Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY - FEDBIZOPPS ISSUE OF MAY 21, 2017 FBO #5658
SOURCES SOUGHT

A -- Xdomain Technology Through Research, Evolution, Enhancement, Maintenance and Support (XTREEMS)

Notice Date
5/19/2017
 
Notice Type
Sources Sought
 
NAICS
541712 — Research and Development in the Physical, Engineering, and Life Sciences (except Biotechnology)
 
Contracting Office
Department of the Air Force, Air Force Materiel Command, AFRL/RIK - Rome, 26 Electronic Parkway, Rome, New York, 13441-4514, United States
 
ZIP Code
13441-4514
 
Solicitation Number
FA8750-17-R-0200
 
Point of Contact
Catherine L. White, Phone: 315-330-4849, Tina Panasci, Phone: 315-330-4364
 
E-Mail Address
Cahterine.White.7@us.af.mil, tina.panasci@us.af.mil
(Cahterine.White.7@us.af.mil, tina.panasci@us.af.mil)
 
Small Business Set-Aside
N/A
 
Description
Capable sources are sought to perform innovative research, technology assessment, technology transition, software development, integration, testing, technical documentation, assessment and authorization (A&A) support, deployment, familiarization, maintenance, and life cycle support for next-generation Cross Domain Solutions (CDS) and the Information Support Server Environment (ISSE) CDS suite of solutions. Sources with cleared personnel possessing both experience and knowledge as it pertains to the unique elements of classified systems; cross domain requirements; software development lifecycles; and the processes and certifications essential to supporting all phases of the CDS system lifecycle should respond and demonstrate this experience and knowledge through the qualifications of their available, cleared personnel. The primary effort will concentrate on innovative research, development, test, and evaluation of new Cross Domain Transfer Solution technologies that provide a premier level of security to critical network infrastructures while allowing for an intuitive administration and user experience to meet the operational information sharing requirements of the Air Force, Department of Defense (DoD), Intelligence Community (IC), and Coalition Partners. New development efforts will align with "Best Practices for CDS Design" strategies; while developing new components, filter sets, and source code; and advancing available components, filter sets, and source code from government and commercial entities. The development effort will leverage knowledge across AFRL, Air Force, DoD, IC and the CDS community to ensure a balanced approach to security and operations; and will occur in a manner that allows for system evolution and incremental release to support emerging needs of the CDS community in a timely fashion. This development effort will result in the availability of multi-domain, multi-purpose, cross domain transfer solutions that enable the secure, bi-directional flow of many data types between two or more security domains accredited for operation at different classification levels. The new solution will provide authorized users (and/or mission applications) the ability to securely transfer data between multiple (minimum of 12), interconnected security domains; while protecting the security domains from unauthorized access or malicious attack; and auditing all data transfers between security domains. Concurrently, the effort will concentrate on enhancement, deployment and support of the initial increment of the Next Generation Guard (NGG) CDS and the legacy Information Support Server Environment (ISSE) CDS suite of solutions utilized for secure Cross Domain Transfer by Air Force, DoD, IC and Coalition Partners. The ISSE CDS suite of solutions includes: Information Support Server Environment (ISSE) CDS, Analyst Notebook Transfer Xdomain (ANTiX) proxy, Filter Sets, Full Motion Video (FMV) adapters, ISSE in a Box (IIAB) - ISSE component Virtual Machines (VMs) hosted on a SecureView Type 1 hypervisor, Large File Slicer, Multi-Level Data Base Replication (MLDBR), Security And Workflow Enforcement Services (SAWES), and Web Services. As mission needs evolve, cross domain transfer requirements will continue to evolve resulting in the need for rapid research, enhancements, and deployment of the above mentioned systems and new cross domain solutions. Sources shall demonstrate the ability and experience to work with and maintain compliance with all government controls and policies to include, but not limited to, Export Control, Foreign Military Sales (FMS), International Traffic in Arms Regulations (ITAR) and TS/SCI security controls. Sources must demonstrate the experience and ability to support Intelligence and CD technologies development, test, Assessment & Authorization and maintenance. Focus areas target lifecycle functions and phases to include: studies, analyses, designs, recommendations, development, enhancements, integration management, configuration management, testing and evaluation, software/hardware installation, familiarization, A&A, and systems/network administration and operation. Initial Government estimates associated with this effort call for 60 Full Time Equivalents (FTEs) per year; with an effective ordering period (or Period of Performance) from approximately January 2019 to December 2023. In the course of performance, the