New Army Cyber Challenge
Fri, 05 Feb 2016 21:39:00 +0000
On November 18, 2015, the Office of the Assistant Secretary of the Army for Acquisition, Logistics and Technology (ASA(ALT)), Army Cyber Command and Second Army (ARCYBER & 2A) and TRADOC held an Industry Day to brief interested contractors on the Cyber Challenge opportunity to be released through C5. (https://www.fbo.gov/index£s=opportunity&mode=form&tab=core&id=2624a821003e97ba368836f697e533f7) This Cyber Challenge is intended to address the technical feasibility of a bottom-up approach to investigating continuous monitoring and risk scoring, focused initially on developing a risk-based score card capability tool at operational and tactical echelons with a software-based prototype solution.
The Army is in the process of compiling its requirements package. As soon as C5 receives the Request for White Papers, it will, in turn, release it to the membership.
Only C5 Members are permitted to participate in the upcoming ASA(ALT) Cyber Challenge. For more information on membership or this opportunity, please contact C5.
Army Announces Cyber Innovation Challenge
Wed, 02 Dec 2015 21:27:00 +0000

Check out the Army Cyber Innovation Challenge!

The Office of the Assistant Secretary of the Army for Acquisition, Logistics and Technology (ASA(ALT)), Army Cyber Command and Second Army (ARCYBER & 2A), and TRADOC are initiating a Cyber Innovation Challenge to investigate software-based prototype solutions.
The innovation challenge looks to industry partners - especially non-traditional defense contractors - to deliver prototype solutions for rapid evaluation using a flexible acquisition model known as Other Transaction Authority.

#Cyber #PlugFest #AFEI

Eric Westreich
PlugFest Consortium Lead
858.598.3742
eric@plugfestplus.org
PlugFestPlus.org
Government-Industry-Academia
Delivering Good Government Systems Fast
Defining Enterprise Information Value
Sat, 31 Oct 2015 13:36:00 +0000
Defining Enterprise Information Value 

Let's say that an enterprise is a complex collection of semiautonomous units that share some common goals.  An Enterprise Information System (EIS), then, is a distributed, networked, set of information processing nodes that services the units of the enterprise, and especially information transactions across the units. 

This concept of EIS is highly scalable by definition.  An arbitrarily large and growing set of processing nodes might comprise an Enterprise Information System of Systems.  A processing node might be a microprocessor or a super computer.  Subsets of EIS nodes comprise subsystems or components.  The ability to rapidly compose systems from components, and systems of systems from systems, is a central value attribute of an EIS. Accordingly, the design of an EIS must be “open” to the extent that it allows member units of the enterprise to autonomously expand and federate horizontally. 

The Value Assurance Framework (VAF) aims to improve the predicable level of global success at developing large EIS.  VAF is based on close observation of many success and failure cases, and includes artifacts that capture reusable, practices that have proven to be effective for designing, building, validating, verifying, certifying, maintaining, and operating EIS. 

Among other definitions, Merriam Webster’s first definition for value is “a fair return or equivalent in goods, services, or money for something exchanged.”  In this sense, “value” is different than “cost.”  “Value” is perceived worth, perhaps in terms of money, but not necessarily. 

Possession of a product or service sooner rather than later is often valued.  Similarly, the value of product or service usually changes over time.  It might increase (wine, antiques, tickets as the event approaches) or, decrease (used cars, electronic equipment, out-of-style clothing) over time. 

Value is often measured in terms of the effect of the procured product or service, e.g. time saved, pain reduced, pleasure achieved, productivity increased, i.e. utility.  The first definition of “utility” in the online Oxford dictionary is “the state of being useful, profitable, or beneficial.”  Hence, customer requirements are closely related to utility.  Indeed, if the customer values the utility delivered, then the customer’s requirements must have been satisfied, by definition.  This definition of utility is also consistent with the economic utility theory.  For example,  the Neumann & Morgenstern Utility Theorem explains mathematically how “rationale actors” will invest in ways that maximize the probability that they will achieve desired outcomes, but with due consideration of appetite for risk and subjective preferences.

Cost is the price of the utility delivered, perhaps in monetary terms, but not necessarily. Costs might also be measured in terms of time.  Cost can also be associated with opportunity, i.e., the customer could have bought something else, and/or the producer could have delivered something else.  

Value depends on utility, cost, and time.  


In business, a consumer’s objective is to receive maximum utility-per-cost.  A provider’s objective is to maximize the margin between the consumer’s perception of utility, measured in terms of the price she is willing to pay, and the cost to produce or provide a product or service.  In either case, best practices evolve around ability to increase the perceived margin between costs (including production time) and utility delivered.

