February 1, 2017 Abstract and optional full paper submission begins
May 26, 2017 Exhibit & Supporter registration opens
June 15, 2017 Abstract and optional extended abstract submission ends
June 29, 2017 Acceptance notifications sent
July 24, 2017 Submit final abstracts and presenter biographies
August 28, 2017 Submit final presentations and optional full papers

Abstract Details

<< Back to Schedule

9/27/2017  |   3:05 PM - 3:50 PM   |  Track 1 - Cyber Security

NDIA Workshop on Department of Defense and Industry Software Assurance Challenges and Capability Gaps Analysis

This presentation provides an analysis of the data gain obtained at a National Defense Industrial Association (NDIA) Workshop on Department of Defense (DoD) and Industry software assurance challenges and capability gaps. There is a general acknowledgement that software is a foundation of DoD’s military power and the building material for modern society. The primary and important mission capabilities of all current and foreseen weapons systems are implemented in software. The importance of software security and assurance as systems engineering design considerations has increased as DoD systems have become increasingly networked, software-intensive, and dependent on a complicated global supply chain. July 2016 the DoD Joint Federated Assurance Center (JFAC), Software Assurance Technical Working Group (TWG) stood up a working group to identify and articulate software assurance gaps. The working group comprised members of the Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics (OUSD (AT&L)), Army, Navy, Air Force and the National Security Agency (NSA) Center for Assured Software (CAS). Over the course of six months of analysis and discussions, the group identified sixty-three (63) gaps and grouped them into seven categories that span the Software/Systems Engineering Lifecycle. Most of the gaps have both programmatic and engineering implications. In addition, the Defense Science Board (DSB) also conducted a similar study. In June 2017, a workshop, held in collaboration with the DoD's Joint Federated Assurance Center (JFAC), was to request feedback from industry on the recent DoD and DSB reports on software assurance capability gaps within the DoD and collect industry's review and perspective of the government software assurance challenges and capability gaps as we develop, field, sustain, and support our Nation's warfighting capabilities. The format of the workshop was to have keynote speakers from JFAC and DSB Task Force along with facilitated group discussion and focused break-out sessions to develop a consolidated set of software assurance challenges and capability gaps. The presentation will address the enterprise software assurance capabilities gaps in the following categories: • Lifecycle planning & execution • Software assurance technology • Policy, guidance, process • Contracts, legal and software assurance metrics

This presentation has not yet been uploaded.

No handouts have been uploaded.

Thomas Hurt (Primary Presenter), DASD (SE),;
Mr. Thomas Hurt is the Director of the Joint Federated Assurance Center (JFAC) and lead for Software Assurance (SwA) in the Office of the Deputy Assistant Secretary of Defense for Systems Engineering (ODASD(SE)) within the Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics (OUSD(AT&L)). Before joining ODASD(SE), Mr. Hurt served as the Test and Evaluation Managers Committee lead for the U.S. Army Research, Development, and Engineering Command (RDECOM) Headquarters for the Army Test Executive. Mr. Hurt founded and led TeraStore and holds more than 30 U.S. and international patents on nanodevices and their quantum electrical and magnetic effects. Mr. Hurt started his career as an officer in the U.S. Marine Corps. He holds a bachelor's degree in electrical engineering from Capitol Technology University.

2017 Sponsors: IEEE and IEEE Computer Society