GovWin
B2G is moving!
Blogs posted after May 22, 2015 will be located on Deltek's central blog page at www.deltek.com/blog.
Just select the "B2G Essentials" blog to continue to receive this valuable content.
Cloud Computing Confusion: Inconsistent Terminology is Muddying the Water

The federal cloud computing market is nothing if not confusing. Despite the best efforts of technical personnel at the National Institute of Standards and Technology to define what cloud is, the cloud market has come to encompass goods and services well beyond the narrow definitions of Infrastructure, Platform, and Software-as-a-Service. Understanding this is important for industry, because the complexity of the cloud market means finding business opportunities is that much harder.

Take for example the booming business of migrating agency datasets to big hosting companies like Amazon Web Services. AWS provides the cloud (the IaaS), but another vendor does the migration work. In this context, what part of the work should be considered cloud computing? The hosting services provided by AWS are clearly cloud, as defined by the NIST, but without the data migration work done by the industry partner, AWS provides nothing. The industry partner is a critical piece of the cloud puzzle, so should the migration work not also be considered part of the cloud market?

At Deltek, we call these types of services “cloud enabling” and we consider them to be part of the cloud computing paradigm. Therefore, we include spending on those services in our analysis of the federal cloud market. So, if cloud enabling services fit into a broader definition of the market, is your business development team searching for opportunities to do this kind of work?

Services like data migration are one shade of gray among many. An even more challenging trend that has emerged within the last couple of years is the use of the term “cloud” to describe a network of communications hardware and switches. This term first came to my attention in the early stages of the Defense Department’s implementation of multi-protocol label switching routers for the Joint Information Environment. Referred to as an MPLS cloud, the “cloudiness” of the MPLS gear appears to refer to the scalability of the hardware, but does the MPLS cloud really fit the definitions of cloud provided by NIST? The DoD is now taking the cloud analogy one step further, referring to sensor arrays as clouds. Are sensor arrays cloud computing? Their description as cloud confuses the issue quite a bit.

So What?

Seeking clarity in the terminology is not simply the complaint of a picky analyst. Consider the following. Using cloud terms for things that are not cloud has a serious impact on our understanding of the market and the size of the business opportunity related to cloud. For example, the Federal Aviation Administration has requested $24.3 million in FY 2016 for its Terminal Voice Switch Replacement program. The TVSR “replaces aging and obsolete voice switches” related to air traffic control. These switches are basically boxes of hardware that enable the use of Voice over Internet Protocol (VoIP).

In its FY 2016 IT budget request, the Department of Transportation requested $71.5 million for cloud computing. The question must be asked, however, if a collection of FAA switching hardware constitutes a cloud. If so, then cloud service providers may consider the size of the DOT cloud business opportunity to be $71.5 million. If not, the FY 2016 cloud opportunity at DOT is $47.2 million.

Company leadership uses these figures to set expectations for the business opportunity available to their sales teams. Let’s say your company’s team is expected to capture 5% of the total cloud spend at the DOT and compensation levels are set accordingly. Does that total equal $3.5 million (5% of $71.5 million) or $2.35 million (5% of $47.2 million)? The distinction matters if your company doesn’t happen to sell the switching equipment that the DOT calls cloud.

The correct use of terminology is important because the definition of cloud computing informs business decisions. If the definition is flawed, the resulting decision is as well. If that matters to your sales team and bottom line, you can see why the terminology matters and why clearing up the confusion is relevant.

 

The Hunt for the New Duct Tape – New Defense Cyber Strategy Looks to Cyber R&D

The Secretary of Defense, Ashton Carter, announced last week the release of the Department of Defense’s (DoD) new Cyber Strategy aimed at improving the their cyber capabilities. One theme focuses on leveraging cybersecurity research and development (R&D) to accelerate these capabilities. So how much money might DoD be directing toward cyber R&D?