successful offeror will interface with various agencies and commands throughout the DoD through electronic means; installations; on-site support; and site visits to DoD and U.S. Intelligence Communities, 5-Eyes coalition partners and NATO sites worldwide. The successful offeror will also provide technical engineering support to AFRL/RIE to assist with analysis, design, development, integration, testing and evaluation of new and existing solutions. Anticipated deliverables include: technical engineering throughout all aspects of the system and software lifecycle; technical, programmatic and gap analysis; prototype development; system and program administration; site support; security engineering; computer software, overview and technical documentation; engineering and security reports; installations analysis and support; and operations, maintenance and system administration services. Anticipated Contract Structure: An Indefinite-Delivery, Indefinite-Quantity, cost-plus-fixed-fee type contract is contemplated. An ordering period of 60 months is anticipated with Research & Development (R&D), Operations & Maintenance (O&M) and Procurement (PROC) Orders performing in parallel. R&D, O&M, and PROC appropriations from multiple DoD Agencies, Intelligence Community entities and United States Government agencies are also anticipated. Additional Contract Terms and Conditions: Foreign participation is excluded at the prime contractor and subcontractor level, unless authorized through a current, approved National Interest Determination (NID). All information generated or maintained under this effort is export controlled. Therefore, prospective offerors will be required to provide a completed and approved DD Form 2345 which certifies the offeror is on the Certified Contractors Access List (CCAL) or the offeror is seeking application to CCAL. For further information on CCAL, contact the Defense Logistics Information Service at 1-877-352-2255 or on the web at http://www.dlis.dla.mil/jcp/. It is solely the responsibility of the contractor to obtain an export license from the U. S. Department of State and to comply with the federal laws and regulations. Questions concerning the International Traffic in Arms Regulations (ITAR) and export licensing must be directed to the U.S. Department of State's Directorate of Defense Trade Controls and not the Air Force PMO, Contracting Office, or Air Force Foreign Disclosure Office. Data Rights: The Government desires unlimited data rights to all technical data; computer software; items, components or processes; computer software documentation, and hardware developed under this contract. As a minimum, the Government would require Government Purpose Rights (GPR). Capacity to Perform: The work requires a TS/SCI facility clearance, a SECRET safeguarding capability; and approximately 50 personnel with TS/SCI security clearances with existing expertise specific to the unique elements of CDS policy, programs, environments and processes. Approximately 25 personnel with TS/SCI clearances and 5 additional people with SECRET collateral clearance, all with required CDS experience, will be required for performance at time of award. An additional 25 TS/SCI and 5 SECRET cleared personnel are estimated within the first sixty (60) days after award. Interested parties are also advised, that to perform on the anticipated contract, the successful offeror will be required to have SIPRNet and JWICS access at time of award to work operational site tickets. To qualify as a responsible contractor, the Offeror must possess, or acquire prior to award of a contract, a facility clearance and safeguarding capability equal to the highest classification as stated above. Within 60 days after award the following must be in place: (a) Have an SCI certified vault facility or the ability to obtain access to such a shielded enclosure. (b) Have an SCI accredited and approved Automatic Data Processing System to run SCI information. Offeror must identify in its technical proposal the location and type of SCI accredited system that will be available to the program upon 60 days after award. Submission Instructions: Responses are requested from small businesses and will be used for market research purposes and to determine if a small business set-aside is appropriate. Please answer the below questions with no more than 20 pages. SECTION 1: Respondents must demonstrate knowledge and expertise in the following areas: A. Technical innovation in the CDS space B. Research, technology assessment, technology transition, software development, integration, testing, technical documentation, assessment and authorization (A&A) support, deployment, familiarization, maintenance, and life cycle support of Cross Domain Transfer Solutions (CDS) C. Development, test, deployment and support of tactical, point to point, and enterprise CDS D. Multi-Level Security technologies E. SE LINUX Operating Systems and SE LINUX policy development F. Solaris 10 Operating Systems and Solaris 10 Trusted Extensions (TX) G. Assessment and Authorization (A&A) processes in the Top Secret and Below Interoperability (TSABI) and Secret and Below Interoperability (SABI) CDS communities H. Security Guidance Documents a. "Best Practices for CDS Design" strategies