Chris.Gunderson@W2COG (o) 703 262 5332 (m) 831 224 5182 w2cog

Public/Private Partnership for Netcentric Engineering .ORG

[email protected](o) 703 262 5332(m) 831 224 5182www.w2cog.org

Presentation to the

NCOIC March 30 2007

mailto:[email protected]

http://www.w2cog.org/

http://www.giglite.org/


http://www.softwaretechnews.com/

MYTH: Military Netcentric Operations is fundamentally different from commercial E-

business

REALITY: “The world is flat!” (Tom Friedman NY Times)….

QUESTION: Is Google good enough?

…(Lt Gen) Croom (Defense Information Systems Agency Director) said (military systems) should provide military information as easily as Travelocity …Croom invokes commercial success stories..e.g. Google and Yahoo ...said DISA would opt for a commercial approach*

*FCW 7/11/05

Netcentric Prime Directives: Flatten & Partner

• Acquisition Community needs– To efficiently survey possible solutions. – To track operational community “market” trends– Use-based contract incentives– “Test drives” of live or downloadable use-case demos– To pool resources for similar requirements– Means to propagate investments in intellectual property

• “Pointy End” Operational Communities need– To communicate via use-cases– To Eliminate buffer between them and developers– To collaborate on domain specific standards and schemas– To integrate solutions through continuous low cost experimentation– Hosting and inter-enterprise facilitation services

• Developer Communities need– To leverage and improve others’ solutions – To collaborate on technology standards and their uses.– Government certification to accelerate adoption and mitigate commercial

risk

• CJCSI 6212.01D 8 Mar 06: “Net-Ready-KPP” (NR-KPP)/

NR-KPP Cert :

“(Develop) …Verifiable performance measures …to

assess information needs…”

• DISA Joint Interoperability Test Command (JITC)

directed to enforce the NR-KPP …

NR-KPP Challenge & OpportunityNR-KPP Challenge & Opportunity

But HOW???

Net-Ready Key Performance Parameter (NR-KPP)..… not a show stopper or rubber stamp … H&R Block not the IRS!

*NETCENTRIC

VALUE ADDED!(Acquisition & OPS!)

•Data Strategy •SOA Framework •Information Assurance

Dynamic Multi-Level Privacy Streamlined Supply Chain Better Decisions Faster

=NR-KPP = +

Reward vs. Risk Measurable Useful

*•Tighter OODA Loop•Increased interaction among coalition •Decreased inventory at rest•Faster speed to market•Shortened training pipeline•Improved test scores•Fewer casualties •Decreased maintenance down time•Etc …

Risk/RewardRisk/Reward MeasurableMeasurable UsefulUsefulReusableReusable

Government Intellectual Property to industry

Industry risk reduced through certification

Low overhead fee-for-service

SOA e-Biz value proposition (VIRT + VOTS)

Leverages existing capabilities

Process change not major investment

NetCert.Gov: Embed Distributed Adaptive Collaborative V&V in

Computer Network Development Process via End-to-End Distributed Government/Industry Software Test Range

•FDCE•CANES IDE•DCGS Test network•Etc

NR-KPP Checklist

• IA => Share & Protect• Enable sharing across domains • Preserve privacy • Protect network

SOA => Reuse & Mash Up• Accelerate delivery of netcentric

capability • Enable netcentric interoperability• Decrease infrastructure cost• Compose C4 capability on-the-fly

Data Strategy => Discover in Context • Broker information discovery• Create information value chain

feedback loop

Do no harmSoftware Assurance vulnerability OK? Bind to accredited GIG IA services? Register dynamic discretionary access policy? Latencies OK? Reliability OK? Generate digital diagnostic architectural artifact.

Re-useable/Composable (i.e. Bind to T-SOAF) Discoverable? Self describing? Open standard interfaces? Cross program investment? Net-enabling IPR model? Generate digital diagnostic architectural artifact.