New Defense Cyber Strategy Overview

The stated purpose of the new Department of Defense Cyber Strategy is to guide the development of DoD's cyber forces and strengthen its cyber defense and cyber deterrence posture. The strategy focuses on building cyber capabilities and organizations for DoD’s three cyber missions: defend DoD networks, systems, and information; defend the United States and its interests against cyberattacks of significant consequence; and provide integrated cyber capabilities to support military operations and contingency plans.

The strategy sets five strategic goals and establishes specific objectives for DoD to achieve over the next five years and beyond.

  1. Build and maintain ready forces and capabilities to conduct cyberspace operations
  2. Defend the DoD information network, secure DoD data, and mitigate risks to DoD missions
  3. Be prepared to defend the U.S. homeland and U.S. vital interests from disruptive or destructive cyberattacks of significant consequence
  4. Build and maintain viable cyber options and plan to use those options to control conflict escalation and to shape the conflict environment at all stages
  5. Build and maintain robust international alliances and partnerships to deter shared threats and increase international security and stability

Cybersecurity Research and Development

Under the first strategic goal in the area of building technical capabilities for cyber operations the DoD is setting an objective to accelerate innovative cyber research and development (R&D) to build their cyber capabilities, looking to both the existing DoD R&D community and to established and emerging private sector partners for help in developing “leap-ahead technologies” that can aid U.S. cyber-defenses. To that end, DoD plans to focus its basic and applied R&D on developing cyber capabilities to expand the capacity of overall cyber workforce.

What might cyber-focused R&D look like in budgetary terms across the DoD? Looking at the FY 2016 Defense Research, Development, Test and Evaluation (RDT&E) budget books gives a general sense of magnitude and relative distribution of recent and proposed budget dollars. Reviewing the various RDT&E budget artifacts for Army, Air Force, Navy, and the Defense Agencies and searching for key terms like cybersecurity, information assurance, and information security identifies dozens of programs that are primarily directed at cybersecurity (and several more that appear cybersecurity-related.)

Looking at just the programs that appear directly cybersecurity-focused in the FY 2016 DoD RDT&E budget shows that the department budgeted nearly $780 million in FY 2014, with that level increasing to more than $1.1 billion in FY 2015 and FY2016. Further, the Air Force and DARPA have been the major players in the cyber R&D area for DoD, accounting for $844 million (72%) of the total $1.17 billion in FY 2016 requested funding. (See chart below.)


 

Implications

The R&D dollars depicted above are just part of the story. There is other cyber-related R&D spending embedded in larger efforts that contain cybersecurity elements or impacts, but ferreting out those dollars is gets tricky and can be even more imprecise. The point here is to get a sense of the size of the overall investment and where these dollars tend to be directed.

While it is important to recognize that not all of these dollars will be spent on contracts with industry partners for R&D services and technologies, the fact remains that the sustained need by DoD for more advanced cyber technologies and tools is likely to grow in both real terms and in proportion to other R&D areas. In fact, the investment in this push for greater cyber tools may easily outpace the growth rate for other areas of contractor-addressable cybersecurity within DoD. This is especially true in the support services area as the DoD strives to develop thousands of uniformed cybersecurity personnel in the coming years.

One thing seems for certain, the DoD recognizes its need to cover a lot of ground quickly when it comes to improving its cybersecurity capabilities and posture and they are looking to harness creative energies to address the need. In many ways, it’s not unlike past challenges where they have looked to partners in industry and elsewhere to come up with creative solutions. Who knows? Soon we could be looking at the cyber equivalent of duct tape.

Big Data Programs at the Defense Advanced Research Projects Agency

The Department of Defense is investing big in goods and services related to big data. This investment, however, is not spread evenly across the department. It exists instead in certain agencies where the spending is deep and related to a variety of other programs. One of these agencies is Defense Advanced Research Projects Agency, or DARPA, as it is commonly known. DARPA does research and assessments related to the applicability of cutting edge technologies to U.S. national security, including unmanned systems, robotics, cyber security, mobility, networking and computing technologies, and others.

