OF FINDINGS WITH THE FEDERAL AVIATION ADMINISTRATION.

    (a) Transmission of Findings.--Not later than the date that is 30 
days after the date of the submittal of the final report under section 
4(b), the Secretary shall transmit to the Administrator of the Federal 
Aviation Administration an unclassified summary of the findings and 
recommendations included in the report, with particular attention to 
findings regarding--
            (1) open architecture and modular design principles 
        applicable to unmanned system command and control systems;
            (2) cybersecurity standards and frameworks evaluated or 
        recommended for Department unmanned aircraft systems command 
        and control systems that may have applicability to civil 
        unmanned aircraft systems traffic management infrastructure;
            (3) technical standards and interface specifications that 
        could support interoperability between military and civil 
        unmanned aircraft systems operations in shared airspace; and
            (4) lessons learned from systems of allied and partner 
        countries of the United States, regarding the integration of 
        military, commercial, and civil unmanned aircraft systems 
        operations within a unified airspace management framework.
    (b) Purpose.--The purpose of subsection (a) is to inform any 
Federal Aviation Administration planning, rulemaking, or feasibility 
assessment related to civil unmanned aircraft system traffic 
management, beyond visual line of sight operations, or national 
airspace integration, including any activities undertaken pursuant to a 
feasibility assessment directed by Congress regarding a national 
unmanned aircraft systems traffic management system. Nothing in this 
section shall be construed to require the Secretary to disclose any 
classified information to the Administrator.
    (c) Federal Aviation Administration Response.--Not later than the 
date that is 180 days after the date on which the Administrator 
receives the summary transmitted under subsection (a), the 
Administrator shall submit to the congressional defense committees, the 
Committee on Commerce, Science, and Transportation of the Senate, and 
the Committee on Transportation and Infrastructure of the House of 
Representatives a written assessment of the relevance of such findings 
to Federal Aviation Administration civil unmanned aircraft systems 
airspace integration activities and any actions the Federal Aviation 
Administration intends to take in response.

SEC. 8. FUNDING.

    Amounts obligated or expended by the Secretary to carry out this 
Act shall be derived from amounts appropriated to the Department for 
research, development, test, and evaluation.

SEC. 9. DEFINITIONS.

    In this Act:
            (1) Command and control framework.--The term ``command and 
        control framework'' means the software architecture, 
        communications protocols, data standards, interface 
        specifications, and associated hardware that together enable an 
        operator or commander to task, direct, monitor, and receive 
        data from one or more unmanned aircraft systems.
            (2) Congressional defense committees.--The term 
        ``congressional defense committees'' has the meaning given that 
        term in section 101(a) of title 10, United States Code.
            (3) Department.--The term ``Department'' means the 
        Department of Defense.
            (4) Modular open systems architecture.--The term ``modular 
        open systems architecture'' has the meaning given to that term 
        in section 4401(c) of title 10, United States Code, and means a 
        design approach in which key interfaces are defined by widely 
        supported and consensus-based standards, enabling components to 
        be added, modified, replaced, or removed with minimal impact to 
        the remainder of the system.
            (5) Open architecture.--The term ``open architecture'' 
        means a system design based on published, consensus-developed 
        interface standards that permit systems from multiple vendors 
        to interoperate, and that permits components to be updated, 
        replaced, or added without redesign of the system as a whole.
            (6) Secretary.--The term ``Secretary'' means the Secretary 
        of Defense, unless otherwise specified.
                                 <all>