1 year ago

Department of Defense INSTRUCTION


DoDI 5000.02, January 7,

DoDI 5000.02, January 7, 2015 unique risks; inclusion of software in technical reviews; identification, tracking, and reporting of metrics for software technical performance, process, progress, and quality; software safety and security considerations; and software development resources. Software assurance vulnerabilities and risk based remediation strategies will be assessed, planned for, and included in the Program Protection Plan (PPP). 12. RELIABILITY AND MAINTAINABILITY (R&M) a. The Program Manager will formulate a comprehensive R&M program using an appropriate strategy to ensure reliability and maintainability requirements are achieved. The program will consist of engineering activities including for example: R&M allocations, block diagrams and predictions; failure definitions and scoring criteria; failure mode, effects and criticality analysis; maintainability and built-in test demonstrations; reliability testing at the system and subsystem level; and a failure reporting, analysis, and corrective action system maintained through design, development, production, and sustainment. The R&M program is an integral part of the systems engineering process. b. For MDAPs, the Program Manager will prepare a preliminary Reliability, Availability, Maintainability and Cost Rationale (RAM-C) Report in support of the Milestone A decision. This report provides a quantitative basis for reliability requirements, and improves cost estimates and program planning. This report will be attached to the SEP at Milestone A, and updated in support of the Development RFP Release Decision Point, Milestone B, and Milestone C. c. Reliability growth curves (RGCs) will reflect the reliability growth strategy and be employed to plan, illustrate, and report reliability growth. RGCs will be included in the SEP at Milestone A and updated in the draft SEP submitted at the Development RFP Release Decision Point and in the final approved SEP and Test and Evaluation Master Plan submitted at Milestone B. RGCs will be stated in a series of intermediate goals and tracked through fully integrated, system-level test and evaluation events at least until the reliability threshold is achieved. If a single curve is not adequate to describe overall system reliability, curves for critical subsystems should also be employed. d. Program offices, developmental test agencies, and operational test agencies will assess the reliability growth required for the system to achieve its reliability threshold during testing, and report the results of those assessments to the acquisition chain of command including the MDA. e. Reliability growth will be monitored and reported throughout the acquisition process. Program managers will report the status of R&M objectives and/or thresholds as part of the formal design review process, and during systems engineering technical reviews or other reviews. RGCs will be employed to report reliability growth status at Defense Acquisition Executive Summary reviews. 13. PROGRAM PROTECTION. Program protection is the integrating process for managing risks to DoD warfighting capability from foreign intelligence collection; from hardware, Change 2, 02/02/2017 98 ENCLOSURE 3

DoDI 5000.02, January 7, 2015 software, and cyber vulnerability or supply chain exploitation; and from battlefield loss throughout the system life cycle. Where a DoD capability advantage derives from a DoD-unique or critical technology, program protection manages and controls the risk that the enabling technology will be lost to an adversary. Where a DoD capability advantage derives from the integration of commercially available or custom-developed components, program protection manages the risk that design vulnerabilities or supply chains will be exploited to destroy, modify, or exfiltrate critical data, degrade system performance, or decrease confidence in a system. Program protection also supports international partnership building and cooperative opportunities objectives by enabling the export of capabilities without compromising underlying U.S. technology advantages. a. PPP. Program managers will employ system security engineering practices and prepare a PPP to guide their efforts and the actions of others to manage the risks to critical program information and mission-critical functions and components associated with the program. The PPP will be submitted for MDA approval at each milestone review, beginning with Milestone A. For programs with the Defense Acquisition Executive as the MDA, PPPs will be submitted to the DASD(SE) not less than 45 calendar days prior to the relevant review. For Milestone B, the DoD Component-approved draft PPP will be provided to the DASD(SE) 45 days prior to the Development RFP Release Decision Point. Program managers should include the PPP in RFPs, and prepare updates to the PPP after any contract award to reflect the contractor’s approved technical approach and the details or necessary changes that were not available or appropriate prior to contract award. b. Countermeasures. Program managers will describe in their PPP the program’s critical program information and mission-critical functions and components; the threats to and vulnerabilities of these items; the plan to apply countermeasures to mitigate associated risks; and planning for exportability and potential foreign involvement. Countermeasures should include anti-tamper, exportability features, security (including cybersecurity, operations security, information security, personnel security, and physical security), secure system design, supply chain risk management, software assurance, anti-counterfeit practices, procurement strategies, and other mitigations in accordance with DoD Instruction 5200.39 (Reference (ai)), DoD Instruction 5200.44 (Reference (aj)), and DoD Instruction 8500.01 (Reference (x)). Program managers will submit the program’s Cybersecurity Strategy as part of every PPP. Countermeasures should mitigate or remediate vulnerabilities throughout the product life cycle, including design, development, developmental and operational testing, operations, sustainment, and disposal. Program managers will incorporate automated software vulnerability analysis tools throughout the life cycle and ensure remediation of software vulnerabilities is addressed in PPPs, test plans, and contract requirements Program Managers will implement the use of automated software vulnerability detection and analysis tools and ensure risk-based remediation of software vulnerabilities is addressed in PPPs, included in contract requirements, and verified through continued use of such tools and testing (as required by section 933 of P.L. 112-239, Reference (l)). 14. MODULAR OPEN SYSTEMS ARCHITECTURES APPROACH. Program managers are responsible for applying open systems approaches in product designs where feasible and cost- Change 2, 02/02/2017 99 ENCLOSURE 3