DoD Joint Federated Assurance Center (JFAC) 2017 Update

Similar documents
Mission Integration Management NDAA 2017 Section 855

Department of Defense (DoD) Trusted Microelectronics

Department of Defense INSTRUCTION. Protection of Mission Critical Functions to Achieve Trusted Systems and Networks (TSN)

Department of Defense DIRECTIVE

Mission Integration Management NDAA 2017 Section 855

Middle Tier Acquisition and Other Rapid Acquisition Pathways

UNCLASSIFIED R-1 ITEM NOMENCLATURE

DoD Cloud Computing Strategy Needs Implementation Plan and Detailed Waiver Process

DEPUTY SECRETARY OF DEFENSE 1010 DEFENSE PENTAGON WASHINGTON, DC SUBJECT: Implementation of Microsoft Windows 10 Secure Host Baseline

UNCLASSIFIED. FY 2016 Base FY 2016 OCO

US Department of Defense Systems Engineering Policy and Guidance

New DoD Approaches on the Cyber Survivability of Weapon Systems

CHAIRMAN OF THE JOINT CHIEFS OF STAFF INSTRUCTION

U.S. Air Force. AF Cyber Resiliency Office for Weapon Systems (CROWS) I n t e g r i t y - S e r v i c e - E x c e l l e n c e

UNCLASSIFIED. UNCLASSIFIED Office of Secretary Of Defense Page 1 of 8 R-1 Line #163

Protecting US Military s Technical Advantage: Assessing the Impact of Compromised Unclassified Controlled Technical Information

Department of Defense Investment Review Board and Investment Management Process for Defense Business Systems

CHAIRMAN OF THE JOINT CHIEFS OF STAFF INSTRUCTION

Department of Defense DIRECTIVE

UNCLASSIFIED. R-1 ITEM NOMENCLATURE PE D8Z: Department of Defense Corrosion Policy and Oversight FY 2013 OCO

DEFENSE LOGISTICS AGENCY HEADQUARTERS 8725 JOHN J. KINGMAN ROAD FORT BELVOIR, VIRGINIA

Department of Defense INSTRUCTION

Strategic Cost Reduction

UNCLASSIFIED FY 2016 OCO. FY 2016 Base

Department of Defense INSTRUCTION

UNCLASSIFIED. FY 2016 Base FY 2016 OCO

UNCLASSIFIED. FY 2016 Base FY 2016 OCO

Perspectives on the Analysis M&S Community

Department of Defense INSTRUCTION

UNCLASSIFIED R-1 ITEM NOMENCLATURE

Department of Defense DIRECTIVE

UNCLASSIFIED. FY 2016 Base FY 2016 OCO

Department of Defense INSTRUCTION

Rapid Innovation Fund (RIF) Program

Department of Defense DIRECTIVE. DoD Executive Agent (EA) for the DoD Cyber Crime Center (DC3)

CHAIRMAN OF THE JOINT CHIEFS OF STAFF INSTRUCTION

Middle Tier Acquisition and Other Rapid Acquisition Pathways

Department of Defense INSTRUCTION. DoD Joint Services Weapon and Laser System Safety Review Processes

UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

Information Technology

DoDI ,Operation of the Defense Acquisition System Change 1 & 2

Defense Acquisition Guidebook Systems Engineering Chapter Update

NAVAIR IT Compliance

Engaging the DoD Enterprise to Protect U.S. Military Technical Advantage

Department of Defense INSTRUCTION

DEPARTMENT OF THE NAVY HEADQUARTERS UNITED STATES MARINE CORPS 3000 MARINE CORPS PENTAGON WASHINGTON, DC

STRL Update 13 May 2016

DoD Mentor Protégé Program. Shannon C. Jackson, Program Manager DoD Office of Small Business Programs

Department of Defense INSTRUCTION. SUBJECT: Physical Security Equipment (PSE) Research, Development, Test, and Evaluation (RDT&E)

