Challenge Details
Tracking Number

TW-2023-125

Organization

Joint Federated Assurance Center (JFAC)

Start Date

Jan 9, 2023

End Date

Feb 1, 2023
Current Status

Closed

Registration

Open

1 Attachment

To find out more information about this Challenge, please signin or register for an account.
More Challenges

No additonal Challenges were found.

testimonial
JFAC Automated, Enterprise Scale, Assurance Case Framework
Challenge Summary
Description
JFAC is collecting market research to establish a potential FY23 pilot demonstration project by first assessing the current state of the art enterprise assurance technology landscape that addresses some or all technology gaps. JFAC’s vision is to build trust through holistic assurance. Holistic assurance is the comprehensive, traceable, and composable connections across hardware and software components that comprise a system, aggregation across the system of systems, and linked to mission impacts and effects. JFAC is interested in understanding the technology landscape, adoption of the technology by DoD programs or enterprise initiative, and exploring opportunities for novel approaches of bringing context to decision making at speed and scale, integrating evidence and artifacts across the digital ecosystem.
ADDITIONAL INFORMATION
Submission Deadline:
02/01/2023 at 12:00 PM EST
ORGANIZATION:
          The Joint Federated Assurance Center (JFAC)’s mission is to provide assurance solutions to the federation of Department of Defense (DoD) customers and program offices for weapon systems, information systems, and national security systems.  Due to the unique reach of JFAC across the DoD, considerations for enterprise-wide approaches of addressing Trust and Assurance is at the core of JFAC’s pursuits (see Figure 1).


Figure 1 Definitions of Trust and Assurance


JFAC’s vision is to build trust through holistic assurance.  Holistic assurance is the comprehensive, traceable, and composable connections across hardware and software components that comprise a system, aggregation across the system of systems, and linked to mission impacts and effects (see Figure 2).

 
 
 
Holistic Assurance
                                   

Figure 2 Holistic Assurance

 
 
 
BACKGROUND:
          Currently, assurance efforts are often segmented, caused by various drivers: operating domains, system types, organizations, governance, authorities, funding sources, infrastructure segmentation, competency areas, technology, and life cycle processes.  Moving forward, trends across the DoD enterprise are towards digital transformation through commercial cloud adoption, federated data exposure through Application Programming Interfaces (API), analysis through big data analytics, and data-informed decision-making.  To that end, opportunities exist to aggregate data across a federated eco-system of data repositories containing evidence that support various assurance activities (see Figure 3).


Figure 3 JFAC's Federated Data Enabling Holistic Assurance Approach

 
PROBLEM STATEMENT:
    The DoD’s leading data analytics platform pulls data across multiple systems of records via APIs to run analytics; however, the current model continues to propagate analytic segmentation via organizational or competency-specific applications for narrow use cases and decisions.  Oftentimes, a dashboard showing metrics linked to data is primarily the end state.  However, what is consistently lacking is context, the ability to present various viewpoints across subject matter expertise, cause and effect linkages, and effective enterprise-scale risk management enabling mission effective decision-making at speed and scale.


Technology Gaps:

  • Holistic: Maximizing the discovery of vulnerabilities within components across the life cycle (including supply chains), linked to system and mission effects, and aggregated across the DoD portfolio of all-domain system-of-systems.
  • Persistent: Continuous evaluation of enterprise risks, integrating new knowledge and insights as discoveries occur across the digital ecosystem, for the purposes of migrating from reactive issue management towards proactive risk mitigation.
  • Comprehensive: Aggregation across various data-sets, domain knowledge, root-cause corrective course of action recommendation, and diverse set of risks across categories above program-level towards enterprise, national, and global risks.
  • Contextualized: Adding context surrounding issues that require decisions to combine both qualitative (subject matter experts) and quantitative (data/analytics) information in a framework of evidence traced to arguments and claims supporting an assurance case, where the credibility is based upon the strength of the evidence and underlying sources.
  • Automated: Minimization of manual workflow process towards automation in support of decision-making at the speed of mission.
DESIRED END STATE:
          All DoD data captured and ingested into systems of record, properly curated to support all value generating workflows, leveraging data standards/ontologies/taxonomies, exposing data to the enterprise through APIs, aggregating across all systems (weapon systems, information systems, national security system) all domains (cyber, information, decision, space, air, land, sea) and competencies (acquisition, contracting, financial, budget, engineering, procurement, manufacturing, fielding, sustainment, operations, modeling, simulation, cybersecurity, etc.), capturing and managing/mitigating all risks (program/system, enterprise, global) with proper linkages to all arguments, claims/counter-claims, evidence, and sources supporting all decision making by all stakeholders within organizational/governing authorities.
 
 
 
MARKET RESEARCH:
         

JFAC is collecting market research to establish a potential FY23 pilot demonstration project by first assessing the current state of the art enterprise assurance technology landscape that addresses some or all of the aforementioned technology gaps.


Capability Description: brief description of the assurance technology, identify any novel innovations associated with the approach, current technology maturity (Technology Readiness Level 1-9), potential DoD enterprise value proposition, current technology adoption within the DoD or intelligence community (technology project level, program-office system level or enterprise level), and future scalability of proposed solution.

Acquisition Pathways to Capability: identify how the government has or can currently procure your assurance technology:

  • Commercial Items (TRL 9) via software license procurement
  • Prototype or actual system being qualified through test and evaluation (TRL 7-8) via FAR-based contract
  • Component/subsystem/system prototype and demonstration (TRL 4-6) via Other Transaction Authority (OTA) contracts
  • Research phase, basic or applied research (TRL 1-3) via grants, R&D agreements

End State Roadmap: long-term roadmap with transition and scaling towards enterprise adoption with supporting rough order of magnitude (ROM) cost estimates in an idealized unconstrained resource environment across a five-year timeline or longer, if needed.

 
 
 
HOW YOU CAN PARTICIPATE:
         

Requesting industry to provide responses through an initial phase of submission.  Responses shall be limited to no more than 4 pages of content plus an additional cover page:

  • Cover page (1 Page)
  • Capability Description & Acquisition Pathways to Capability (3 Pages)
  • End State Roadmap (1 Page)
 After responses have been reviewed, further outreach could occur to refine topics for specific application and use cases.
 
 
Point of Contact

Name

Brian Nowotny

Email

brian.m.nowotny.civ@mail.mil

Title

JFAC Director

Phone

Not Provided