GSAW 2024 Evening Session
All times >> Pacific Standard Time
|Wednesday – February 28, 2024
5:300 PM – 8:30 PM PT
|Session A: Attestations 101. How To Prove Your Software And Supply Chain Are Secure
Leads: Joseph Yankel and Brent Clausner, Software Engineering Institute ♦ (bios)
|We will be detailing how attestations are used to prove software is being built as intended, but more importantly we will present the topic using open-source tools, real code examples, and use-cases along with the techniques of how this is implemented with CI pipelines. There are plenty of code examples and products that give information about supply chain security or fulfill a particular need, but we will discuss the cultural and organizational adjustments that are necessary to implement attestations that are not being discussed. A white house memorandum was issued in 2022 requiring US government agencies to begin utilizing artifacts such as software attestations and creating plans for building and acquiring secure software systems, but over a year later many organizations are still scrambling to even understand how to interpret the guidance given. That’s where we come in, as leaders in DevSecOps at the Software Engineering Institute, we have strong insight into the barriers (largely cultural) that has delayed implementation of software attestations and wider adoption across the government. We plan on demonstrating clear use-cases and solutions on how attestations are implemented, and discuss how developer, infrastructure/ops, and cyber personnel must work together to create the artifacts that are used in the attestation generation process. We believe that the audience will leave this presentation with a clearer understanding of how powerful attestations can be, but also come to realize how their own roles may need to change if they are part of the process.
|Session B: The DoD/IC Ontology Working Group
Leads: David Limbaugh, The National Geospatial-Intelligence Agency and Victor Rohr, The Aerospace Corporation ♦ (bio)
|The need for semantic consistency across vast and highly segregated volumes of data remains a critical issue for the Department of Defense and Intelligence communities. Semantic consistency is a shared understanding of what a group of terms (vocabulary) and relationships between these terms mean across groups of developers, subject matter experts and throughout an enterprise. Without this shared meaning, advanced analytics, artificial intelligence, machine learning (AI/ML) and desired automation provided by these technologies can provide incorrect results or fail due to faulty data interpretation.
Our intelligence communities have access to more data than ever before. Analytic processes generate even more data that can be leveraged for further analysis. Our Intelligence and Defense communities continue to seek out methodologies for harnessing of this ever-increasing volume of data, including the use of automation, but to date, the speed and potential of this objective is critically impaired due to data issues that include inconsistencies in data format, inconsistencies in how data is represented in software, lack of alternate names for terms (labels), and a lack of a formal language that specifies how data relates to other data (formal logic). Formal logic allows new facts and relationships to be inferred based on existing facts and relationships positively impacting analytics and AI/ML. The use of ontologies provides a path for reconciling these issues, but only if the ontologies are developed according to standards and best practices to encourage future utility, scalability, and interoperability. Adherence to these principles encourage reuse and enable cost reduction for development and maintenance of the ontologies. The DoD/IC Ontology Working Group serves as the forum through which these critical issues are being resolved. The working group seeks to identify and promote those best practices and standards that have proven successful in other domains. The current working group began as only 5 individuals in May 2019, and has continuously grown in interest and participation, attesting to the broad recognition of this critical issue, the need to address it, and the likelihood of success given the stated objectives and methodology of this particular working group.
The DoD/IC Ontology Working Group evening session will provide an overview of the working group as well as its methodology and rationale for building enduring, interoperable data architectures through ontology best practices. This Working Group has gained significant and growing interest. The session will be structured as a series of briefings and discussions on topics relating to ontologies, the DoD/IC Ontology Working Group, and key challenges relating to ontology development and use.
|Session C: An Introduction to the Boehm Center for Systems and Software Engineering (Boehm CSSE)
Lead: Brad Clark, Boehm Center for Systems and Software Engineering ♦ (bio)
|The Boehm Center for Systems and Software Engineering (Boehm CSSE) is a non-profit organization dedicated to pursuing the pioneering contributions of Professor Barry Boehm with an open and inclusive approach to related research. Boehm CSSE is dedicated to the education and development of the next generation system and software engineering leaders through coursework, research, and collaboration with engineering partners in industry, government, and other academic institutions. Through its research projects and industry collaborations, Boehm CSSE is also dedicated to the development and refinement of system and software engineering processes and tools that are useful to the engineering community and support the evolution of system and software engineering principles and practices.