Underlying the research and development work at DARPA are significant investments in advanced algorithms, analytics, and data fusion that illustrate the importance of “big data” to the efficient use of next generation systems and weapons platforms. Put differently, more and more of DoD’s weapons and communications systems, as well as the platforms that carry them, are becoming extremely complex. They are now so complex, in fact, that big data analytics and algorithms are necessary for them to function properly. Big data analytics and algorithms are thus a foundational technology without which an increasing number of advanced DoD weapons systems and platforms would not function.

Knowing this makes a big difference when it comes to understanding where business opportunity can be found at the DoD. Big data is such a complex subject, and its uses are so varied, that it is rare if an acquisition calls explicitly for a specific solution by name or the term “big data.” This makes selling big data solutions and services to defense customers tricky.

Getting back to DARPA, the fact is that big data is in use across the agency. It appears primarily in R&D work related to software development, algorithm design, and data fusion efforts. The two tables below identify programs that have big data requirements related to them. Table 1 lists DARPA programs in which big data goods or services are the primary requirement. Table 2 shows DARPA programs in which big data requirements are but one of many different pieces of work. These programs have been drawn from the DARPA Research, Development, Test, and Evaluation Budget Request for FY 2016.


As we can see in Table 1, spending rises from approximately $97 million in FY 2014, to the $164 million that DARPA forecasts in FY 2016. This represents a projected 69% increase over the course of three fiscal years.

Turning to the list of programs that includes both big data specific projects and those with a big data component (the gold lines in Table 2 below), we can see that the trend is the same – spending at DARPA on big data related R&D is on the rise. The increase is a more modest 21% from FY 2014 to FY 2016, but this is still a positive return in an overall declining DoD technology market.


Summing up, the DoD’s spending on big data, particularly on R&D, is rising. Because money is flowing to R&D efforts, the fact that the work is related to big data may be hidden in general project descriptions. The best thing to do when searching for big data related work is to seek out complexity. Where agencies like DARPA are conducting R&D work on complex systems, the integration of massive volumes of sensor data, the development of advanced algorithms for controlling unmanned systems, and/or fusing large data sets into common pictures, that is where you’ll find big data related spending.

 

The Other JIE: Engineering the Mission Partner Environment

All eyes are currently focused on the Department of Defense’s efforts to engineer a Joint Information Environment that will enable the secure sharing of information across the DoD enterprise, as well as the delivery of enterprise services by both the Defense Information Systems Agency and, eventually, commercial cloud partners.  There is another network integration effort going at DISA, however, which receives significantly less attention, yet its importance to the future of U.S. national security is every bit as critical.  That effort is the transformation of the Multinational Information Sharing portfolio of programs into a new Mission Partner Environment.

The current MNIS portfolio consists of four capabilities:

  • The Combined Enterprise Regional Information Exchange System (CENTRIXS), which includes the Common Mission Network Transport (CMNT) backbone that enables the management of federated networks and provides common transport for encrypted traffic between mission partners.
  • The Pegasus System, which interconnects the National Command and Control systems of Australia, Canada, New Zealand, the United Kingdom, and the United States using cross domain solutions.
  • The Combined Federated Battle Laboratory Network (CFBLNet), which provides a controlled Research, Development, Trials, and Assessment coalition information sharing sandbox for evaluating new technologies and developing new tactics, techniques, and procedures (TTPs).
  • The Unclassified Information Sharing Service (UISS) All Partners Access (APAN) Network, which provides information sharing capabilities to mission partners, U.S. Combatant Commands, U.S. Government agencies, host nations, inter-governmental organizations, non-governmental organizations, and coalition partners.

