Acquisition Regulations and Offshore Software Development: Implications for Cybersecurity of DOD Networks

Abstract

Malicious code, such as Zero-day exploits, utilize vulnerabilities in Commercial-Off-The-Shelf (COTS) software to cause damage in cyberspace. Because of the prevalence of offshore software development, COTS software is exposed to increased vulnerabilities and provides access for our adversaries to manipulate software code. Defense networks are built primarily on COTS products and software because our acquisition rules are focused on streamlined procurement of COTS Information Technology (IT) products in Federal government organizations. This paper will show that updates to our Federal Acquisition Regulations (FARs) could increase our understanding of the origin of software code and provide access to source code for in-depth vulnerability analysis providing improved cyber security.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Feb 14, 2013
Accession Number
AD1018805

Entities

People

  • Roman L. Hund

Organizations

  • Air War College

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Air Force
  • Computer Programming
  • Computer Programs
  • Computers
  • Cyberspace Operations
  • Government Procurement
  • Governments
  • Information Systems
  • Intellectual Property
  • National Security
  • Operating Systems
  • Organizational Structure
  • Public Policy
  • Software Development
  • Software Testing
  • United States Government
  • War Colleges

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Defense Acquisition Program Management

Technology Areas

  • Cyber