Defense Industry

3 Newcomer Tips for Traveling the Defense Acquisition Industry

A strange language, a new culture, and a unique landscape best describes what one would experience if traveling to a distant country. Traveling to new places and experiencing different cultures can be an enlightening adventure, but it will come with certain difficulties. Defense acquisitions can be the same as traveling to a new place. Known as the world’s most difficult and complex acquisition system, the U.S. defense acquisition operation is much like visiting an unknown country. I have the privilege of exploring this new country, and it’s an experience that I cannot forget.

My first encounter in defense acquisitions was eye opening. It was unlike anything I’ve ever experienced before, and it came with a ton of questions. First, what even is defense acquisitions? Up to this point, I have had zero contact with the defense world in any respect. Imagine being dropped off in a country that doesn’t speak your language, that was my first encounter. I was hired as a program analyst for a defense contracting company, and thankfully, my boss knew my ignorance and guided me into Defense Acquisition University classes and office explanations. This significantly reduced the culture shock and confusion. Slowly, I began to learn this new language and understand the culture of defense and industry. Almost one year has passed since I began this journey, and trust me, I’m nowhere close to being an expert. Defense acquisitions can be daunting for the beginner; fortunately, I had help with my understanding of the system. The first help was a mentor who was knowledgeable of the system. Someone who can spend one-on-one time with you and explain the little details will be an asset to one’s journey. The second help is Defense Acquisition University (DAU) classes. DAU offers online courses that takes one through the entire process of defense acquisitions. This is crucial and necessary to understand and to move forward in a defense career. Lastly, a group of experienced people that one can network and share information. I’m lucky to be able to attend a Friday breakfast group that deals with defense works in their separate businesses and lives. I usually sit back and listen to the wisdom of years of experience and advice.

Defense acquisitions can be overwhelming as a newcomer. If one has the resources and the help, it can be conquered. Utilize these three tips to gain priceless wisdom of what to do and what not to do while traveling the defense world.

1. Find a mentor to guide you one-on-one, this makes the learning process much easier.

2. Take DAU online courses, for many companies it is a requirement, and it gives you a leg up on the competition.

3. Build relationships with those who have endured the learning and have been successful in the industry.

Matthew Nini Sheppard.jpg

By: Matthew Sheppard

​The Fallacy of “Low Hanging Fruit”

We were in discussions with a prospective client about supporting their efforts within the DoD space, and one of the directors made a comment about “low hanging fruit.” He proceeded to say that they weren’t interested in taking years to build opportunities or relationships and want the low hanging fruit that will provide quick revenue streams for their product lines.  There are multiple issues with this scenario that need to be addressed.  

1. No such thing as “Low Hanging Fruit”: The Urban Dictionary provides a great definition of targets or goals which are easily achievable and which do not require a lot of effort.  OTAs are the closest thing to low hanging fruit that I know of and they still take a lot up front work to get to the winner’s circle. Typically, it will take two years or more before you break into a serious contract.  

2. Defense Is Unlike Other Industries: The amount of information required to understand the defense industry is a barrier to entry for most businesses.  Sometimes it takes years to break in and then you are still bogged down with cyber, reporting, and other regulatory requirements.

3. Education and Understanding: There are multiple ways to attack this, but it all takes time, effort, and money.  For most small businesses, there isn’t enough of this to go around. Three potential courses of action (COAs).

a. COA 1 - Do It on Your Own – Find your local PTAC and get signed up for classes.  
b. COA 2 - Hired Gun – Hire a part-time consultant to help.  
c. COA 3 - Capital Investment – Hire a great BD professional who knows the business.

4. Skin in The Game:  Are you willing to put some skin in the game?  This gives your potential customers confidence in your ability to withstand the peaks and valleys that come in the defense business.  

Are you willing to take the time to build meaningful relationships and learn the business?  Are you willing to spend the money in education and resources to learn the business?  Are you willing to risk everything to enter the Defense Industry?  

At the end of the day you must ask yourself – “What are you willing to do to get to where you want in the Defense Industry?”  

NIST 800-171 Compliance for Small Business

Small organizations that are working on military platforms…or hope to in the future…face a difficult challenge.   Late last year, the Department of Defense (DOD) implemented a DFARS clause (204.252-7012) that requires compliance with a cyber security standard called NIST 800-171.

