The objective of the Computer Resources IPS Element is to identify, plan, resource, and acquire facilities, hardware, software, documentation, manpower and personnel necessary for planning and management of mission critical computer hardware and software systems. Coordinate and implement agreements necessary to manage technical interfaces, and to manage work performed by maintenance activities. Establish and update plans for periodic test and certification activities required throughout the life cycle. (Source: DoD Product Support Manager (PSM) Guidebook, Appendix A)
Computer Resources encompasses the facilities, hardware, software, documentation, manpower, and personnel needed to operate and support mission critical computer hardware/software systems. As the primary end item, support equipment, and training devices increase in complexity, more and more software is being used. The expense associated with the design and maintenance of software programs is so high that one cannot afford not to manage this process effectively. It is standard practice to establish a computer resource working group to accomplish the necessary planning and management of computer resources.
Key Computer Resources IPS Element activities according to Appendix A of the DoD Product Support Manager (PSM) Guidebook and the DoD Integrated Product Support (IPS) Element Guidebook include:
- Manage and update the Program‘s Computer Resources Support Management Plan (CRSMP) when major system changes occur. The following items should be considered:
- Mission critical computer hardware/software operation and support
- Management reports development and maintenance
- Disaster recovery planning and execution
- Computer resource working group standup and management
- Computer programs and software baselines management
- Computer programs and software modifications management
- Software licenses management
- Software and hardware obsolescence management
- Defense Information Switch Network (DISN) or other network connectivity requirements determination and management
- Specifications determination
- Flow/logic diagrams determination
- Computer Software Configuration Item (CSCI) definitions determination
- CSCI test descriptions
- CSCI operating environments
- CSCI user/maintainer manuals
- CSCI computer code
- Automated Identification Technology management
- Electronic Data Interchange (EDI) management
- Computer Service Level Agreements (SLAs) management
- Electromagnetic Interference (EMI), Electromagnetic Pulse (EMP)
- System Security/Information Assurance
- Capability Maturity Model Integration (CMMI) cognizance
Computer programs and software are often part of the technical data that defines the current and future configuration baseline of the system necessary to develop safe and effective procedures for operation and maintenance of the system. Software technical data comes in many forms to include, but not limited to, specifications, flow/logic diagrams, Computer Software Configuration Item (CSCI) definitions, test descriptions, operating environments, user/maintainer manuals, and computer code.
Information Technology
Subtitle III of Title 40, defines the term `information technology', as any equipment or interconnected system or subsystem of equipment, that is used in the automatic acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information by the executive agency. For purposes of the preceding sentence, equipment is used by an executive agency if the equipment is used by the executive agency directly or is used by a contractor under a contract with the executive agency which (i) requires the use of such equipment, or (ii) requires the use, to a significant extent, of such equipment in the performance of a service or the furnishing of a product. The term `information technology' includes computers, ancillary equipment, software, firmware and similar procedures, services (including support services), and related resources. Notwithstanding the above, the term information technology' does not include any equipment that is acquired by a Federal contractor incidental to a Federal contract.
Software
Nearly all DoD systems rely on software for their operation. Software touches virtually every facet of military systems, from the more common Information Technology (IT) systems to the less obvious "embedded" software-intensive systems. Because the vast majority of system functionality is now being implemented via software (vice hardware), the Assistant Secretary of the Navy for Research, Development and Acquisition (ASN(RD&A)) Software Acquisition.
Management Focus Team believes that all current systems should be considered "software intensive" unless the Program Manager can explain why they are not. Therefore, there is no need to define what a software-intensive system is. Software is embedded in the aircraft, weapons, ground stations, and support equipment that the DoD delivers to the fleet and supports throughout their life cycle. It adds tools and weapons capabilities that would likely not be possible otherwise. With the advent of software-driven Portable Electronic Maintenance Aides (PEMAs), diagnostics and prognostics, and maintenance data collection systems, software is also an increasingly critical part of the maintenance environment.