Support services for these pieces of the MNIS are currently provided under a variety of contracts held by Harris (Cross Domain Solutions), CACI (Cross Domain Solutions), Raytheon (Engineering Support), Ingenium (Program Support), SAIC (Program Support), ViaSat (Cryptographic HW), Information Analysis (Connection Approval Process), and MCP Computer Products (DNS Management).

When engineering work is complete, the component parts of the MNIS will be merged into a single Mission Partner Environment that provides interoperable email, chat, video conferencing, VoIP, and other collaboration capabilities.  The MPE will also connect to the Joint Information Environment, providing access to data located throughout the Defense enterprise.


The projected Research, Development, Testing, and Enhancement (RDT&E) budget for work related to the MNIS totals $31.1 million over five years (FY 2015-2020), averaging approximately $6.2 million per year.

One piece of the puzzle not mentioned so far is the U.S. Battlefield Information Collection and Exploitation System – Extended (US BICES-X), which will also be part of the new MPE.  Budget data for US BICES-X was classified for FY 2015, so no numbers can be provided for it here.  Investigating BICES-X for potential future business opportunity should be on industry’s radar, however, as there may be requirements at Hill Air Force Base for cryptographic HW, engineering a VTC network, and integrating Intelligence, Surveillance, and Reconnaissance components from the Distributed Common Ground System and Defense Intelligence Information Enterprise.  Requirements for program office support and technical integration support may also be available, if these haven’t been awarded already.

Lastly, commercial cloud providers take note.  DISA intends to host the UISS-APAN system in a commercial cloud environment in FY 2016.  UISS-APAN is currently hosted in DISA’s Enterprise Service Center, part of its Defense Enterprise Computing Center, in Montgomery, Alabama.  Supporting vendors include Carahsoft, Exalt Integrated Technologies, Alvarez & Associates, and DLT Solutions, which provide Software and Documentation Localization licenses, DocAve software, Google Maps, and Google Translation software and support, respectively.  DISA intends to migrate UISS-APAN to a vendor-hosted Infrastructure-as-a-Service environment, meaning that if the procurement appears soon, there are but a few competitors certified by the DoD to provide hosting services.

 

Software-Defined Networking: The Army Prepares to Reap the Rewards of Joint Modernization

For many years the U.S. Army has been the butt of jokes about the antiquated state of its information technology infrastructure.  Army personnel returning from deployments had better connectivity and IT services available to them in the field than they have in garrison and bandwidth into and out of Army camps, posts, and stations has been measured in megabytes, not gigabytes.  Dedicated Army IT professionals from the CIO/G-6 down to the Program Executive Offices have worked hard to change this situation by implementing initiatives like Defense Enterprise Email and by leading the move to a Joint Information Environment.  In doing so, they have changed the game for the U.S. Army and put the service in an excellent position to advance rapidly down the timeline of technology evolution.

Lest readers think I overstate the case for the Army’s advancements in modernizing its IT infrastructure, I refer them to a procurement that recently appeared.  The Global Enterprise Fabric acquisition (Solicitation #W91RUS15GEF1) demonstrates that the Army’s Network Enterprise Technology Command also sees the advancements that have been made.  NETCOM is seeking to take advantage of those advancements by implementing a software-defined infrastructure that enables centralized management of the JIE, Joint Regional Security Stacks, and Multi-Protocol Label Switching architecture.

That NETCOM is researching the possibility of implementing an enterprise SDN solution speaks volumes about how far the Army’s network modernization has come and where it is going.  The CONUS deployment of MPLS routers across the enterprise is targeted for completion sometime later this calendar year.  Similarly, the standing up of Joint Regional Security Stacks in the CONUS is also slated for later this year.  Add the Army’s recent transition to Defense Enterprise Email and you have a much more secure network with much higher bandwidth.  These network upgrades will also allow the Army to take advantage of cloud computing services offered by the Defense Information Systems Agency and commercial partners.