IT is evolving so quickly and unpredictably that it makes sense to manage risks like the most successful financial portfolio mangers. VAF maps traditional acquisition artifacts and processes to the investment portfolio metaphor.
As in any other business, the objective of an EIS provider-consumer ecosystem is to focus processes and tools to produce more perceived customer utility, faster, at lower production costs.  That is, the EIS business objective is to create and continuously evolve a value delivery chain. Note that “value delivery chain” is a well-developed industrial concept.  Trademarked processes for developing customer-centric leading and lagging metrics designed to optimize enterprise value delivery chains continuously evolve.  Examples include Lean, Total Quality Management (TQM), Six Sigma, ITIL, Business Process Management (BPM), and Scrum.

VAF is informed by a broad baseline of research, analysis, tools, and literature. VAF captures recurring best practices in reusable templates.


Ultimately, the purpose of an EIS is to deliver value-added information.  Information is useful if (and arguably only if) it leads to better decisions.  A decision might be as mundane as which movie to watch, or as critical as whether or not to launch a missile at one target or another.  Regardless, measures of utility in this regard should address the confidence in, and quality of, the decision supported. 

The concept of utility is more abstract than the concept of cost or time.  That is, it can be difficult to quantify utility while costs and time are much easier to measure.  For example consumers value convenience as a utility.  What is the unit of convenience£ It might not be impossible to quantify convenience per se.  On the other hand, time-and-effort-avoided are essentially equivalent to convenience.  Time saved by making mouse clicks instead of trips to the shopping mall, or by automatically downloading data instead of entering it manually, is measurable.

Consumers value confidence and quality.  For example they want certainty (confidence) that they are choosing good cost options from among the many available alternatives of varying merit (quality). Confidence and quality are not always directly quantifiable, but there are viable proxies.  For example, various consumer guides use number-of-stars as a indicators of confidence and/or quality.  Stars can be keyed to measurable quality factors such as security, reliability, safety, timeliness, or performance in some cases.  Sometimes, even though the number of stars is ostensibly objective, that number is keyed to subjective opinions of (hopefully) trusted evaluators.  In both cases, star assignments that are backed up by trusted logos (certifications) such as Consumer Report, Underwriters’ Labs, National Institute of Standards (NIST,) or Oprah’s Book Club, make the star ratings more trustworthy. 

VAF defines utility of delivered information, as its worthiness to support a critical decision by increasing confidence in achieving desired outcomes. Critical decisions include especially changes to planned courses of actions, or allocation of resources to initiate new courses of action. Under this definition, leading measures of information utility would likely include combinations of information timeliness, breadth of data surveyed, pedigree of data surveyed, security, relevance, and reliability.  Utility might also include the concept of surprise, i.e. discovery of important new insight.  In this sense, information that provides new perspective or insight, i.e. a new worldview, is significant.  Significant information provides more utility than information that is merely relevant. Proxy measures for significance are the same Measures of Effectiveness (MoE) used to quantify targeted operational outcomes. If delivered information enhances MoE, then the delivered information must have been significant, i.e. had high utility.


VAF uses objective measures of desired EIS outcomes, e.g. probability of good or bad outcomes, proficiency scores, latency, reliability, accuracy, availability, etc., as proxy measures of EIS utility.  Choosing these metrics carefully, and properly defining their enterprise interrelationships to manage risks are critical to EIS success.  


DHS Highlights PlugFest at Maritime Security Conference
Mon, 24 Aug 2015 19:24:00 +0000
San Diego, CA - August 19, 2015 DHS Science & Technology Directorate highlights PlugFest at the Maritime Security 2015 West Conference.

Exhibitors  participated in a PlugFest hosted by the Department of Homeland Security Science and Technology Directorate. During the PlugFest  solutions providers included camera, radar, sonar, and other feeds to test integration with the Integrated Maritime Domain Enterprise. The MDE is the latest information sharing platform designed to assist law enforcement and government officials maintain coastal security and vigilence. 
Attendees are encouraged to learn about the IMDE and provide user-based feedback before the system becomes widely deployed across the United States.

The DI2E PlugFest team lended their expertise, and were a critical part of making the event a success.

The PlugFest occured throughout the conference on the exhibition floor. 