The standard is focused on a specific set of data referred to as Controlled Unclassified Data (CUI).  At a high level this data includes design specifications, product material data, and procedures used to engineer, test, and manufacture both land and air-based military platforms.   It has 110 requirements that include a mix of technical and process controls focused on protecting CUI.   An organization’s inability to comply with the requirements effectively serves as a barrier to entry for working in the industry.  Many proposal solicitations are requiring compliance with the standard as a qualifier for bidding on a project. 

No-Nonsense Approach

So, where do you begin?  For small companies, meeting NIST 800-171 requirements can be especially difficult…but there are a few simple steps that can simplify the process.

1)     Minimize the “footprint” of CUI data.  In other words, try to keep the physical and virtual versions in common storage areas.   Keep it off individual desktops/laptops and on a consolidated server.

2)     Do not use email to exchange CUI data with partners, vendors, or customers.   Utilize secure data exchange frameworks that are available from most tier 1 vendors.

3)     Leverage commercially available templates for process content (policies, incident response plan, awareness training, System Security Plan). 

4)     Have a 3rd party help you with areas of the NIST standard that require clarification.  Most consulting firms are open to answering some questions without charging for a full engagement.   Be honest and tell them that you don’t really need help but had a few questions you were hoping they could answer (but keep it to 1-3 total questions).  

Immediate Action Items

Near term, the most important details to complete are the system security plan (SSP) and plan of action (POA).  The SSP defines scope and approach for compliance while the POA provides a timeline for addressing identified gaps.  Both items were due for completion at the end of 2017.  Online resources like the CSET self-assessment tool can help with identifying compliance gaps and developing the remediation plan.   There are also online templates available for the SSP and POA, which can speed up the process of developing and completing the document.    

Keep in mind that the goal of NIST 800-171 is to protect information that is largely digital so many of the required controls will deal with computer and network technology.   If an organization does not have internal expertise to help sort through the technical details, this part of compliance is where money is best invested with external (consulting) assistance to identify gaps and develop a plan to address them.  

Planned Implementation

Once the SSP and POA are completed, the balance of NIST 800-171 compliance is reliant on following the defined implementation plan.  As the project evolves, any unforeseen obstacles or delays will necessitate updates to the POA.  Stay on top of the schedule and track progress accordingly.  Store all related documentation in a common network folder and when the program is fully implemented, plan on conducting an annual audit, risk assessment, and security assessment.   

By Guest Blogger: Rob Cote of Security Vitals

Lasting Lesson from an OPD Session

Sitting with the officers of a high-powered Field Artillery unit, we thought we were the best thing since sliced bread.  The Battalion Commander proceeded to ask each of us what we considered a successful career within our given profession.  Our answers were most likely typical responses from young company grade officers; Battalion Command is what flowed around the circle.  Each of us thought this was the pinnacle of a successful career.  He proceeded to take the wind out of our sails and provide a lesson that has stuck for years.  He took about 20 minutes to teach us about professionalism through learning.  As he put it, becoming a “student” of your profession is more important than any other trait, and that will make you successful.  How does one become a “student” of any profession?  

1. Education
2. Training
3. Seek out a Mentor
4. Mentorship
5. Relationships
6. Networks

Master these items above, and success will happen. 

Written By: Mark Bigelow

What are the Characteristics of a Good Performance Parameter?

willys-jeep-mb-2745709_1920.png
 
does not equal sign.png
us-army-2526752_1920.jpg

Too often today, legacy performance requirements are invoked on new military ground vehicle programs without giving any thought to whether they will result in a suitable capability or not.  It is assumed that by invoking legacy requirements from the M1 or Bradley, that a new vehicle program will enjoy comparable performance.  That is simply not the case.

So, if available legacy performance requirements are insufficient to ensure suitable operational capability, what characteristics need to be considered for updated performance parameters?  There are a few.  