The Global Enterprise Fabric envisioned by NETCOM will help deliver computing enterprise services in three broad areas - Infrastructure-as-a-Service, Network Services, and Computer Network Defense – all of which are managed and monitored within a software-defined framework.  NETCOM’s turn to SDN is a harbinger of things to come across the DoD.  Deltek’s recent Emerging Federal Technology Markets, 2015 report documented that throughout the federal government two steps are leading agencies to SDN: modernizing IT infrastructure and planning for/adopting cloud computing. Cloud computing is not necessary for an agency to implement SDN, but in evolutionary terms the adoption (or desired adoption) of cloud may be decisive because it spurs on other foundational investments.

As agencies grow more comfortable with cloud computing, their adoption of SDN will increase or, as NETCOM’s Global Enterprise Fabric concept illustrates, their adoption of SDN and cloud computing will go hand-in-hand.  Herein lays the opportunity for those seeking new business.  Agencies already walking the path toward the cloud, particularly the use of Infrastructure-as-a-Service, will already have some idea of the viability of SDN.  Seek out those agencies making IaaS investments and you’ll find those most interested in discussing SDN as the next step.

 

Thoughts on Business Opportunity and Network Consolidation in the Department of Defense

In an effort to deliver services across the enterprise, the consolidation/convergence of information technology networks is in full swing across the federal government.  Some agencies are further along in this endeavor, while others are just getting underway.  Nowhere is this chaos of consolidation more evident than across the Department of Defense, which possesses as many as 15,000 networks.  The efforts required to converge these networks are herculean, but absolutely necessary if the DoD is to achieve the cherished goal of creating a truly “joint” information environment where networks and data are secure and interoperable. Knowing where the DoD wants to go, it is worth contemplating which parts of the department are in the best shape when it comes to network consolidation and where it might be best to seek new business opportunities.

Arguably the Navy is the furthest along in moving toward a consolidated network environment.  The Navy-Marine Corps Intranet (NMCI) project may have been a boondoggle the DoD would rather forget, but it did have the benefit of moving the Navy and Marines toward a unified environment earlier than the other Military Departments. To be sure, a vast amount of work still needs to be done to achieve the level of interoperability that the Navy and DoD desire, but it is nothing compared to the amount of effort required for the Army and Air Force to approach the level of consolidation achieved by the Navy so far.

In the Army’s case, network convergence has focused on three areas: Defense Enterprise Email, Multi-Protocol Label Switching router implementation, and standing up Joint Regional Security Stacks.  The migration to DEE is largely complete and generally has been considered a success by the Army and DoD.  MPLS deployment is currently underway, with Army officials saying that they anticipate its completion by the end of calendar year 2015.  Although MPLS is a decade-old technology it will vastly increase the amount of bandwidth flowing into and out of Army posts, camps, and stations.  The JRSS effort is also underway in concert with DISA and goals for its completion are similar to those for MPLS deployment – to have the CONUS implementation completed by the end of 2015.

As these network constructs are completed, the Army will take a hard look at selecting applications which can be moved to commercial clouds.  Activity in this area should pick up in fiscal 2016, and especially in 2017.

In contrast, the Air Force continues to struggle ahead.  Air Force officials have expressed full support for moving the Service into the JIE construct.  This means they will take advantage of the MPLS and JRSS efforts currently underway.  The Air Force has also migrated to Defense Enterprise Email.  This said, the Air Force is also in the early stages of planning what it calls a “Common Computing Environment.”  Similar to the Army’s plan for a Common Operating Environment, the AF CCE will deliver enterprise services across the Air Force.  Dissimilar to the Army’s COE, the AF CCE is far from the level of execution that the Army has already achieved with its COE.  Currently, the Air Force is developing metrics to understand how much implementing a CCE will cost.