Demonstrate Increased Value/Bit Exchanged COI approved mission thread? Meta data registered in context? Increased automation? Mission based MOE OK (i.e., compress time line,

and/or improve mission outcome)? *Generate digital diagnostic architectural artifact

Net

-Rea

dy

Par

amet

ers

and

Bu

sin

ess

Ob

ject

ives

Measurable & Testable Parameters

* Confirm with operational evaluation

Open Architecture

• Open standards, e.g., (JBI) Enterprise Service Bus

• IAW GIG IA Roadmap

• Emphasis on semantic IOP

• Team with industry consortia

ES

B

Trusted Discovery

IA Services on High Assurance Platform

Resources

Trusted Sharing Services: Authentication, Authorization, Audit, MLS, CND

DiscoveryM2M MessagingMediationESMGIS

Test Services & Toolkits

Enterprise S

ervice Bus

Resources

Radio WAN A

Terrestrial WAN B

RadioWAN CResources

Resources

Resources

NCES legacy

NCES On Ramp

DGInet

NR-KPPcompliant

COI capability

module

Other legacy

High Assurance Platform (HAP)

Trusted Operating System

On Ramp

Radio PAN

Ethernet LAN ashore

EthernetLAN afloat

On Ramp

Resources:Applications

Data, Hosting,Utilities,

Help desk,etc

COI Services COI Services COI Services





NR-KPP tested capability module

W2COG Institute: Enabling Trusted Transactions of Valuable Information at the Right Time

• An international, collaborative association of networking technology and operational experts

• A brokering service that efficiently puts expert providers in touch with customers

• An open GIGlite.org on-line environment for rapid prototyping ventures among self-selecting industry, government, and academic experts and dynamic repository of net-ready capability bundles



GIGlite.org… a disruptive approach

To provide an infrastructure for collaboration and communication among government, academia, and industry to rapidly develop and propagate re-usable and continuously improving tools that facilitate trusted transactions of valuable information at the right time, i.e. bundles of netcentric capability.

•Gov’t, industry, & academic members

•Title 10 compliant, Non-FAR < ~90 day S&T & engineering spirals

•Open source/Open Standards IPR model

•Rolodex of experts

• Distributed major SOA test range

•Single POC for Gov’t labs and sponsors

•Distributed, Adaptive, Collaborative, SOA V&V and certification

•Convenient process for reuse of off-the-shelf componentsGIGLite.org NetCert.gov

Best Netcentric SOA Practice

Net-Ready Certification

$ & IP

e-Portal for Gov’t certified off-the-shelf bundles of netcentric

capability

Processes(E-biz rapid discovery cycles)

GIGlite.Org open source/open standards “community sandbox” Colors and texture of the horizontal network grow incrementally richer through collective investment.... …Tax paying citizens of the network prosper through information value chain management

Domain Context(Semantics)

Network Performance(Protocols, Meters &Switches)

Trusted transactions(Privacy)

Dynamic Context(Space & Time)

Military

Domain-specific “verticals” include ecosystem of developers, operators, & testers

Financial

Industry

Airline

Industry

Medical

Disaster

Response

1st Adapt existing GOTS2nd Buy COTS solutions3rd Create adaptable solution as last resort

~90 day pilots target measurable increments ofvalue added and deliver net-ready consumable tools and methods per “ABC”* model

*

NetCert.Gov adaptive collaborative mission-thread based V&V via pre-deployment M&S and post-deployment operational audit of VIRT-based SLAs

Net Ready KPP (NR-KPP) :IA = Trusted SharingSOA = VOTSData strategy = VIRTNetcentric Productivity = SLAs

Public/private partnership designed to accelerate a “net-ready” market for products and services that facilitate trusted transactions of valuable information at the right time:

•A “Dot org” facilitates rapid non-FAR information processing discovery cycles via “open” IPR model and self selecting industry-academic-government project teams

•A light weight “Dot gov” administration office manages a distributed major software “test range” that brokers adaptive, distributed, net-ready V&V, and facilitates transfer of funds, artifacts, and intellectual property across government community of sponsors, operators, and labs

•Standing non-FAR legal vehicle between .org and .mil streamlines non-proprietary, capability-based, T&E & discovery process for all participants

•On-line “GIG-lite.ORG” serves as dynamic run-time repository of requirements, capabilities, best practices/practitioners, and lessons learned

•JCIDS/ACQ documents (e.g. JCD, ISP, CDD,CPD, NR-KPP) become “living” parallel & iterative on-line digital artifacts that continuously capture and propagate new requirements, discoveries, policies, and best practices

•Bundles of off-the-shelf DOTMLTF capability, are certified as net-ready, visible, consumable and continuously deployed via commercial e-Portal

Acquisition “lite” for GIG Information Processing Components

Net-Ready e-Portal

Consumable COTS & GOTS bundles certified to deliver netcentric increments of Valuable Information at the Right Time (VIRT) via trusted information transactions, i.e. Value Off the Shelf (VOTS)

NR-KPP based Consumer Report format that compares bundles of similar net-enabling products and services

Commercial e-Market offering certified bundles of net-enabling products and services

Innovators’ “dating service” to broker customers and providers of net-enabling products and services

“GIGLite.org”•On-line SOA subversion-based DEVNET•Secure multi-level access •Dynamic Library:

•Netcentric RQMTS•Mission Threads•Mission Level Models•VOTS S/W offerings

GIG To-Be Acquisition

Vision


BACKUP

Approach• Use “ABC”* approach to build SOA Baseline =

GIGLite.org Spiral 0• Test IA, SOA, and data strategy re:

– 1. Do no (unacceptable) harm– 2. Bind to the SOA Foundation:

• Discoverable• Self describing• Open interfaces

– 3. Demonstrate netcentric value added• Leverage “.org” to minimize bureaucracy and

overhead = provide valuable service to developer and customer

*ABC = Adapt existing capability or Buy COTS before Creating specialized capabilty

DataDataSecuritySecurity

UserUserInterfaceInterface

DataDataObjectsObjects

Services –Services –Web & SOAWeb & SOA

WorkflowWorkflow/Process/Process

Access/Access/Roles/Roles/

PrivacyPrivacy

Data AssetData AssetPreservationPreservation

TechnicalTechnicalRequirementRequirement

InformationInformationStreamsStreams

Cross-domain InformationCross-domain InformationExchange Framework (CIEF) Elements of InterestExchange Framework (CIEF) Elements of Interest







PrivacyPrivacy




Objective: Value/BitObjective: Value/Bit

Objective: Re-usableObjective: Re-usable

Objective: Intuitive Objective: Intuitive

Objective: ProtectObjective: Protect

Objective: Objective: Discover in contextDiscover in context

Objective: ShareObjective: Share Objective: Mash upObjective: Mash upObjective: StreamlineObjective: Streamline

Objective: UsefulObjective: UsefulPersistence/redundancyPersistence/redundancy

CIEF Objective is Trusted Transactions of Valuable

Information at the Right Time Across Domains

GIGlite.org Logical Stack

Identity/Privacy Utilities & Services: Objective is Trusted Transactions

Publish/Subscribe Utilities & Services: Objective is Seamless Delivery of Value in Context

Business Process Utilities & Services. Objective is Continuous Improvement

Computer Network Defense and Software Assurance Utilities & Services: Objective is Protection of Assets

– Security• Trusted Authorization Broker (TAB) • Trusted Authorization Policy Engine

(TAPE) • CAC• V-LDAP• Cyber Operation Information System

– Discovery• 3DV Open Source registry• DGInet geospatial services• M2mi xxx

– Messaging• M2MI xxx• JBI Middleware

– Mediation• NCES on ramp• Commercially viable JBI Enterprise

Service Bus• SOA tool kits (e.g. Jumpstart,

C/JMTK)

– ESM• SPAWAR Cross-domain Information

Exchange Framework via GIGLite Collabnet Portal

– NR-KPP Test Services• M&S web suite• Web SOA test bench• Center fro Assured Software (CAS)

evaluation

NCESOn Ramp

DISA Appliance(NCES Inside)

–The DISA Appliance bundles the NCES Services into a single deployment component that is accessible via “NCES on ramp” toolkit to deliver NCES capabilities to ESBs.

S2OAF Technology Stack = NCES legacy + Best of Breed GOTs + OTD + Managed Services via ESB

JBI E

nterp

rise Service B

us


System Assurance OS layer (COIS?)

TAB TAPETrustedService

Engine (TSE)

Network A

Network B

Network C

Resources

Resources

Resources

CAC

Trusted:DiscoveryMessagingMediationESM

NCES legacy

NCES On Ramp

To BeNR-KPP compliant application

Service

DGInetJumpstart

ToolkitC/JMTK

M2MI VIRT engine

3DVE Registry

To be NCES Foundation Service

V-LDAPOther JBI ESB Middle Ware

NR-KPPcompliant

COI capability

module

= Later spiral enterprise service

= S2OAF spiral 0

Other legacy

Test Services


= NCES enabled application or utility Operating System

On Ramp





WorkflowWorkflow/Process/ProcessAccess/Access/

Roles/Roles/PrivacyPrivacy




Objective: Value/BitObjective: Value/BitMOE = OODA loop compression; Data at rest MOE = OODA loop compression; Data at rest within OODA loop; Mission performance metrics, within OODA loop; Mission performance metrics, e.g. probability of kill, casualty rate, etc.e.g. probability of kill, casualty rate, etc. Objective: Re-Objective: Re-

usableusableMOE = Technology MOE = Technology registered; IP registered; IP license available; license available; Open standards Open standards interfacesinterfaces

Objective: IntuitiveObjective: IntuitiveMOE = Time required to MOE = Time required to achieve proficiencyachieve proficiency

Objective: ProtectObjective: ProtectMOE = Degree of MOE = Degree of vulnerability vulnerability Introduced Introduced

Objective: Discover in contextObjective: Discover in contextMOE = Meta-data registered w/rt MOE = Meta-data registered w/rt content, context, & content, context, & administrationadministration

Objective: ShareObjective: ShareMOE = Rules for dynamic MOE = Rules for dynamic data access control defined, data access control defined, enforced, and audited enforced, and audited

Objective: Mash upObjective: Mash upMOE = discoverable, self-MOE = discoverable, self-described & commercial described & commercial standard open interfacestandard open interface

Objective: StreamlineObjective: StreamlineMOE = speed of executionMOE = speed of execution

Objective: Useful Objective: Useful persistence & redundancypersistence & redundancyMOE = Life cycle MOE = Life cycle maintenance and “sunset” maintenance and “sunset” criteria defined criteria defined

Adaptive Collaborative Validation & Verification Measures of

Effectiveness (MOE)

RISK

REWARD







PrivacyPrivacy




Adaptive Collaborative Validation & Verification

Discoverable by CND, s/w assurance, ID, and pub/sub services?Discovers CND, s/w assurance, ID, and pub/sub services?

Use case, MOEs, and SLAs defined? Acceptable latencies? Acceptable speed to capability?

Discretionary access rules registered?Binds to ID services?

Meta-data registered w/rt content, context, and admin?

Basic IA compliance?Binds to IA services?CND & s/w vulnerability assessment OK?

Technology registered?Technology reuses capability?Technology is easily licensed? Technology employs open standards?

Mission simulation verifies value added per MOEs and service level targets? Operator training time OK?

Operator proficiency score OK?

Technology refresh model OK?

Candidate Enterprise Capability Module

(ECM)

JBI E

nterprise Service B

us


System Assurance OS layer (COIS?)

TAB TAPETrustedService

Engine (TSE)

Network A

Network B

Network C

Resources

Resources

Resources

CAC

Trusted:DiscoveryMessagingMediationESM

NCES legacy

NCES On Ramp

To BeNR-KPP compliant application

Service

DGInetJumpstart

ToolkitC/JMTK

M2MI VIRT engine

3DVE Registry

To be NCES Foundation Service

V-LDAPOther JBI ESB Middle Ware

PatrolNET

= Later spiral enterprise service

= S2OAF spiral 0

Other legacy

Test Services


= NCES enabled application or utility Operating System

On Ramp

18 Month Pilot Series:•Global Strike + TST COI•NSA Identity Services C&A• NCES, NECC, CANES programs•Deliverables every Quarter•“Flag Day” Trident Warrior 08

Date post:	09-Jan-2016
Category:	Documents
Upload:	havily
View:	31 times
Download:	2 times

Chris.Gunderson@W2COG (o) 703 262 5332 (m) 831 224 5182 w2cog

Documents