b. NSA Inspection and Sanitation Guidance (ISG) c. NIST Risk Management Framework (RMF) and Security Controls Overlays, d. Committee on National Security Systems (CNSS) Instruction No. 1253 Security Categorization and Control Catalog Selection for National Security Systems and NIST Special Publication 800-53, Recommended Security Controls for Federal Information Systems and Organizations, e. Presidential Policy Directives (PPDs) on CyberSecurity, Critical Infrastructure Security and Resilience f. Intelligence Community Directive (ICD) 503 g. Director of Central Intelligence Directive (DCID) 6/3 h. Defense Intelligence Integrator's Guide (DIIG) I. Unified Cross Domain Services Management Office (UCDSMO), DoDIIS Cross Domain Management Office (DCDMO), and Cross Domain Support Element (CDSE) Offices policies and procedures J. Air Force, DoD, and Intelligence Community IT Risk Management and Compliance Solutions (e.g. SEIBEL, Xacta, etc.) K. Information systems that reside on JWICS, SIPRNET, NIPRNET as well as information systems that cross security domains (e.g. information transfer between JWICS & SIPRNET and SIPRNET & NIPRNET) L. General knowledge of Service Oriented Architecture (SOA) and its applicability to a cross domain environment M. Public Key Infrastructure (PKI) N. File composition and structure for MS Office products and common file types used by Air Force, DoD, IC, and USG Agencies O. Lightweight Directory Access Protocol (LDAP)/Full Service Directories (FSD) P. Filter Orchestration engines Q. Filter Set Development and enhancement R. XML S. Structured Message types (e.g. USMTF, OTH-GOLD) T. Existing Filter/Sanitization/Cleansing technologies SECTION 2: Respondents must demonstrate the capability to rapidly establish a knowledge base and support structure for the underlying technologies, OS, and system concepts for the legacy Suite of Cross Domain Solutions, including: I. Next Generation Guard (NGG) CDS II. Information Support Server Environment (ISSE) CDS III. Analyst Notebook Transfer Xdomain (ANTiX) proxy IV. Biometrics filters, leveraged by ISSE V. Data Sync Plus for database replication VI. Filter Sets, leverage by ISSE VII. Full Motion Video (FMV) Adapters VIII. ISSE API IX. ISSE in a Box (IIAB) - ISSE component Virtual Machines (VMs) hosted on a SecureView Type 1 hypervisor X. Large File Slicer (Slicer) Adapters and its variants XI. Multi-Level Data Base Replication (MLDBR) XII. Secure Cross domain ORchestration Engine (SCORE) XIII. Security And Workflow Enforcement Services (SAWES) XIV. Web Services, leveraged by ISSE SECTION 3: In addition to the discussion of the respondent's capabilities to support the areas listed above, the below information should be provided. Please reference Section and question number with each response as follows. 1. Respondents must reference the solicitation number, and the respondent's company name, company address, point of contact, telephone number, e-mail address, Commercial And Government Entity (CAGE) code and size of the organization (i.e. large business, small business) used as the basis for the response. 2. Respondents to this announcement should indicate whether they are a small business, Native Indian, 8(a) concern, veteran-owned small business, service-disabled veteran-owned small business, HUBZone small business, small disadvantaged business or women-owned small business. 3. Provide a completed and approved DD Form 2345 which certifies the offeror is on the Certified Contractors Access List (CCAL) or the offeror is seeking application to CCAL. 4. Identify at least three (3) previous or ongoing contracts / programs / efforts with Government, commercial, academic, or other customers performed within the last three (3) years which are relevant to the technical aspects of this advance notice, especially in support of highly complex, Intra-Domain and Cross Domain software development requirements. Include a brief description of the work, an explanation of its relevance to the technical requirements, and the performance period, value, and current customer points of contact. 5. Indicate whether the company's accounting system is approved by DCAA or DCMA. If not, indicate how the company will financially administer a cost-reimbursement type contract. 6. Indicate how many people the company employs. Indicate whether additional personnel will have to be hired to perform this effort. For a company leveraging personnel within the organization or outside hires or teammates, indicate how many TS/SCI and Secret cleared personnel are currently available against the expressed need; provide a break-out by security level and available qualifications and experience level and explain how the company proposes to fulfill the remainder of the required number of the TS/SCI and Secret positions. Indicate whether the company is a foreign-owned/foreign-controlled firm and whether the company contemplates the use of foreign national employees on this effort. 7. Briefly describe the key focus factors when supporting Cross Domain transfer systems and how they differ from non-CD application support. 8. Briefly describe the company's experience and knowledge of the unique elements of cross domain systems, development, Assessment & Authorization and maintenance; clearly identifying activities performed and those for which the company's roll was limited to support or oversight. 