Hardware
Computer hardware, due to the rapid pace of technology change, is often acquired through a Commercial-Off-the Shelf (COTS) system. Per the Defense Acquisition Guidebook, maximum use of mature technology (including non-developmental and/or standards based COTS computer hardware) provides the greatest opportunity to adhere to program cost, schedule, and performance requirements by leveraging industry's research & development and is consistent with an incremental acquisition approach. However, this is not a one-time activity. Unanticipated changes and the natural evolution of commercial items may drive reconsideration of engineering decisions throughout the life cycle. In addition, the program must consider the logistics implications of supporting commercial items in a military environment. Finally, because COTS items have a relatively short manufacturing life, a proactive diminishing manufacturing sources and material shortages / obsolescence approach should also be considered. Consequently, care must be taken to assess the long term sustainability of COTS options and to avoid or minimize single source options.
Licenses
Per the USAF Weapon Systems Software Management Guidebook, commercial software is set forth in DFARS 252.227-7014(a) as software developed or regularly used for non-governmental purposes and either 1) sold, leased, or licensed to the public; 2) offered for sale, lease, or license to the public; 3) doesn't meet the two prior conditions but will be available for commercial sale, lease, or license in time to satisfy the delivery requirements of this contract; or 4) meets any of the prior three conditions and would require only minor modification to meet the requirements of the contract.
Computer Resources Life Cycle Management
Computer Resources Life Cycle Management describes the development, acquisition, test, and support plans over the life cycle of computer resources integral to, or used in, direct support of systems.
The Computer Resources Life Cycle Management Plan (CRLCMP) describes the development, acquisition, test and support plans over the life cycle of computer resources integral to, or used in, direct support of systems. With the various acquisition reform actions that have been completed, the CRLCMP is no longer mandated; the previous reference was SECNAV INST 5231.1, now cancelled. Although not required, some organizations may still choose to develop and use some form of a CRLCMP (format and content typically varied by service).
Sustainment
Each of the Services maintains policy for sustainment of computer resources hardware, software and services. Additional attention should be made if the program contains a mission-critical system. A mission-critical system is one whose operational effectiveness and operational suitability are essential to successful mission completion or to aggregate residual combat capability. If this system fails, the mission likely will not be completed. Such a system can be an auxiliary or supporting system, as well as a primary mission system. The Product Support Manager must be aware of any mission critical designations within the Computer Resources area since programs require an IA Strategy if they are designated Mission Critical or Mission Essential. The Product Support Manager should refer to the DAG and the owning DoD Component for mission criticality management, system development and reporting requirements.
Within the DoD, there are a number of offices with a significant interest in computer resources. The Office of the Chief Information Officer ensures that acquired information technology and resources are managed using Government policies and procedures. Within the Office of the Undersecretary for Acquisition, Logistics & Technology, the offices which are proponent for systems engineering, Defense Research and Engineering (DDR&E) and logistics, Logistics & Materiel Readiness (L&MR), have responsibilities during weapon system acquisition for the development, acquisition and delivery of computer resources capabilities. The Office of the Director for Defense Research and Engineering Systems Engineering Directorate is actively involved in international efforts related to defense acquisition, systems engineering, and related efforts and specifically focused on computer resources related topics.
For the Computer Resources IPS Element, the PM and/or PSM must identify, plan, resource, and acquire facilities, hardware, software, documentation, manpower and personnel necessary for planning and management of mission critical computer hardware and software systems. IPS Element Guidebook Chapter 12.
The DoD Information Assurance Certification and Accreditation Process (DIACAP) is a United States Department of Defense (DoD) process that was meant to ensure that companies and organizations apply risk management to information systems (IS). In an effort to align defense and federal civilian cybersecurity guidance with the Defense Department, this specialized certification and accreditation process was jettisoned with the issuance of DoDI 8510.01 “Risk Management Framework for DoD Information Technology (IT)” on 18 March, 2014.
The change will bring about a common cybersecurity terminology across defense and civilian networks and reduce the potential for an automatic need to re-certify a system that's shared across organizational boundaries.