#MarSec 2015 #PlugFest #MDE

About Eric Westreich:     

        Co-founder and industry lead of the PlugFest Consortium, over 300 volunteers from government, industry, and academia working on the same problem, at the same time, together to deliver good government system fast.
        Founder of Epic Footprints designed to help you build your clear, distinct, and lasting business footprint.
The Air Force OSA OTA RFP closes on August 10th
Mon, 27 Jul 2015 19:32:00 +0000
The Air Force Research Laboratory (AFRL) Information Directorate (RI) - AFRL/RI, on behalf of the Undersecretary of the Air Force for Acquisition's Office of Transformational Innovation (SAF/AQTI), released a presolicitation notice to describe the Government's interest in establishing a Section 845 Other Transaction Agreement (OTA), with an eligible entity or group of entities (Other Transaction Lead organization), to include industry, academic, non-profit, and not-for-profit partners, for research and development efforts to support AFRL/RI and customer requirements as related to information systems. 

The Open System Acquisition Initiative (OSAI) - formerly called PlugFest Plus - is part of the Secretary of the Air Force's Bending the Cost Curve Initiative. The Government anticipates establishing an OTA with a new or existing consortium that has significant non-traditional contractor participants. 

The goal of this consortium community is to research, develop, test, measure, demonstrate, integrate, and deliver tools for the Air Force using "open-systems" based Command, Control, Communications, and Cyber, Intelligence, Surveillance & Reconnaissance (C4ISR) information sharing Information Systems (IS).  These systems include: Distributed Common Ground Station (DCGS); Theater Battle Management Core Systems (TBMCS); Air Operations Center-Weapon System (AOC); Open Mission System (OMS); SecureView; Information Support Server Environment (ISSE) Guard; Cybersecurity environments; Web Temporal Analysis System (WebTAS); Combined Information Data Network Exchange (CIDNE); Collaboration Gateway (CG) and other systems to be determined by the Government. 

#PlugFest #plugfestplus @agileacquisition 
New Air Force Open Systems Architecture Presentation
Sun, 28 Jun 2015 23:49:00 +0000
Washington DC, June 22, 2015: New Air Force Open System Architecture Presentation Available.

In order to help PlugFest Plus Participants, a new presentation on Open Systems Architecture is available to view and download at www.plugfestplus.org.

This presentation will help participants, understand the lessons learned during the latest PlugFest Plus Agile Government Systems event.

#plugfest #plugfestplus #agile acquisition

About Eric Westreich:     

        Co-founder and industry lead of the PlugFest Consortium, over 300 volunteers from government, industry, and academia working on the same problem, at the same time, together to deliver good government system fast.
        Founder of Epic Footprints designed to help you build your clear, distinct, and lasting business footprint.
Using Your Customers, Customers as a Critical Metric
Tue, 16 Jun 2015 17:14:00 +0000
San Diego, CA Jun 15, 2015:
At the San Diego Startup Week,  Evan Malter, founder of ZipCap spoke about making a difference with a new metric for business loans.


Evan Malter speaks about the measure of business risk.

ZipCap uses customer loyalty  as the primary measure for financial credit-worthiness. Customers increase opportunities for business loans simply by saying, "I'll be back," with no other obligations.

According to ZipCap,  
"ZipCap was founded on a mission to support local Mom & Pops and is being built by a team of passionate localists who know that we can make a difference. We love local businesses and the people behind them. We love what these businesses mean for our towns, for our economies and for the way people feel and interact in our world. We know we are not alone."
Successful PlugFests are built on a foundation of Agile Verification and Validation, in other words measuring the right things and ensuring that those measurement are directly connected to desired customer outcomes.

What lessons does ZipCap hold for agile government systems acquisition£ There are creative ways to use customers of customers as sources for metrics.

#SDSW #zipcap #plugfest #plugfestplus #agile acquisition

About Eric Westreich:     

        Co-founder and industry lead of the PlugFest Consortium, over 300 volunteers from government, industry, and academia working on the same problem, at the same time, together to deliver good government system fast.
        Founder of Epic Footprints designed to help you build your clear, distinct, and lasting business footprint.
Startups and PlugFest£
Mon, 15 Jun 2015 14:14:00 +0000
Are startup companies a good PlugFest partner£

I will be at San Diego Startup Week investigating. #sdstartupweek #plugfest #plugfestplus

About Eric Westreich:     
        Co-founder and industry lead of the PlugFest Consortium, over 300 volunteers from government, industry, and academia working on the same problem, at the same time, together to deliver good government system fast.
        Founder of Epic Footprints designed to help you build your clear, distinct, and lasting business footprint.



