DoD releases new IP strategy that is more flexible with industry, provides update on CMMC

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

The Defense Department is overhauling the way it approaches intellectual property to provide more give and take with businesses and to allow individualized agreements so the Pentagon can take full advantage of technologies in the private sector.

Along with the IP policy, DoD is preparing to unleash a acquisition strategy that will quicken the pace the department can buy software to keep up with its faster lifecycle.

Advertisement

Finally, at the beginning of November the Pentagon will release a new draft of its policy to protect the defense supply chain, with an eye on submitting the plan for approval at the beginning of 2020.

Intellectual property

DoD’s IP approach, released on Oct. 16, creates a new level of management called the IP Cadre, which will act as a guru for DoD agencies on matters like acquiring, licensing and managing IP.

“They will develop DoD guidance, training and assistance to the whole-of-government effort to address the protection of data rights, while we concurrently continue our defense against cybersecurity threats that target U.S. intellectual property,” DoD Undersecretary for Acquisition and Sustainment Ellen Lord said Friday at the Pentagon.

Lord said DoD is in the final stages of selecting a lead and staffing up the cadre will take place over the next several months.

“The cadre will be small and our intent is to have members advise, assist and provide resources to DoD components on IP matters various stages of the lifecycle system,” Lord said.

The strategy encourages customized IP strategies for each weapons system based on its unique characteristics. It also requires fully integrating IP planning into acquisition strategies, and allows for the negotiation of specialized provisions for IP products when it will help balance industry and DoD interests.

The policy also tells DoD leaders to communicate clearly with industry regarding planning, expectation and objectives regarding IP and upgrades or sustainment.

To implement the policy, program managers will assess long-term program requirements and ownership costs of IP produces for the entire life of a program.

Software

A new DoD software acquisition policy will soon be out in the public as well. It is based on recommendations made by the Defense Innovation Board.

“The key tenets include simplifying the acquisition model to enable continuous integration and delivery of software capability on timeline relevant to the warfighter and end user,” Lord said. “The policy involves the end user early and often in the development process. It establishes the software acquisition pathway as the preferred pathway for the acquisition of software-intensive systems. It establishes a framework to manage risk and enables successful software acquisition and development.”

The policy also structures contracts around iterative capabilities instead of traditional products.

DoD announced it would try to change its software acquisition policy back in May. DoD took first steps to change the way it handles software by asking Congress to specifically appropriate money for defense software in an attempt to change how quickly it can build and update software.

“Right now, we have different pools of money that we have to very carefully allocate,” Lord said in May. “What we’ve been talking to the appropriators about is writing in the 2020 defense authorization bill the opportunity to do multiple pilots where we would have just one line of funds for software development. The line could allow us to move back and forth between different stages to give us what I’ll call administrative flexibility.”

CMMC

Finally, DoD will release an updated draft of its Cybersecurity Maturity Model Certification (CMMC) in November and open it up for public comment.

“The CMMC establishes security as the foundation to acquisition and combines the various cybersecurity standards into one unified standard,” Lord said. The certification is aimed at protecting the defense supply chain and will make sure malicious software and hardware are not used in weapons systems.

DoD released its 0.4 version of CMMC in September, and received more than 2,000 comments, which are being reviewed and used for the final policy.

CMMC version 1.0 will go to the CMMC accreditation body in January 2020. The first requests for information that include CMMC requirements are set for release in June 2020 and the corresponding requests for proposals are slated for that fall.

“We in the DoD will continue to work with the defense industrial base to ensure that the supply chain and the interested parties are informed, prepared and properly positioned,” Lord said.

Copyright © 2019 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.