Call for Info regarding CDAO's Testing and Evaluation (T&E) Directorate's requirements for its Joint AI Infrastructure Capability (JATIC) environment. The Government is requesting information on IT cloud services including an integrated DevSecOps pipeline to be used by several software vendors developing software for the Government.

11/07/2022 at 09:00 AM EST

           

SCOPE OF SERVICES 

To fulfill the objectives as defined in the background, the CDAO envisions that the contractor will need to provide the following environment deliverables with support services. The bulk of the underlying infrastructure will need to be designed, approved, implemented, and operational within 60 days of contract award. 

1. An IL4, NIST 800-53 compliant cloud architecture for the JATIC Integration Environment. The infrastructure for this environment will follow an “infrastructure-as-code" approach. The contractor shall provide documentation to includes the technical architecture, infrastructure-as-code source files, and management and operations procedures.

The environment must:

• Support DoD-approved multi factor authentication mechanisms besides CAC (Common Access Card) because JATIC Tool Vendors will often not have CAC.
  
• Provision IL4 cloud services and configure them in accordance with the approved JATIC Integration Environment architecture utilizing an approved FedRAMP (Federal Risk and Authorization Management Program) authorized Cloud Service Offering. 
• Operate in accordance with established Department of Defense procedures for IL4 cloud environments. This includes maintaining software patches, ensuring secure operation, and performing necessary configuration changes to facilitate JATIC tool development, testing, and demonstration. 

Additional development required within the environment:

• JATIC Tool DevSecOps Pipeline: As part of the JATIC Integration Environment, work with the JATIC project team to design, implement, and operate a JATIC Tool DevSecOps Pipeline. JATIC Tool Vendors will submit artifacts, including source code and containerized software, from JATIC tool vendor-controlled Internet-connected systems to the JATIC Integration Environment. This will trigger an automated workflow performing automated security and integration tests of the artifacts, as well as deployment inside the JATIC Integration Environment for manual user interaction testing. Vendor tool source code is primarily in the form of Python libraries. 
• JATIC Integration Environment Sandbox: As part of the JATIC Integration Environment, the sandbox will be an environment for user testing and demonstration of the JATIC tools. The Sandbox will consist of web-accessible virtual desktops with JATIC tools, development tools, and access to other JATIC materials such as training documentation, sample AI models, and sample data. 

2. Environment support services, including:

• Supporting JATIC project documentation requirements
• Managing user accounts, software installation, and software and cloud service configuration, in coordination with the CDAO JATIC Government Task Lead
• Facilitating onboarding of JATIC tool vendors to the JATIC Tool DevSecOps Pipeline. This includes provisioning accounts and configuring the pipeline to support test, evaluation, and deployment of the capabilities the vendor is developing as part of the JATIC program
• Remediating and documenting any system outages, coordinate downtime, and troubleshoot user issues.
  

            

Small businesses are strongly encouraged to reply. 

Any statement submitted in response to this Call should be no more than five (5) pages (not including a cover sheet), single-spaced, using Times New Roman 12-point font.