The Army is forging ahead with deployment of its Big Data Platform (BDP), a move that underscores the Department of Defense’s (DoD) plans for using open-source software, commercial technologies, and cloud services to get a grip on the data it collects from a wide range of sources.
The Army recently announced its intention to award Enlighten IT Consulting a sole-source contract to implement the BDP, which officially became a program of record a year ago. Enlighten, which already had worked on the platform, is also working on the Defense Information System Agency’s (DISA) overarching Big Data Platform, most recently under a $40 million contract to continue development.
DISA’s BDP rides on Amazon Web Services GovCloud and provides analytics and visualization tools for the massive amounts of structured and unstructured data collected via DoD Information Networks (DODIN), using a suite called Cyber Situational Awareness Analytical Capabilities (CSAAC). According to DISA, CSAAC is available on both the Nonsecure Internet Protocol Router Network (NIPRNet) and the Secret Internet Protocol Router Network (SIPRNet). Its cybersecurity operations include monitoring the DODIN, supporting defensive cyber operations and running a suite of anomaly detection applications.
The BDP is built on a shared infrastructure model with open-source and unclassified components, which DISA said provides better return on investment and, significantly for DOD, shortens the time it takes to get new capabilities out to users. And in that open-source spirit, DISA didn’t want to keep it all to itself.
“One of the big benefits behind this program is that when we developed it, we didn’t want to just say that this is a DISA solution and we are only going to install it on DISA servers,” Bob Landreth, BDP program manager, said in a statement. “So, we handed it out to some of the other services and other folks, so they can install locally within their environment.”
The Army BDP is focused on big data management and analytics in support of decision-making, as set forth in the Army Data Strategy. According to the Army CIO’s office, it is one of the service’s highest priorities.
That open-source approach also is becoming a focus across the department. Earlier this year, DOD announced the launch of Code.mil, a place–created with GitHub–where software developers from around the world collaborate on software code for DOD projects. Noting that open-source is an accepted, best practice in the industry but is sparsely applied in the military, DOD said Code.mil, being led by the Defense Digital Service, will look to tap into a global resource of developers to both speed-up and strengthen software development.
And there is likely more to come. A provision in the National Defense Authorization Act for 2018, introduced by Sen. Mike Rounds, R-S.D., and co-sponsored by Sen. Elizabeth Warren, D-Mass., requires DOD to opt for open-source when possible for unclassified, non-defense software.
Although some groups have objected to the provision, citing a perceived threat to national security, the provision simply expands to DoD a policy released in August 2016 for civilian agencies to adopt open-source. Proponents argue that open-source, by design, is more secure. “How would the Trojans have reacted if the Horse statue the Greeks gave them was made of glass and they could see right through it?” Bob Gourley, former CTO of the Defense Intelligence Agency and co-founder of security firm Cognitio, told The Verge. “Everyone can examine the code and look for, and remove, vulnerabilities before they are brought into the enterprise.”
Under the provision by the National Defense Authorization Act, DoD would not share code used in weapons systems, command communications, intelligence gathering or encryption.