More App Challenges!
Wed, 10 Jun 2015 01:13:00 +0000
Human Health and Climate App Challenge is using data that the White House shared as well as other data sources.Mobilizing GIS to Boost Climate Resilience

About Eric Westreich:     
        Co-founder and industry lead of the PlugFest Consortium, over 300 volunteers from government, industry, and academia working on the same problem, at the same time, together to deliver good government system fast.
        Founder of Epic Footprints designed to help you build your clear, distinct, and lasting business footprint.
Can Citizens Write Apps for a City£
Wed, 03 Jun 2015 02:52:00 +0000
San Diego, May 31, 2015: 

Can citizens take advantage of open data to write software apps for the benefit city residents£ The City of San Diego,  AT&T, and CyberTECH launched a Hackathon on May 30 - 31, 2015 to find out.


The data to drive citizen-delivered-apps was provided by San Diego's Open Development Services Department (Open DSD) as part of their Open Data initiative, and San Diego's Smart City efforts.

Gary Hayslip, Deputy Director of IT, and Chief Information Security Officer for the City of San Diego said, "This event has shown the value of combining innovation, open data, the cloud, and mobility. We want to let the citizens create the city's first mobile apps...for the betterment of the city. Citizens are creating apps that all of us can use."

The seventy challengers came from all over San Diego and Southern California, and formed nine teams to help the city. Often meeting each other for the first time at the event, the teams included a wide range of ages and nationalities including Fathers and sons, a father and daughter, and people speaking French, Italian, Spanish, Romanian, Russian and English. Working together for 24 hours, they created secure and useable software, using data submitted to the city over the years for everything from building a house to installing solar panels or opening businesses. 


Sergio and Ana Fernandez, winners of the "best use of technology," created an easy-to-use mobile app to find out which factors impact neighborhoods. "When I was looking for an apartment there was lots of data," said Ana Fernandez. "But it was difficult to see what neighborhood crime, noise, and vandalism was like. We made it easy." 


Michael Pacholec (AT&T), Sergio Fernandez, Ana Fernandez, Gary Hayslip (City of San Diego) Darin Andersen (CyberTECH), Jim Myers (City of San Diego)
Michael Pacholec (AT&T), Sergio Fernandez, Ana Fernandez, Gary Hayslip (City of San Diego) Darin Andersen (CyberTECH), Jim Myers (City of San Diego)


The event was viewed by all as a major step forward in making open data useable. Bill Musson, an engineer with event sponsor Splunk, said, "Pulling such an event together on a shoestring that provided such value in matching government data with results is a great accomplishment."

Michael Pacholec, Director of Developer Evangelism for AT&T, said, "We accomplished our mission of having developers come together and build apps that are of real value to people."

Ed Arenberg, IOS developer and challenger, summed up challenger sentiment when he said, "They took excellent care of us. Great mentoring, great resources, and great food."

See for yourself if the event was successful by checking out the winning Team's app Onesto, for choosing contractors based on city data and real contractor results.



 #hackathon #openDSD #atthack2015 #opendata


About Eric Westreich:     
        Co-founder and industry lead of the PlugFest Consortium, over 300 volunteers from government, industry, and academia working on the same problem, at the same time, together to deliver good government system fast.
        Founder of Epic Footprints designed to help you build your clear, distinct, and lasting business footprint.
More Collaboration within PlugFest Community
Tue, 26 May 2015 22:21:00 +0000
The Continuous Transformation Environment (CTE) Gov enclave is a secure environment currently providing demonstrations, experimentation and support.

According to Thomas W. Preston, Chairman, CTE Center for Research and Research Professor, GMU, "We are here to assist when you need the environment. "Secure Net" within our unclassified environment, aligned with ICITE,  houses the necessary framework , links, nodes and platforms to test, verify and simulate operationally relevant capabilities needed to fill the gaps and understand where/how those solutions would fit (or not) in a Joint Information Environment (JIE) for distributed solutions to the war fighter."

CTE includes a scif'd environment as well,  which is ready to review and adapt successful capabilities with those relevant solutions relative to necessary MLS  environment and are supported by the Intelligence Community and DoD.  

Efforts are continuing across the PlugFest Community for collaborative research and verification with Industry, Government and Academia.
The PlugFest Plus Platform
Thu, 21 May 2015 00:08:00 +0000
This year’s PlugFest Plus leverages a continuously provided platform for:

        • Participants to remotely develop, test, and demonstrate their capabilities
        • Operators to use the new capabilities in a representative environment
        • Evaluators to have complete understanding of the platform on which testing occurs

The common environment was created in Hanscom milCloud (HmC) and is identical for all participants. The HmC resource provides an industry standard, x86 cloud resource for development and test activities.