9. Explain the company's experience and capability across all aspects of the program that require support: program management, technology assessment, software design, development, enhancement, maintenance, deployment, support, test, modification, system engineering, etc. 10. Provide a discussion of the company's software development methodology to include process certification (e.g. CMMI). Provide evidence that the organization has adapted a well-defined, standard development process (e.g. Agile or similar approach) or matured an existing approach through a process improvement methodology. Indicate process level achieved and certified. Explain what makes this process the best for this effort. 11. Identify the company's experience and capability with regard to software development, intra-domain technologies and cross domain technologies. Identify experienced and certified technical and management personnel with knowledge of Assessment and Authorization (A&A), site Security Testing, and Penetration Testing of Cross Domain Solutions. Provide information on software developed that successfully completed Top Secret and Below Interoperability (TSABI) and Secret and Below Interoperability (SABI) A&A and has been used successfully within the last 2 years. 12. Identify areas where the company would require subcontracting or a teaming arrangement(s). Provide a plan for teaming that includes information on the Prime and the teammate(s), the CDS experience of each, experience of teaming in this manner for a similar CDS effort, and why teaming is the best approach for this effort. 13. Provide evidence of experience of conducting a site survey, defining hardware deficiencies, recommending hardware solutions, providing hardware specifications, conducting hardware acquisitions and delivery to a user site, and providing oversight of installation, test and acceptance at a user site for CONUS and OCONUS deployments. 14. Address the company's commitment to establishing, maintaining and utilizing hardware and software configurations equivalent to those deployed and those under development for use in troubleshooting and problem investigation, system development, integration, test, evaluation, and training. The anticipated contract vehicle will not provide Government Furnished Property (GFP) for this effort, and the offeror must show an ability and willingness to provide for these configurations upon award. 15. Provide past experience of successfully leveraging research efforts from government and industry and incorporating that knowledge, code, or module into a cross domain system for deployment to mission sites. For the technology transfer efforts addressed explain how the technology was located, evaluated, integrated, and supported. 16. Provide a methodology to illustrate how the company would establish a knowledge base and support structure for the underlying technologies, OS, and system concepts for the legacy Suite of Cross Domain Solutions, 17. Describe how the company would meet the FAR 52.219-14 requirement "Limitations on Subcontracting;" whereby at least 50% of the cost of contract performance incurred for personnel must be expended for employees of the small business, while meeting all the requirements of the contract. 18. Briefly describe the company's experience and ability to support work with Intelligence and Export controlled material and interaction with foreign entities. Include ability and experience with ITAR compliance, Foreign Military Sales (FMS) and working with the IC in managing export control information and technologies under government contracts. Describe the company's experience and ability to support overseas travel for meetings, deployments, and intelligence events; and ability to support compliance with country overseas travel policies for locations such as AFG, AUS, CAN, GBR, GER, NZL, and KOR. Sources shall demonstrate the ability and experience to work with and maintain compliance with all government controls and policies to include, but not limited to, Export Control, Foreign Military Sales (FMS), International Traffic in Arms Regulations (ITAR) and TS/SCI security controls. Sources must demonstrate the experience and ability to support Intelligence and CD technologies development, test, Assessment & Authorization and maintenance. Focus areas target lifecycle functions and phases to include: studies, analyses, designs, recommendations, development, enhancements, integration management, configuration management, testing and evaluation, software/hardware installation, familiarization, A&A, and systems/network administration and operation. All responses shall be submitted via email to all Points of Contact listed below by 9 June 2017. Points of Contact: Contracting Officer Catherine L. White Phone: 315-330-4849 Email: Catherine.white.7@us.af.mil Contract Specialist Tina Panasci Phone: 315-330-4364 Email: Tina.Panasci@us.af.mil
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/USAF/AFMC/AFRLRRS/FA8750-17-R-0200/listing.html)
 
Record
SN04516053-W 20170521/170519235212-feb51e0b58722636137fc63fbc2d1f23 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.