Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Mitigating Insider Threats in Virtual & Cloud Environments
- Modern Mission Critical Series
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
DIA releases technology wish list to solve problems more directly
Monday - 12/9/2013, 3:48am EST
The Defense Intelligence Agency has just launched a project that it thinks can help circumvent some of the ills of the government's notoriously slow procurement process for emerging technology and open the playing field to a much broader set of innovators.
The platform, called Needipedia, formally launched in late November. The basic idea is to let front-line DIA users, who have discrete technological needs, communicate them to the companies and institutions that might be able to solve their problems a bit more directly, short circuiting at least some of the steps in the government's ponderous process for procurement and requirements development.
"The problem we face in government is that when we want to go out and find new capabilities, just asking for them is a process that takes six to nine months," said Dan Doney, DIA's chief innovation officer. "If I want to generate a request for proposals, most of the language is pro-forma, but if I change a couple of words, the lawyers need to review it as if it was the first time, every time. That process is quite lengthy and quite painful."
So instead of issuing a new RFP every time the agency identifies a new requirement, DIA created a single generic broad agency announcement that simply points to Needipedia, an agency website that serves as a sort of wish list for the agency. New agency needs will be continuously added to the site after undergoing a less-strenuous level of vetting than what usually accompanies a traditional government procurement.
"In that BAA, in the specific spot where I would normally ask for a thing, we now reference that dynamic document," Doney said during a Web discussion hosted by Government Executive magazine last week. "If I have a niche need, like a 3D printer so I can print up guns, I can publish that. For industry, they can see that DIA is looking for a 3D printer that references a certain need in Needipedia, and they submit their proposal against this open BAA and it gets routed to the specific mission element that needs it. We've taken away all the friction associated with how we ask for things."
What DIA doesn't know
Doney said the Needipedia construct also will include a technology "catch-all" category designed to let industry submit innovations, even when DIA doesn't know to ask for them.
The site is one early element of the Open Innovation Gateway, a new agile technology acquisition approach DIA is building to support the Intelligence Community Information Technology Environment (ICITE), the shared services cloud architecture that eventually will support the entire intelligence community.
The agency says the gateway, which it hopes to launch by late January 2014, will give developers access to the same computing environment and technology standards that ICITE will use, so that they can build applications that are designed from their foundation to successfully interoperate with intelligence community systems and meet their security standards.
"We want industry and academia to be able to participate, in place, with as little barrier to entry as possible," Doney said. "Obviously I can't expose mission data to folks on the outside, and there are some mission systems I can't represent to them. But with as much fidelity as we can, we're going to bring those systems out. What that allows is that a garage innovator in Austin, Texas, or a grad student at Carnegie-Mellon can contribute to our mission setting in a safe house in a way that drives the standards that are being pushed by ICITE."
Doney said he thinks the potential attractiveness of the DIA gateway model to outside developers is boosted by the fact that once something is built for his agency, it's potentially exportable to the rest of the 16 other agencies that make up the intelligence community. At least in theory, if a solution is acceptable to DIA, it will meet the rest of the IC's architectural and security needs as they converge around ICITE.
And once there's a proliferation of standards-based tools that are designed for that IC cloud environment, the intelligence community can start moving toward what he calls a "pay to use" model rather than a "pay to build" model, he said.
"The risk aversion of the government largely comes from the fact that we have to pay to build our capabilities. That means that we need to know a whole lot about those systems before we even get a chance to try them," Doney said. "The risk associated with that model causes the government to be quite wary. If we change the model and bring our conditions directly to developers, look at how that changes the evaluation, the integration, the accreditation processes we have now. I can expose my security model. The fact that I use PKI certificates is not secret. If I require capability providers to meet our standards before they can do business with us, they know how to participate in our particular framework. And it's not because I've given them a 500-page document. It's because we've given them the interface that we use."