The environment provides complete control of the “Government Furnished Equipment”, including custom templates, image files and data. Participants can deploy environments on demand, at their convenience (with a push of a button) and not worry about breaking anything or performing complex installation instructions.  Each participant has as many working integrated GEOINT Workflow Enhancement (GWE) environments as needed that do the following in their private cloudspace:

        • Deploys and configures UnicornDB, SOCET GXP v4.1, and GDES v0.12.0 (detailed asset list below)
        • Joins a domain that includes a SOCET GXP license server and a shared drive
        • Adds and configures unique users for each team
        • Mounts the shared image server with appropriate permissions for each team

Every time the deployment is launched it is automatically built in the exact same way for each participant. If participants need to include a new or updated piece of software (e.g., different version of Firefox or JDK) or make any configuration updates they change that part of the “recipe" and redeploy immediately. Users can also deploy multiple copies in parallel, up to their capacity limit in the cloudspace. People with the appropriate permissions can remotely access this environment. Specifics of the on-demand environment include:

        • SOCET GXP Client
                • Windows Server R2 2008
                • Firefox 30
                • Notepad Plus Plus
                • 7-Zip
                • Adobe Acrobat Reader
                • Oracle JDK for Windows
                • SOCET GXP 4.1
                        • PostgreSQL
                        • Video Codecs
                        • Dev Kit
                        • GWE Configuration
        • SOCET license server
        • Custom Image Templates
        • OBC NITF Imagery Share
        • Writeable workspace
        • SOCET license server
        • Unicorn Database
        • GDES Client
                • Firefox 30
                • Notepad Plus Plus
                • 7-Zip
                • Adobe Acrobat Reader
                • Oracle JDK for Windows
                • Nitro NITF for Windows
                • pGina for Windows
                • DDF for Windows
                • GDES
The persistent plugfest environment
Mon, 18 May 2015 22:59:00 +0000
Your participation in PlugFest is most likely due to your goals in helping warfighters get their job done, saving lives in a disaster, or training our future decision makers and technology providers.

Years of PlugFest events have been fine tuned to those same goals. However, you have often had  had to help set up the network, load your technology, and meet the other players for the first time.

We may be nearing a dream that many of us have had, to have a persistent environment that would shorten the time to get started, because the necessary technical components would already be connected, and many of the key players would already know each other and each other's technology.

The persistent PlugFest environment would continuously
  • provide and platform for testing and selecting government IT systems
  • make it easy to provide needed capability in emergencies
  • research agile acquisition best practices, and train our future leaders and technology providers
What do you think the persistent PlugFest environment would do£

#PlugFest #PlugFestPlus #AgileAcquisition
ACADEMIC PLUGFESTING
Tue, 12 May 2015 00:55:00 +0000
ACADEMIC PLUGFESTING

New graduates with strong software development skill are in high demand across the USA. Defense and Intelligence systems that provide an edge in today's fractious international environment are software-intensive and need competent new developers. Sad to say, the recent track record for such software is not good; the rapid, user-oriented development capability associated with plugfesting addresses some of their key weaknesses. Thus a working familiarity with plugfesting is highly desirable in new hires to develop Defense and Intelligence software.
Two institutions of higher learning in particular have established track records in working with students to prepare them for plugfesting. These are San Diego State University (SDSU) and George Mason University (GMU). The two share some common characteristics: they are located in areas where Defense and Intelligence software development is highly active; they take an innovative, technology-focused approach to education; and many of their students go on to work for Defense and Intelligence contractors.
On behalf of myself and of Steve Price of SDSU, I’m here to report that:
-       The standard IEEE/ACM curriculum in Computer Science does not yet include Web Applications, the core skill set for plugfesting; so we are starting our own elective courses
-       Our students perform very well in plugfesting, given adequate orientation and mentorship
-       It is hard to get student attention to plugfesting because of the wide variety of other topics that attract their attention and the limited hours students have available for extra-curricular activities given their full schedules (many of them have part-time jobs)
-       We have demonstrated that, if we have resources to provide an attractive environment for plugfesting, we are able to engage more students
Bottom line: plugfesting is a great way to prepare students for improved Defense and Intelligence software development; but competition for student attention is fierce; with more resources we could do it more effectively.
Mark Pullen
Professor of Computer Science
George Mason University
Feed Fetched by RSS Dog.