National Security Cyber Trends ALAMO ACE Presentation

Department of Defense INSTRUCTION

2016 Major Automated Information System Annual Report

Development Planning Working Group Update

Acquisition of Information Technology Trends Within The Department of Defense

Department of Defense INSTRUCTION

Department of Defense INSTRUCTION

Information Technology Expenditure Approval Authority

Subj: INFORMATION MANAGEMENT/INFORMATION TECHNOLOGY POLICY FOR FIELDING OF COMMERCIAL OFF THE SHELF SOFTWARE

UNCLASSIFIED R-1 ITEM NOMENCLATURE

Product Support Manager Workshop. Rapid Capabilities. Mr. Chris O Donnell Director, Joint Rapid Acquisition Cell

Improving the Department of Defense Services Acquisition Tradecraft What s New in 2017

UNCLASSIFIED FY 2016 OCO. FY 2016 Base

Department of Defense INSTRUCTION

UNCLASSIFIED R-1 ITEM NOMENCLATURE. FY 2014 FY 2014 OCO ## Total FY 2015 FY 2016 FY 2017 FY 2018

A New Approach for Delivering Information Technology Capabilities in the Department of Defense

A udit R eport. Office of the Inspector General Department of Defense. Report No. D October 31, 2001

BUILD OPERATE SECURE DEFEND

Department of Defense INSTRUCTION

CHIEF NATIONAL GUARD BUREAU INSTRUCTION

Test Resource Management Center (TRMC) Perspective

Department of Defense DIRECTIVE. SUBJECT: DoD Management of Space Professional Development

UNCLASSIFIED. UNCLASSIFIED Air Force Page 1 of 8 R-1 Line #89

Department of Defense DIRECTIVE

Middle Tier Acquisition and Other Rapid Acquisition Pathways

REQUIREMENTS TO CAPABILITIES

UNCLASSIFIED. UNCLASSIFIED Navy Page 1 of 7 R-1 Line #31

DOD INSTRUCTION MISSION ASSURANCE (MA) CONSTRUCT

Defense Services Acquisition Functional IPT Meeting

Information Technology

Department of Defense INSTRUCTION

UNCLASSIFIED. FY 2017 Base FY 2017 OCO. Quantity of RDT&E Articles Program MDAP/MAIS Code: Project MDAP/MAIS Code(s): N42

DOD MANUAL ACCESSIBILITY OF INFORMATION AND COMMUNICATIONS TECHNOLOGY (ICT)

Department of Defense INSTRUCTION

Developmental Test & Evaluation OUSD(AT&L)/DDR&E

Subj INSTALLATION GEOSPATIAL INFORMATION AND SERVICES

U.S. Air Force. AF Cyber Resiliency Office for Weapon Systems (CROWS) I n t e g r i t y - S e r v i c e - E x c e l l e n c e

Department of Defense DIRECTIVE

UNITED STATES ARMY SOLDIER SUPPORT INSTITUTE ADJUTANT GENERAL SCHOOL

CHAIRMAN OF THE JOINT CHIEFS OF STAFF INSTRUCTION

THE UNDER SECRETARY OF DEFENSE WASHINGTON, DC

CHAIRMAN OF THE JOINT CHIEFS OF STAFF NOTICE

2016 Major Automated Information System Annual Report. Department of Defense Healthcare Management System Modernization (DHMSM)

Department of Defense DIRECTIVE

UNCLASSIFIED. FY 2016 Base

Future of Federal Acquisition Small Business. Calvin Jenkins Sr. Manager, Small Business SourceAmerica

FY19 Warfighting Lab Incentive Fund Project Proposal Background and Instructions

Department of Defense INSTRUCTION

CRS prepared this memorandum for distribution to more than one congressional office.


Department of Defense INSTRUCTION

Transcription:

DoD Joint Federated Assurance Center (JFAC) 2017 Update Thomas Hurt Office of the Deputy Assistant Secretary of Defense for Systems Engineering 20th Annual NDIA Systems Engineering Conference Springfield, VA October 26, 2017 Oct 26, 2017 Page-1

How Did We Get Here? LEGEND Policy & Guidance Congressional Actions Reports 2012 Two Questions for the Record 2017 Enclosure 14 -- Cybersecurity DoDI 5000.02 2000 2010 2017 2004-2006 DoD Software Assurance (SwA) Tiger Team 2011 DoD SwA Strategy FY11 NDAA, Sec. 932 2013 SwA Automation FY13 NDAA, Sec. 933 2014 Establish JFAC FY14 NDAA. Sec. 937 2017 JFAC SwA Capability Gap Analysis DSB Task Force on Cyber Supply Chain Congress and DoD have acknowledged the need for increased software assurance to improve confidence in secure and resilient weapon systems for over a decade. JFAC: Joint Federated Assurance Center Oct 26, 2017 Page-2 Distribution A Statement. Approved for public release by DOPSR. Case # 17-S-2487. 18-S-0071. Distribution is unlimited.

