Streamlining the Process of Acquiring Secure Open Architecture Software Systems

Abstract

The goal of this research is to continue investigating new approaches to acquiring secure open architecture (OA) software systems for the Department of Defense (DoD). Program managers, acquisition officers, and contract managers will increasingly be called on to review and approve security measures employed during the design, implementation, and deployment of OA systems. Our efforts seek to make this a simpler, more transparent, and more tractable process. Such a process must be easy to reuse, adapt, and streamline for different system application domains to realize cost reductions and improve acquisition workforce capabilities. The research described in this report focuses on two problems in acquisition research: (1) how to best acquire secure OA software systems that include reusable software product line components, and (2) how to articulate and streamline a process for identifying and reviewing the security of OA software systems. The results show that the best ways to streamline the process for acquiring secure OA systems that are in line with DoD's Better Buying Power 2.0 (2013) guidelines are as follows: (1) encourage the adoption of open source business models; (2) provide open source models of acquisition processes; and (3) employ techniques for streamlining acquisition processes for secure OA systems through direct measurement and assessment of acquisition processes, redesign and evolution of acquisition processes, design of new acquisition processes specific to secure OA systems, and employment of cost management as an element in the design of future OA system acquisition processes. In the 2nd and 4th sections of this report, we present case studies centering on military C2 systems, such as the future C2RPC models being considered by naval commands, in line with the multi-party engineering agile adaptive ecosystem (MPE/AAE) envisioned for DISA and other government agencies.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Oct 08, 2013
Accession Number
ADA591794

Entities

People

  • Thomas A. Alspaugh
  • Walt Scacchi

Organizations

  • University of California, Irvine

Tags

Communities of Interest

  • C4I
  • Cyber
  • Engineered Resilient Systems
  • Ground and Sea Platforms
  • Weapons Technologies

DTIC Thesaurus Topics

  • Application Software
  • Computer Program Documentation
  • Computer Program Reliability
  • Computer Programming
  • Computer Programs
  • Computers
  • Control Systems
  • Electronic Mail
  • Information Systems
  • Intellectual Property
  • Internet
  • Operating Systems
  • Relational Database Management Systems
  • Software Development
  • Web Browsers
  • Word Processors

Fields of Study

  • Computer science

Readers

  • Enterprise Information Systems Architecture and Joint Command Capability Interoperability Support.
  • Software Engineering.