The implications of this brief comparative view are that the most extensive IT business opportunities are likely to be found in the Air Force, Army, and Navy, in that order. Navy’s big efforts – the Next Generation Enterprise Network (NGEN) and Consolidated Afloat Networks and Enterprise Services (CANES) – are locked up in large, long-term contracted efforts.  The Army’s approach is fragmented and heavily reliant on the Defense Information Systems Agency, but the Army also has publicly expressed the greatest interest in moving applications to commercial clouds.  The Air Force will need help with the CCE and has even considered if it should award a contract for the effort.  Should the Service move forward with the CCE concept, it could easily prove to be a lucrative near-term opportunity in the years to come.

 

Defense Business Transformation Lacks Clear Priorities

The Defense Department (DOD) spends billions of dollars annually on business systems. Since 2005, investments aiming to transform the way the DOD does business have been called out on a high risk list for government efforts. Despite making some improvements in recent years, the DOD’s business modernization initiatives continue on a precarious path. 

Every two years, the Government Accountability Office (GAO) identifies government programs that are more vulnerable to fraud, waste, abuse, and mismanagement or need changes to address major challenges. Recently, the GAO released its updated list of these programs. Not surprisingly, the GAO’s High Risk List for 2015 includes several efforts related to DOD business transformation (e.g. DOD Approach to Business Transformation, DOD Business Systems Modernization, DOD Financial Management). 

Since concerns about defense business transformation arose, the DOD has established management responsibilities and issued an updated strategy for business transformation. Despite these steps, a number of elements contribute to the DOD’s business transformation appearing to be on uncertain footing. Over the past several years, turnover has been high in the Chief Management Officer (CMO) and Deputy Chief Management Office (DCMO) as well as within the Office of the DCMO. This personnel issue is compounded by the fact that no performance management practices are in place. In the absence of leading performance management practices, DOD’s CMO and DCMO have neglected to communicate priorities for its business goals. Further, the focus of leadership has been on reviewing modernization efforts rather than monitoring the overall progress of the defense business functions. 

Over the last year, Defense Business Council meetings have occurred with more consistency and have increasingly emphasized the performance of DOD’s business functions. However, no plans are currently in place to correct the issues that have been hindering business transformation progress. (The lack of corrective actions plans are particularly significant in the eyes of the government watchdog organization. These plans would meet one of the five criteria for this area to be removed from GAO’s High-Risk List.) 

Ultimately, until the DOD addresses numerous issues underlying its approach, challenges will continue to arise around its business transformation efforts. These weaknesses include the continued use of outdated processes and systems for key business functions, like financial management and logistics. For more insight on DOD business systems modernization and efforts across the government, check out Deltek’s recent Federal Industry Analysis report Federal Enterprise Business Systems, 2015.

 

Originally published for Federal Industry Analysis: Analysts Perspectives Blog. Stay ahead of the competition by discovering more about GovWinIQ. Follow me on twitter @FIAGovWin.

 

Opportunities for Cloud Providers in the FY 2016 Budget Request

As part of the President’s Budget Request for Fiscal Year 2016, the Office of Management and Budget released figures for spending on cloud computing that agencies anticipate they will make.  The figures released this year don’t provide the same granularity into spending on service delivery types and deployment models that the same data has provided in past years.  The data does, however, more closely align with spending on other categories of information technology investments in that it has been divided into operations and maintenance (O&M) and development, modernization, and enhancement categories (DME).  Putting spending (FY 2015 estimated and FY 2016 forecast) into O&M and DME buckets helps OMB understand the percentage of overall agency IT dollars that are going into cloud vs. other types of investments. It also helps industry understand where new investments are being made versus spending on steady state programs.

Top Ten Agencies Forecast to Spend on Cloud in FY 2016

Here is a list of the top ten federal agencies by forecast cloud spending in FY 2016. Keep in mind that only Civilian sector agencies were included in the data as the Department of Defense has not yet released detailed information for FY 2016.

The spending forecast in this chart totals just north of $2.4B, representing only a small percentage of what agencies spend annually on IT.  Of the agencies listed, the surprises that stick out to me are Labor and the Office of Personnel Management.  Both of these agencies are small compared to the agencies around them, especially Homeland Security and Treasury, and yet they intend to spend considerable amounts of money on cloud.

