3SDL Cooperative ESM Operations (CESMO) Service

Cooperative ESM Operations (CESMO) exploit the benefits of using intercept data collected simultaneously on a target from different locations and orientations to rapidly and accurately geo-locate threats in a number of seconds. 3SDL provides CESMO Services through G-Cloud for Decision Support.


  • Users can combine collected intercept data and exploit the benefits
  • Users declare own platform ESM capability and availability for tasking
  • Users declare own platform position and status, updated periodically
  • Signals of Interest (SOI) publishing for Signals Identification Authority (SIA)
  • Collector ‘Tips’ where collectors disseminate detections of a SOI
  • Collector tuning where SIA tasks a group of collectors
  • Tune reporting where collectors generate line of bearing (LOB)
  • Triangulation where geolocation is based on multiple LOBs
  • Fused reporting where SIA reports with ID, parametric, error ellipse
  • Chat messaging, to supplement fixed format messaging


  • A more accurate location for the target
  • Location for target can be calculated in a shorter time
  • Geolocation can be calculated on a fleeting (pop-up) threat
  • STANAG 4658 compliant
  • Trialled at EX UNIFIED VISION 12 & 14
  • Actively used by Norway, Germany, Czech Republic and the Netherlands
  • Implements full CESMO AEDP-13 functionality
  • Emulator facility
  • Self-synchronisation with multiple CESMO Hub Services
  • Feature rich Graphical User Interface (GUI)


£3000 to £25000 per instance

  • Free trial available

Service documents

G-Cloud 11



3SDL Frameworks Team

01684 878 170


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints No
System requirements None

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Within 4 hours, Monday to Friday. 48 hours at the weekend.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Our support services are coordinated through a technical account manager, assigned to specific buyers/customers. The account manager will select the support level required based upon the client requirements. The basic level of support provides telephone and e-mail support during normal business working hours as a standard part of the service, the cost being in accordance with the rate card.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started The service includes onsite training, online training and user documentation.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction The user is provided with an encrypted archive containing their data in an open, international format.
End-of-contract process At the end of the contract the user's data is archived, sent to the user and removed from the service. The service is then closed down.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install Yes
Compatible operating systems Windows
Designed for use on mobile devices No
Service interface Yes
Description of service interface CESMO Hub is supplied with three service interfaces to enable dynamic access to the CESMO application. The three interface options are:
1. Web Service
2. Java Message Service (JMS)
3. Application Programming Interface (API)
Accessibility standards None or don’t know
Description of accessibility The service is accessible to local and remote user requests via any of the three service interfaces.
The service interfaces provide full CESMO Hub control in line with the requirements and transactions contained with STANAG 4658. This control includes the ability to configure, initialise and update all CESMO Hub parameters.
Accessibility testing Ll interfaces have been rigorously tested against the requirements of STANAG 4658.
What users can and can't do using the API The service is accessible to local and remote user requests via the API.

The API service interface provides full CESMO Hub control in line with the requirements and transactions contained with STANAG 4658. This control includes the ability to configure, initialise and update all CESMO Hub parameters.
API documentation Yes
API documentation formats
  • HTML
  • ODF
  • PDF
API sandbox or test environment Yes
Customisation available No


Independence of resources Assessments of usage across shared resources are made prior to on-boarding of new service instances and at monthly resource assessments to avoid users being adversely affected.


Service usage metrics No


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach The system includes a data export function for use by users on-demand from the HMI.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability We provide a 99.9% level of availability under the standard SLA. Proportionate refunds for missed SLA can be provided in line with agreed customer KPIs. High levels of availability for mission critical requirements can be considered and implemented through the rate card.
Approach to resilience This information is available on request.
Outage reporting Email alerts

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Management interfaces and support channels are only available to management terminals in separate logical networks.
Access restriction testing frequency At least once a year
Management access authentication Limited access network (for example PSN)

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for Between 6 months and 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 ACM Limited
ISO/IEC 27001 accreditation date 22/11/2017
What the ISO/IEC 27001 doesn’t cover N/A
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach We follow ISO27001 and are undergoing the process of accreditation.
Information security policies and processes We have a company-wide Information Security Management System which is mandated by our corporate Information Security Policy. A wide range of policies and procedures fall from this system, including those for protective monitoring, access control, operating procedures and vetting. Further information is available on request.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Configuration and change management is tracked using specific change management software, tied to both the cloud environment configuration and the software development lifecycle.

Changes are reviewed by the senior system architect and undergo a robust testing regime. Further information is available on request.
Vulnerability management type Supplier-defined controls
Vulnerability management approach We conduct full Cyber Vulnerability assessments using our CESG Certified Practitioners. This includes IS1/2 assessments of threat. Patches are deployed as often as required in accordance with the system's technical controls statements under the control of the accreditor. We get information on threats from CiSP and other private sources.
Protective monitoring type Supplier-defined controls
Protective monitoring approach We apply protective monitoring controls in accordance with GPG13. We identify potential compromises based on protective monitoring and regular testing of defences. We respond to compromises based on our internal set processes and customer requirements, responding to incidents immediately once they are confirmed.
Incident management type Supplier-defined controls
Incident management approach We have pre-defined incident management processes for common events and uncommon events. Users report incidents to the helpdesk and we provide information on incidents to users via routine email or immediate email/phone for critical incidents.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £3000 to £25000 per instance
Discount for educational organisations No
Free trial available Yes
Description of free trial Limited time trial (30 days).

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Terms and conditions
Service documents
Return to top ↑