Joint Federated Assurance Center (JFAC) FY14 NDAA Section 937 Joint Federated Assurance Center (JFAC) Key provisions: Charter elements: Role of federation in supporting program offices provide for the establishment of a joint federation of capabilities to support the trusted defense system needs to ensure security in the software and hardware developed, acquired, maintained, and used by the Department consider whether capabilities can be met by existing centers [if gaps] shall devise a strategy [for] resources [to fill such gaps] [NLT 180 days, SECDEF shall] issue a charter submit to congressional defense committees a report on funding and management SwA and HwA expertise and capabilities of the Federation, including policies, standards, requirements, best practices contracting, training and testing R&D program to improve code vulnerability analysis and testing tools Requirements to procure manage, and distribute enterprise licenses for analysis tools Oct 26, 2017 Page-3

What Has DoD Done? Development of Concept of Operations (CONOPs) and Charter Establishment of JFAC Coordination Center (JFAC-CC), Steering Committees, Working Groups (WGs) Piloting Software Assurance (SwA) license distribution and management Conduct SwA and Hardware Assurance (HwA) Capability Gap Analysis Oct 26, 2017 Page-4

JFAC Operational Structure HwA Technical Working Group DepSecDef USD(AT&L) JFAC Steering Committee JFAC Advisory WG JFAC Coordination Center JFAC CC Portal Portal Service Providesrs Service Providers Service Providers AT&L SwA Technical Working Group CIO Army DISA Navy NSA Air Force NRO MDA DMEA DOE Policy and Technical AOs assigned by above organizations SwA and HwA Working Groups Collaboration and shared prioritization in daily/weekly activities, meet on a regular basis Recommend policy and guidance Provide community forum for hard problem analysis and question/answer JFAC Coordination Center Coordination of Service Providers Supports programs with situational awareness, information/best practices, coordination SwA analysis tool license distribution Portal: https://jfac.army.mil Assessment Knowledge Base (future) JFAC Action Officer (AO) WG AOs for JFAC Steering Committee Maintain enterprise and strategy cognizance Reporting and ROI status Oct 26, 2017 Page-5 Distribution A Statement. Approved for public release by DOPSR. Case # 17-S-2487. 18-S-0071. Distribution is unlimited.

What s Going On Now? JFAC Web portal and SwA tool license distribution Security Classification Guide Field Programmable Gate Array (FPGA) Strategy Resourcing Oct 26, 2017 Page-6

What s Next? Develop JFAC Full Operational Capability (FOC) strategy Improve DoD SwA throughout Lifecycle Planning, Execution and Sustainment Invest in Technology and Resources Upgraded Infrastructure for Federated DoD-wide Coordination of Software Assurance Linking Sustainment to Early Program Development JFAC website on SIPR, JWICS One-stop shop for SwA tools and best practices New S&T and Assessment Knowledge Base portals https://jfac.army.mil Oct 26, 2017 Page-7

Conclusion The JFAC s goal is to provide DoD programs a one-stop shop to request, evaluate, and obtain resources to improve their software assurance practice. SwA analysis tool license distribution and management Service providers for programs SwA work; SMEs focused on hard problems SwA best practices JFAC is addressing key software assurance gaps. Developing FOC strategy to execute as resourcing becomes available Publishing best practices at JFAC web portal (https://jfac.army.mil) Oct 26, 2017 Page-8

Systems Engineering: Critical to Defense Acquisition Defense Innovation Marketplace http://www.defenseinnovationmarketplace.mil DASD, Systems Engineering http://www.acq.osd.mil/se Oct 26, 2017 Page-9

For Additional Information Mr. Thomas Hurt ODASD, Systems Engineering 571-372-6129 thomas.d.hurt.civ@mail.mil Oct 26, 2017 Page-10

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback