1 / 25

Chris.Gunderson@W2COG (o) 703 262 5332 (m) 831 224 5182 w2cog

Public/Private Partnership for Netcentric Engineering. .ORG. Presentation to the NCOIC March 30 2007. Chris.Gunderson@W2COG.org (o) 703 262 5332 (m) 831 224 5182 www.w2cog.org.

havily
Download Presentation

Chris.Gunderson@W2COG (o) 703 262 5332 (m) 831 224 5182 w2cog

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Public/Private Partnership for Netcentric Engineering .ORG Presentation to the NCOIC March 30 2007 Chris.Gunderson@W2COG.org (o) 703 262 5332 (m) 831 224 5182 www.w2cog.org

  2. …(Lt Gen) Croom (Defense Information Systems Agency Director) said (military systems) should provide military information as easily as Travelocity …Croom invokes commercial success stories..e.g. Google and Yahoo ...said DISA would opt for a commercial approach* MYTH: Military Netcentric Operations is fundamentally different from commercial E-business REALITY: “The world is flat!” (Tom Friedman NY Times)…. QUESTION: Is Google good enough? *FCW 7/11/05

  3. Netcentric Prime Directives: Flatten & Partner • Acquisition Community needs • To efficiently survey possible solutions. • To track operational community “market” trends • Use-based contract incentives • “Test drives” of live or downloadable use-case demos • To pool resources for similar requirements • Means to propagate investments in intellectual property • “Pointy End” Operational Communities need • To communicate via use-cases • To Eliminate buffer between them and developers • To collaborate on domain specific standards and schemas • To integrate solutions through continuous low cost experimentation • Hosting and inter-enterprise facilitation services • Developer Communities need • To leverage and improve others’ solutions • To collaborate on technology standards and their uses. • Government certification to accelerate adoption and mitigate commercial risk

  4. NR-KPP Challenge & Opportunity • CJCSI 6212.01D 8 Mar 06: “Net-Ready-KPP” (NR-KPP)/ NR-KPP Cert : “(Develop) …Verifiable performance measures …to assess information needs…” • DISA Joint Interoperability Test Command (JITC) directed to enforce the NR-KPP … But HOW???

  5. *NETCENTRIC VALUE ADDED! (Acquisition & OPS!) • Dynamic Multi-Level Privacy • Streamlined Supply Chain • Better Decisions Faster • Data Strategy • SOA Framework • Information Assurance = + NR-KPP = Net-Ready Key Performance Parameter (NR-KPP)..… not a show stopper or rubber stamp … H&R Block not the IRS! Reward vs. Risk Useful Measurable Reusable Useful Risk/Reward Measurable • * • Tighter OODA Loop • Increased interaction among coalition • Decreased inventory at rest • Faster speed to market • Shortened training pipeline • Improved test scores • Fewer casualties • Decreased maintenance down time • Etc …

  6. NetCert.Gov:Embed Distributed Adaptive Collaborative V&V in Computer Network Development Process via End-to-End Distributed Government/Industry Software Test Range • FDCE • CANES IDE • DCGS Test network • Etc • Government Intellectual Property to industry • Industry risk reduced through certification • Low overhead fee-for-service • SOA e-Biz value proposition (VIRT + VOTS) • Leverages existing capabilities • Process change not major investment

  7. NR-KPP Checklist Measurable & Testable Parameters • Do no harm • Software Assurance vulnerability OK? • Bind to accredited GIG IA services? • Register dynamic discretionary access policy? • Latencies OK? • Reliability OK? • Generate digital diagnostic architectural artifact. • Re-useable/Composable (i.e. Bind to T-SOAF) • Discoverable? • Self describing? • Open standard interfaces? • Cross program investment? • Net-enabling IPR model? • Generate digital diagnostic architectural artifact. • Demonstrate Increased Value/Bit Exchanged • COI approved mission thread? • Meta data registered in context? • Increased automation? • Mission based MOE OK (i.e., compress time line, and/or improve mission outcome)? * • Generate digital diagnostic architectural artifact • IA => Share & Protect • Enable sharing across domains • Preserve privacy • Protect network SOA => Reuse & Mash Up • Accelerate delivery of netcentric capability • Enable netcentric interoperability • Decrease infrastructure cost • Compose C4 capability on-the-fly Data Strategy => Discover in Context • Broker information discovery • Create information value chain feedback loop Net-Ready Parameters and Business Objectives * Confirm with operational evaluation

  8. ESB Trusted Discovery IA Services on High Assurance Platform Open Architecture • Open standards, e.g., (JBI) Enterprise Service Bus • IAW GIG IA Roadmap • Emphasis on semantic IOP • Team with industry consortia

  9. Test Services & Toolkits Discovery M2M Messaging Mediation ESM GIS Enterprise Service Bus Trusted Sharing Services: Authentication, Authorization, Audit, MLS, CND Trusted Operating System Trusted Operating System Trusted Operating System High Assurance Platform (HAP) High Assurance Platform (HAP) High Assurance Platform (HAP) NR-KPP compliant COI capability module NR-KPP tested capability module NCES On Ramp NCES legacy Resources On Ramp DGInet Radio WAN A Resources On Ramp Terrestrial WAN B Other legacy Radio WAN C Resources COI Services COI Services COI Services Resources: Applications Data, Hosting, Utilities, Help desk, etc Resources Resources Ethernet LAN ashore Ethernet LAN afloat Radio PAN

  10. W2COG Institute: Enabling TrustedTransactions of Valuable Information at the Right Time • An international, collaborative association of networking technology and operational experts • A brokering service that efficiently puts expert providers in touch with customers • An open GIGlite.org on-line environment for rapid prototyping ventures among self-selecting industry, government, and academic experts and dynamic repository of net-ready capability bundles

  11. GIGlite.org… a disruptive approach To provide an infrastructure for collaboration and communication among government, academia, and industry to rapidly develop and propagate re-usable and continuously improving tools that facilitate trusted transactions of valuable information at the right time, i.e. bundles of netcentric capability. • Distributed major SOA test range • Single POC for Gov’t labs and sponsors • Distributed, Adaptive, Collaborative, SOA V&V and certification • Convenient process for reuse of off-the-shelf components • Gov’t, industry, & academic members • Title 10 compliant, Non-FAR < ~90 day S&T & engineering spirals • Open source/Open Standards IPR model • Rolodex of experts Best Netcentric SOA Practice $ & IP Net-Ready Certification GIGLite.org NetCert.gov e-Portal for Gov’t certified off-the-shelf bundles of netcentric capability

  12. Domain-specific “verticals” include ecosystem of developers, operators, & testers ~90 day pilots target measurable increments of value added and deliver net-ready consumable tools and methods per “ABC”* model Financial Industry Medical Airline Industry Military Disaster Response • Net Ready KPP (NR-KPP) : • IA = Trusted Sharing • SOA = VOTS • Data strategy = VIRT • Netcentric Productivity = SLAs NetCert.Gov adaptive collaborative mission-thread based V&Vvia pre-deployment M&S and post-deployment operational audit of VIRT-based SLAs * 1stAdapt existing GOTS 2ndBuy COTS solutions 3rdCreate adaptable solution as last resort GIGlite.Org open source/open standards “community sandbox” Colors and texture of the horizontal network grow incrementally richer through collective investment.... …Tax paying citizens of the network prosper through information value chain management Processes (E-biz rapid discovery cycles) Trusted transactions (Privacy) Dynamic Context(Space & Time) Domain Context (Semantics) Network Performance (Protocols, Meters & Switches)

  13. Acquisition “lite” for GIG Information Processing Components • Public/private partnership designed to accelerate a “net-ready” market for products and services that facilitate trusted transactions of valuable information at the right time: • A “Dot org” facilitates rapid non-FAR information processing discovery cycles via “open” IPR model and self selecting industry-academic-government project teams • A light weight “Dot gov” administration office manages a distributed major software “test range” that brokers adaptive, distributed, net-ready V&V, and facilitates transfer of funds, artifacts, and intellectual property across government community of sponsors, operators, and labs • Standing non-FAR legal vehicle between .org and .mil streamlines non-proprietary, capability-based, T&E & discovery process for all participants • On-line “GIG-lite.ORG” serves as dynamic run-time repository of requirements, capabilities, best practices/practitioners, and lessons learned • JCIDS/ACQ documents (e.g. JCD, ISP, CDD,CPD, NR-KPP) become “living” parallel & iterative on-line digital artifacts that continuously capture and propagate new requirements, discoveries, policies, and best practices • Bundles of off-the-shelf DOTMLTF capability, are certified as net-ready, visible, consumable and continuously deployed via commercial e-Portal

  14. Innovators’ “dating service” to broker customers and providers of net-enabling products and services NR-KPP based Consumer Report format that compares bundles of similar net-enabling products and services Net-Ready e-Portal Consumable COTS & GOTS bundles certified to deliver netcentric increments of Valuable Information at the Right Time (VIRT) via trusted information transactions, i.e. Value Off the Shelf (VOTS) • “GIGLite.org” • On-line SOA subversion-based DEVNET • Secure multi-level access • Dynamic Library: • Netcentric RQMTS • Mission Threads • Mission Level Models • VOTS S/W offerings Commercial e-Market offering certified bundles of net-enabling products and services GIG To-Be Acquisition Vision

  15. BACKUP

  16. Approach • Use “ABC”* approach to build SOA Baseline = GIGLite.org Spiral 0 • Test IA, SOA, and data strategy re: • 1. Do no (unacceptable) harm • 2. Bind to the SOA Foundation: • Discoverable • Self describing • Open interfaces • 3. Demonstrate netcentric value added • Leverage “.org” to minimize bureaucracy and overhead = provide valuable service to developer and customer *ABC = Adapt existing capability or Buy COTS before Creating specialized capabilty

  17. Cross-domain Information Exchange Framework (CIEF) Elements of Interest Information Streams Technical Requirement User Interface Data Asset Preservation Data Security Access/ Roles/ Privacy Data Objects Workflow /Process Services – Web & SOA

  18. Information Streams Technical Requirement User Interface Data Asset Preservation Data Security Access/ Roles/ Privacy Data Objects Workflow /Process Services – Web & SOA Objective: Value/Bit Objective: Intuitive CIEF Objective is Trusted Transactions of Valuable Information at the Right Time Across Domains Objective: Re-usable Objective: Protect Objective: Useful Persistence/redundancy Objective: Discover in context Objective: Streamline Objective: Mash up Objective: Share

  19. Business Process Utilities & Services. Objective is Continuous Improvement Publish/Subscribe Utilities & Services: Objective is Seamless Delivery of Value in Context Identity/Privacy Utilities & Services: Objective is Trusted Transactions Computer Network Defense and Software Assurance Utilities & Services: Objective is Protection of Assets GIGlite.org Logical Stack

  20. S2OAF Technology Stack = NCES legacy + Best of Breed GOTs + OTD + Managed Services via ESB • Security • Trusted Authorization Broker (TAB) • Trusted Authorization Policy Engine (TAPE) • CAC • V-LDAP • Cyber Operation Information System • Discovery • 3DV Open Source registry • DGInet geospatial services • M2mi xxx • Messaging • M2MI xxx • JBI Middleware • Mediation • NCES on ramp • Commercially viable JBI Enterprise Service Bus • SOA tool kits (e.g. Jumpstart, C/JMTK) • ESM • SPAWAR Cross-domain Information Exchange Framework via GIGLite Collabnet Portal • NR-KPP Test Services • M&S web suite • Web SOA test bench • Center fro Assured Software (CAS) evaluation NCES On Ramp • The DISA Appliance bundles the NCES Services into a single deployment component that is accessible via “NCES on ramp” toolkit to deliver NCES capabilities to ESBs.

  21. To Be NR-KPP compliant application Service To be NCES Foundation Service M2MI VIRT engine 3DVE Registry V-LDAP Other JBI ESB Middle Ware NR-KPP compliant COI capability module NR-KPP tested capability module DGInet C/JMTK Jumpstart Toolkit CAC NCES On Ramp NCES legacy Test Services Resources Network A Network B Trusted: Discovery Messaging Mediation ESM Resources On Ramp Other legacy Network C JBI Enterprise Service Bus Resources Trusted Service Engine (TSE) TAB TAPE System Assurance OS layer (COIS?) = NCES enabled application or utility Operating System High Assurance Platform (HAP) = Later spiral enterprise service = S2OAF spiral 0

  22. Information Streams Technical Requirement User Interface Data Asset Preservation Data Security Access/ Roles/ Privacy Data Objects Workflow /Process Services – Web & SOA Objective: Value/Bit MOE = OODA loop compression; Data at rest within OODA loop; Mission performance metrics, e.g. probability of kill, casualty rate, etc. Objective: Intuitive MOE = Time required to achieve proficiency Objective: Re-usable MOE = Technology registered; IP license available; Open standards interfaces Adaptive Collaborative Validation & Verification Measures of Effectiveness (MOE) Objective: Protect MOE = Degree of vulnerability Introduced Objective: Useful persistence & redundancy MOE = Life cycle maintenance and “sunset” criteria defined REWARD RISK Objective: Mash up MOE = discoverable, self-described & commercial standard open interface Objective: Share MOE = Rules for dynamic data access control defined, enforced, and audited Objective: Streamline MOE = speed of execution Objective: Discover in context MOE = Meta-data registered w/rt content, context, & administration

  23. Information Streams Technical Requirement User Interface Data Asset Preservation Data Security Access/ Roles/ Privacy Data Objects Workflow /Process Services – Web & SOA • Mission simulation verifies value added per MOEs and service level targets? • Operator training time OK? • Operator proficiency score OK? • Technology registered? • Technology reuses capability? • Technology is easily licensed? • Technology employs open standards? • Basic IA compliance? • Binds to IA services? • CND & s/w vulnerability assessment OK? Adaptive Collaborative Validation & Verification Candidate Enterprise Capability Module (ECM) • Technology refresh model OK? • Meta-data registered w/rt content, context, and admin? • Use case, MOEs, and SLAs defined? • Acceptable latencies? • Acceptable speed to capability? • Discoverable by CND, s/w assurance, ID, and pub/sub services? • Discovers CND, s/w assurance, ID, and pub/sub services? • Discretionary access rules registered? • Binds to ID services?

  24. To Be NR-KPP compliant application Service To be NCES Foundation Service M2MI VIRT engine 3DVE Registry V-LDAP Other JBI ESB Middle Ware PatrolNET NR-KPP tested capability module DGInet C/JMTK CAC Jumpstart Toolkit NCES On Ramp NCES legacy Test Services Resources Network A • 18 Month Pilot Series: • Global Strike + TST COI • NSA Identity Services C&A • NCES, NECC, CANES programs • Deliverables every Quarter • “Flag Day” Trident Warrior 08 Network B Trusted: Discovery Messaging Mediation ESM Resources On Ramp Other legacy Network C JBI Enterprise Service Bus Resources Trusted Service Engine (TSE) TAB TAPE System Assurance OS layer (COIS?) = NCES enabled application or utility Operating System High Assurance Platform (HAP) = Later spiral enterprise service = S2OAF spiral 0

More Related