Federal IT Impacts Within the FY 2018 NDAA, Part 2

Congress passed and President Trump signed a $700 billion National Defense Authorization Act (NDAA) for fiscal year (FY) 2018. In the annual defense policy bill Congress authorized $692.1 billion in spending for the Department of Defense – made up of $626.4 billion for the base defense budget and $65.7 billion for Overseas Contingency Operations (OCO), or war funding – and $8 billion for defense-related spending at other departments. Final spending figures will not be settled until Congress passes an actual Department of Defense (DoD) appropriations bill, which is still working its way through Congress. However, the meat of where the DoD will be focusing their efforts in the current fiscal year (and, in some cases, beyond) is contained in the NDAA Conference Report.

The annual NDAA an important bill to watch and relevant to the federal IT landscape because Congress customarily uses the bill to set some direction for information technology (IT) policy and acquisitions at the DoD as well as for the rest of the federal departments and agencies.

In a previous entry I noted several DoD and government-wide IT implications in the FY 2018 NDAA. In this entry I’ll cover a few others that jump out to me. Specifically, in the areas of software and some emerging technologies, the FY 2018 NDAA includes the following elements:

Software

• Agile development pilots – Directs the SECDEF to identify between 4 and 8 software development activities within the DoD or MILDEPS and pilot the use of modern agile methods, to include open source approaches. Additionally, requires the SECDEF to establish within 30 days a pilot program to use agile or iterative development methods to tailor major software-intensive warfighting systems and defense business systems. Criteria for system selection include risk, cost and schedule issues, and lack of delivery of operational capability.
• Open source software – Requires DoD to manage their unclassified, non-defense article, custom developed computer software code using open source licenses and an open source software repository, to consult DoD experts when updating DFARS and drafting additional policies on the use of open source software and to make use of existing DoD open source resources where possible.
• Noncommercial software acquisitions – In the acquisition of noncommercial software, requires DoD to consider of the acquisition of all software and related materials necessary to reproduce, build, or recompile the software from original source code and required libraries; to conduct required computer software testing; and to deploy working computer software system binary files on relevant system hardware.

Emerging Technologies

• Artificial intelligence and machine learning for geospatial activities – The legislative proposal was to expand the National Geospatial- Intelligence Agency’s (NGA) authority for commercial partnerships beyond current DIB companies in order to advance artificial intelligence and machine learning to help automate the exploitation of NGA data. While no provisions were adopted to expand the NGA’s authorities here, the NDAA conference committee did encourage NGA to use all existing available authorities and opportunities to advance these capabilities, including by working with the Defense Innovation Unit Experimental (DIUx) and DIUx DataHub contractors. The conferees also encouraged NGA to continue to work within the DoD to further develop similar legislative proposals for consideration in the FY 2019 NDAA.
• Emerging technologies for explosive ordnance disposal – Provides for authorities for DoD Explosive Ordnance Disposal (EOD) units to acquire new or emerging EOD technologies and capabilities not listed among approved products.

Implications

These varied provisions and others show how the DoD continues to grapple with numerous issues in maximizing their IT infrastructure and mission support technologies – to make them more effective, efficient, innovate, responsive, cost-effective and secure. Like other federal departments, the DoD is faced with the challenge of maintaining and maximize their legacy IT while trying to modernize it in economical and timely fashion – challenges that have dogged the department for years, if for no other reason than the sheer size, scope and complexity of their IT environment and applications portfolio.

Also evident in numerous DoD initiatives and provisions within the NDAA is the DoD’s efforts to find ways to leverage the latest proven and emerging technologies to both increase their mission effectiveness and reduce vulnerabilities and risk exposure to both persistent threats – physical and cyber – as well as technological obsolescence and costly maintenance.