Boehm CSSE is a cooperating organization of GSAW. This evening session will provide an overview of what Boehm CSSE offers its Members and Cooperating Organizations. There will be short presentations on the research being conducted on a new COCOMO III Software Cost Estimation Model, a scheduling model for COSYSMO, and a Research Mentorship Committee. Please join us and hear what this organization is doing to carry on Barry Boehm’s legacy. Perhaps you may even decide to join Boehm CSSE to support its work.
|Session D: How to Leverage & Integrate Traditional Aerospace Standards into Future Operations Utilizing MBSE & UAF
Lead: Steven (Steve) MacLaird, Object Management Group® (OMG®) & OMG Managed Programs: (Consortium of IT Software Quality™ (CISQ™), and Industrial Internet of Things® (IIC®), Digital Twin Consortium™ (DTC™), and Augmented Reality for Enterprise Alliance™ (AREA™) ♦ (bio)
|By providing an overview of OMG, its managed programs and how all standards (OMG’s and other agency(s)/Consortiums) are integrated on top of OMG’s Meta Object Facility (MOF) foundational platform, this session will discuss how to utilize and integrate aerospace standards into future missions. The presentation will call for USSF, SDA, and Industry to join the OMG and its various Task Forces (TFs) to shape standard specifications for future needs. That will entail seeking additional colleagues to help identify/select standards in the space domain, defining current areas that need standardization, and identifying areas for future known capabilities.
The speaker will introduce OMG, its managed programs and space standards. The Meta Object Facility of the OMG enables it to build frameworks, models, and standards that are ready to integrate and be validated through Model-Based Systems Engineering (MBSE). This will be followed by five (5) topics that are appropriate for that timespan.
Please note that items 1 & 2 above address forthcoming direction from the DoD CIO that will transition from DoDAF 2.02 based upon the Unified Modeling Language (UML) focused architecture to the Unified Architecture Framework (UAF) which is Systems Modeling Language (SysML) focused. Additionally, the Congressional directed Model Based Systems Engineering (MBSE) known in DoD as MOSA includes DoD’s modeling standard of choice, SysML 2.0, and will be defined as well as the 2.0 three elements. Finally, OMG has coupled ground systems standards that are being used around the world and others that are in development will be discussed.
The session will include an overview and discussion of engagement opportunities, including:
Key words: Architectures, Common Ontology Library, Communications, Frameworks, Meta Object Facility (MOF), Model Based Systems Engineering (MBSE), Modeling, Modular Open Systems Approach (MOSA), Ontology’s, Space, Specifications, & Standards, Systems Modeling Language (SysML), Unified UAF, and UML.
|Session E: Model Based Reviews Seminar sponsored by INCOSE LA
Leads: Rob Stevens, Robert Kellogg, Fredda Lerner ♦ (bios)
|Many program offices in government, industry, and FFRDCs are moving away from traditional document-based systems engineering practices and integrating model-based systems engineering (MBSE) approaches throughout the system lifecycle. Stakeholders now use descriptive models to communicate system definition characteristics such as requirements, V&V activities, architecture, interfaces, and ConOps. Throughout the lifecycle, milestone reviews play an important role in assessing a program’s readiness to proceed to the next phase. The review process relies on experts to assess if the program is meeting established review criteria. Review artifacts are now often captured in models expressed using standardized modeling techniques (such as SysML) rather than documents, so it is critical that reviewers know how to access, mine, read, understand, and evaluate these model products. We will discuss what MBSE brings to the table in the review process, and what reviews can look like in an environment where systems attributes are captured in “living” descriptive models versus static documents. We will also share perspectives on how to prepare for and conduct design reviews using MBSE practices.