Requirements are fulfilled through operational capabilities. We described in an ear- lier section of this chapter system models that divide project scope into problem and solution domains. Customers’ requirements involve the analysis of the problem
39
domain and study its needs. Operational capabilities involve the design, implemen- tation, and deployment of “a solution” for the problem domain “needs.” It is impor- tant for acquisition team to be able to understand customer project requirements. It is then important to be able to translate those requirements as problems into solution elements or operational capabilities. It is also important to be able to compare between different possible solutions. It is also important to realize the “fitness” of the proposed solution to the problem or the “needs.” Acquisition team should also understand all this in the scope of budget and cost estimation and be able to evaluate or assess services based on cost.
• Download a Capability Development Document (CDD) template from Internet sources (e.g., https://www.dau.mil/cop/rqmt/Lists/Tools/AllItems.aspx, or http://
acqnotes.com/acqnote/acquisitions/capability-development-document-cdd, or http://www.acqnotes.com/Attachments/CDD%20Writers%20Guide.pdf).
For your selected project, make sure you completed the template sections. The template should include, as minimum the following sections: (1) Capability Discussion, (2) Analysis Summary, (3) Concept of Operations Summary, (4) Threat Summary, (5) Program Summary, (6) System Capabilities Required for the Current Increment, (7) Family of System and System of System Synchronization, (8) Information Technology and National Security Systems (IT and NSS) Supportability, (9) Intelligence Supportability, (10) Electromagnetic Environmental Effects (E3) and Spectrum Supportability, (11) Assets Required to Achieve Initial Operational Capability (IOC), (12) Schedule and IOC/Full Operational Capability (FOC) Definitions, (13) Other Doctrine, Organization, Training, Materiel, Leadership and Education, Personnel and Facilities (DOTMLPF) Considerations, (14) Other System Attributes, and (15) Program Affordability.
Capabilities can be developed in different stages or milestones: Initial Capabilities Document (ICD) and Capability Production Document (CPD). Different types of relations may exist between capabilities at those three different levels or stages (e.g., part of, related to). Other important deliverables to consider in CDD include:
Key Performance Parameters (KPP) and Key System Attributes (KSA) address performance.
Bibliography
(CSD), NIST Computer Security Division (2010) NISTIR 7622 draft, piloting supply chain risk management practices for federal information systems (DRAFT), pp 1–78
Acq.osd.mil (2011) Program protection plan outline & guidance, Ver. 1.0. Deputy Assistant Secretary of Defense, Systems Engineering. https://www.acq.osd.mil/se/initiatives/init_pp-sse.
html
Alsmadi I, Burdwell R, Aleroud A, Wahbeh A, Ali Al-Qudah M, Al-Omari A (2018) Security and access controls: lesson plans. In: Practical information security. Springer, Cham
Alves P, Campos P, Oliveira E (2012a) Modeling the trustworthiness of a supplier agent in a B2B relationship. In: Camarinha-Matos LM, Xu L, Afsarmanesh H (eds) Collaborative networks in the internet of services. PRO-VE 2012. IFIP advances in information and communication technology, vol 380. Springer, Berlin
Bibliography
Alves P, Campos P, Oliveira E (2012b) Modeling the trustworthiness of a supplier agent in a B2B relationship, PRO-VE 2012. International Federation for Information Processing IFIP AICT 380, pp 675–686
Blos MF, Quaddus M, Wee HM, Watanabe K (2009) Supply chain risk management (SCRM):
a case study on the automotive and electronic industries in Brazil. Supply Chain Manag 14(4):247–252
Boyens JM, Paulsen C, Moorthy R, Bartol N (2015) Supply chain risk management practices for federal information systems and organizations. https://doi.org/10.6028/nist.sp.800-161 Defense Acquisition University Press (2001) System engineering fundamentals. http://acqnotes.
com
Department of Homeland Security Cyber Security Division (2007) Software assurance in acquisi- tion: mitigating risks to the enterprise, Draft Version 1.0
DHS (2008) Acquisition instruction/guidebook, 102-01-001, INTERIM, Version 1.9
DOE (2018) DOE G 430.1-1 Chp 23, life cycle cost estimate. https://www.directives.doe.gov/
directives-documents/400-series/0430.1-EGuide-1-Chp23 Grady JO (2006) System requirements analysis. Academic, Cambridge
Hutton JP (2010) United States Government Accountability Office, Deepwater requirements, quantities, and cost require revalidation to reflect knowledge gained, GAO-10-790, https://
www.gao.gov/assets/310/307742.html
Ivancic WD, Vaden KR, Jones RE, Roberts AM (2015) Operational concepts for a generic space exploration communication network architecture, Technical report, NASA Glenn Research Center
National Institute of Standards and Technology (NIST) 800-161 (2015), Supply chain risk man- agement practices for federal information systems and organizations. U.S. Department of Commerce, p 9
Polydys ML, Wisseman S (2009a) Software assurance in acquisition: mitigating risks to the enter- prise. Technical paper. http://www.dtic.mil/dtic/tr/fulltext/u2/a495389.pdf
Polydys ML, Wisseman S (2009b) Software assurance in acquisition: mitigating risks to the enter- prise. Occasional paper, Information Resources Management College. http://www.dtic.mil/
dtic/tr/fulltext/u2/a495389.pdf
Porter M (2008) Competitive advantage: creating and sustaining superior performance. Simon and Schuster, New York
Sengupta A (2011) Method for processing documents containing restricted information: Google patents
Swanson M, Bartol N, Moorthy R (2010) Piloting supply change risk management practices for federal information systems. National Institute of Standards and Technology (NIST), U.S. Department of Commerce, p 1
Tummala R, Schoenherr T (2011) Assessing and managing risks using the Supply Chain Risk Management Process (SCRMP). Supply Chain Manag 16(6):474–483
US Chamber of Commerce, International Affairs (2016) Preventing de globalization: an economic and security argument for free trade and investment in ICT. https://www.uschamber.com/sites/
default/files/documents/files/preventing_deglobalization_1.pdf
41
© Springer Nature Switzerland AG 2019 I. Alsmadi, The NICE Cyber Security Framework, https://doi.org/10.1007/978-3-030-02360-7_3