First and foremost, each invoked performance metric should be operationally relevant.  That means that metrics should assess capabilities required to complete an operational mission; not simply testing for testing sake.  One example of this type of outdated metric is the ability to ascend and descend a paved 60% grade.  Paved 60% surfaces occur nowhere except at test facilities.  Paved roads grades are typically capped at no more than 8%, but may have short stretches up to 15% grades; well below the typical legacy test requirement for military vehicles. It is understood that military vehicles should be able to traverse terrain that may not be passable by commercial vehicles.  So, is there a better way to assess a military vehicle’s capability to ascend and descend grades?  The answer is ‘Yes”.  Instead of evaluating a vehicle’s grade climbing ability on a dry solid surface, it would be more operationally relevant to assess that capability on natural soil.  

Another feature of good performance parameters is a metric that assesses multiple vehicle features with a single test.  An example of a multidimensional metric is speed on grade.  This parameter considers such features as torque available at the drive sprocket or wheel hubs, capability of the cooling system to stay within operating temperature limits when under load for an extended time and transmission gear ratios and shift points.

The last key feature of good metrics is those that are unambiguous.  Good metrics identify test conditions such as weight (curb, gross vehicle, or both), (air conditioning on or off), fuel type, air temperature, etc. as well as a detailed test procedure.

The bottom line is there are performance parameters that are much better suited to providing appropriate operational capabilities than those invoked on many legacy vehicle systems.  Requirement developers and testers need to try and avoid simply plagiarizing metrics from previous programs and ask themselves “Is there a better way?’

Guest Blog Written By:
Bill Ross, Sr. Mobility Systems Engineer
Nevada Automotive Test Center 

How the Money Flows – A Simplified Look from My Foxhole

Now that we have an approved Budget; what’s next?  When will we see new start contracts for a given year?  

1. President’s Budget
2. Congressional Approved
3. Appropriations – HASC + SASC approval
4. Signed into Law
5. OSD - Office of the Secretary of Defense
6. Service Branch
7. Major Commands
8. Subordinate Commands
9. Program Executive Office or Tiered Command
10. Program Office
11. Product Office

The total process takes months to complete.  Being that we are at #3 today, it will still take upwards of 60 days or more to trickle down the line to #10.  

Yes, we can get into an entirely different discussion on how the services and program offices request funding but that’s too over-the-top for the typical industry partner.  This is a very simplified look from my understanding of the process on how the money flows. 

Written By: Mark Bigelow

Mettle Ops Government Deal Enforces Values and Ensures Safety

Mettle Ops and TARDEC Team Up to Increase Soldier Survivability Efforts

Sterling Heights, MI – A recent deal between Mettle Ops and U.S. Army Tank-Automotive Research Development and Engineering Center (TARDEC) puts soldiers’ survival as number one priority. Mettle Ops’ first major signed contract, known as the DoD (Department of Defense) Ordnance Technology Consortium (DOTC) Other Transaction Agreement (OTA) Contract, totals $9.1 million. In this agreement, both parties will focus on survivability efforts to provide soldiers with equipment better protecting them in wartime environments.

“Increased survivability for soldiers means more soldiers come home with less long-term health problems,” states Katie Bigelow, President of Mettle Ops. 

Both Mettle Ops and TARDEC have unique specializations, and this collaboration makes for a well-rounded service provider. 

Mettle Ops is responsible for the program management, design, modeling and simulations, analysis, and documentation aspect of the process for the agreement. 

Some of TARDEC’s contributions to the deal include:
• Identification and evaluation of passive, reactive, active, and blast mitigation material solutions in a lab environment for use on DoD ground platforms and high value assets
• Employment of high fidelity finite element analysis tools to derive novel target material solution candidates in composite, integral, or appliqué orientations
• Development of test articles applicable to ground platform applications and high value assets
• Testing of various actual and/or surrogate weapon systems against their developed material solutions

The deal will provide both virtual and physical prototypes for tracked and wheeled ground vehicles, specifically Abrams Main Battle Tank, Bradley Fighting Vehicle, Armored Multi-Purpose Vehicle, Combat Vehicle Prototype, and Next Generation Combat Vehicle. 

TARDEC is continuously seeking the latest technologies to affordably and effectively enhance vehicle and crew survivability for existing and future ground vehicle systems. This collaboration with Mettle Ops will assist TARDEC in achieving its goals. 

“Our chief goal is to serve the warfighter.  Survivability effort deals like this provide soldiers with equipment that protects them better in wartime environments,” Bigelow said. 

Both organizations are committed to providing consumers with high-quality, efficient products with safety as the number one priority.