Where the New Dollars Are

How much of this spending will be new dollars?  The chart below illustrates these forecast totals in terms of O&M and DME.

As we can see, the forecast spending picture takes on a different flavor once we know where new investment is intended.  From this perspective Labor remains an attractive target for business development efforts; OPM less so.  It is Commerce, though, which emerges as the greenest field of all.

Labor and Commerce: Green Fields for Cloud Providers in FY 2016

The graph below shows the four organizations in the Department of Labor where DME (i.e., new) dollars are forecast to be spent on cloud computing in FY 2016.

The specific programs in each organization slated to receive this funding are:

Departmental Management

  • Digital Government Integrated Platform (DGIP) - $84M
  • Enterprise Consolidated Network (ECN) - $17M                                                                                                                
  • Customer Service Modernization Program (CSMP) - $1M
  • Integrated Acquisition Environment - $1M
  • National Core Financial Management System (Shared service provided by the Department Of Transportation) - $8M

Wage & Hour Division

  • Strategic Enforcement Achieves Compliance System (SEACS) & Prevailing Wage System (PWS) - $3M

Employment & Training Administration

  • ETA BPM IT Modernization - $1M

Mine Safety and Health Administration

  • MSHA Internet/Intranet Maintenance - $1M

At the Department of Commerce the following organizations forecast spending DME dollars on cloud computing in FY 2016.

The specific programs in each organization slated to receive DME funding are:

U.S. Patent and Trademark Office

  • USPTO Patent End-to-End 2 (PE2E-2) - $87M
  • USPTO Network and Security Infrastructure II (NSI-2) - $24M
  • USPTO Trademark Next Generation 2 (TMNG-2) - $9M
  • USPTO Fee Processing Next Generation (FPNG) - $8M
  • USPTO Consolidated Financial System (CFS) - $8M
  • USPTO Dissemination Capability (DC) - $6M

National Oceanic and Atmospheric Administration

  • NOAA/NWS Integrated Dissemination Program - (IDP) - $4M

Bureau of the Census

  • Census IT Infrastructure - $3M

Departmental Management

  • BusinessUSA - $2M

Department of Commerce

  • Commerce Business Application Solutions (BAS) - $1M

Despite the allocation of new dollars for cloud efforts at the USPTO, the Next Generation requirements are almost certain to be fulfilled under the Software Development Integration and Testing – Next Generation (GovWin IQ Opp #37269) and SDI-NG for Small Business (GovWin IQ Opp #63628) contracts awarded in 2011. Work for the other efforts may remain in play.

 

Progress Continues on Cyber-Physical Framework

During the summer of 2014, the National Institute of Standards and Technology (NIST) kicked off a working group effort to develop a framework and roadmaps for cyber physical systems. Mid January 2015, this public working group focused launched the second phase of its work. 

Cyber-physical systems (CPS) are often simply referred to as “smart” systems. These co-engineered systems comprise interacting networks of physical and computations components. The influx of smart technologies has expanded CPS domains to include infrastructure (grid, water, gas), buildings, emergency response, healthcare, manufacturing, transportation, and numerous others. The public working group aims to take a multi-domain perspective to ensure the research, development and deployment guidance it produces will be applicable within all CPS domains as well as supporting cross-domain applications. In particular, this group intends to address needs for a common lexicon and taxonomy as well as a reference architecture. 

These working group efforts began during the summer of 2014 with plans for the first several phases over the course of a year. The first face-to-face meeting during August launched the first phase of the initiative to draft a framework for the CPS elements. This work produced draft reports from each of the five subgroups – Reference Architecture, Use Cases, Cybersecurity, Timing, and Data Interoperability. Following the launch of the first phase, the subgroups organized meeting and collaboration to create initial documents that would eventually combine as elements of the CPS framework. 

All five subgroups completed their documents by the close of 2014, so now efforts are underway to integrate and review the work. This second phase aims to produce a combined framework document by integrating the work completed by the subgroups and refining it further. The third phase of the work will result in a CPS technology roadmap which will identify opportunities for additional collaboration and propose a timeline for follow-on efforts to address key technical challenges. 

According to the current timeline, the combined framework is expected to be finalized this spring.  The group is scheduled to have its next face-to-face meeting in April, which will conclude the framework phase and launch the roadmap activities. A draft of the roadmap is anticipated in June 2015, followed by a month of review before its finalized in July. Another, related effort underway is also being led by the NIST Engineering Laboratory’s Smart Grid and Cyber-Physical Systems Program Office. The Cyber-Physical Testbed Development Workshop is scheduled for February 24-25, 2015 and will explore future research and development areas for CPS. 

Ultimately, these efforts hope to head off several trends like the sector-specific applications of cyber-physical system deployments and the expansion of the Internet of Things without a foundation of interoperability. By drawing stakeholders from government, industry, and academia, the working group hopes to address the increasing need for systems-of-systems solutions to integrate CPS across domains. For insights on how CPS and other technologies are shaping the federal landscape, check out the Federal Industry Analysis team’s recent report on emerging federal technology markets.

 

Originally published for Federal Industry Analysis: Analysts Perspectives Blog. Stay ahead of the competition by discovering more about GovWinIQ. Follow me on twitter @FIAGovWin.

 

Buying Services as a Commodity: The DoD’s New Approach to Cloud Computing

In mid-January, the Defense Information Systems Agency released new security requirements for companies seeking to provide cloud services to Defense customers.  Industry has welcomed the Department of Defense’s new approach because it promises to greatly increase the department’s use of commercial cloud computing.  In 2015 and beyond the DoD will indeed buy more cloud services from commercial sources.  This business will, however, come at a price, because the new approach also enables Defense customers to buy cloud services as a commodity.

Reading through the guidelines it becomes clear that DISA and the DoD OCIO are putting into place a cloud-buying system that provides more than a security framework; it also standardizes to the furthest extent possible the offerings that vendors can provide.

The guidance states that DISA will categorize vendor offerings according to National Institute of Standards and Technology definitions for service delivery and deployment model.  Vendors will be required to provide DISA with clear definitions of the service delivery and deployment model types that fit their solution.  If vendors do not provide this information, DISA will define the vendor’s offering for them.  The standardized offerings will then be listed in a DoD Cloud Services Catalog that Defense customers can use to select the service they need/want.

The catalog approach has benefits for Defense customers because it simplifies the process they can use to compare commercial cloud services.  For example, an Army program manager wants to use a SaaS-based records management capability in a public cloud environment for low impact data.  Instructed to procure the capability at the lowest possible price, the PM peruses the DoD Cloud Catalog and finds several vendors with an appropriate offering.  All of the commercial offerings are SaaS-based, in a public cloud, are Federal Risk and Authorization Management Program compliant at the necessary data impact level, and promise the levels of confidentiality, integrity, and availability that the project requires.  Who does the Army program manager choose?

If you said the one that costs the least and is technically acceptable, give yourself a pat on the back.  LPTA is the result of competitions carried out in a standardized procurement environment.

What DISA and the DoD OCIO have done with the guidelines is implement a commodity-based procurement approach to IT services requirements. Presented with a catalog of approved cloud services neatly homogenized into discreet categories, Defense customers will look for vendors that have the offering they need.  Once they have identified a number of potential vendors, proposals received can be evaluated based solely on price.  Functionality, security, and cloud types have all been vetted and pre-approved.  There is no need to conduct a best value competition because most of the variables inherent to best value have already been vetted as part of its inclusion in the DOD Cloud Catalog.

In short, cloud services have been commoditized, fulfilling a long-held dream for government buyers of information technology.

 

More Entries