Consider the following articles (which I've cut up, rephrased or otherwise hashed to my own end -- so read the article itself at the links for accuracy of its message).
Defense Spending Red Tape Endangers Cybersecurity
The Navy is using Windows XP because complicated spending rules have prevented a better upgrade. [I only quit using XP recently at home because my computer crashed -- and I couldn't buy a new one with it. It was not a spending rule that prevented me; it was the industry that didn't want me to go there notwithstanding my serenity with what I already had.]Defense Department's New Definition of "Commercial Item" Will Save Money
The Navy renewed its contract to operate its computers using Windows XP. But, the Navy entered into a $9 million contract with Microsoft to continue to provide security patches for it. [What would the cost have been to upgrade its entire computer architecture to, say, Windows 8?]
The government is moving too slowly to fund and acquire the latest technology, which could not only waste taxpayer dollars but also endanger federal cybersecurity. A panel of experts on Monday noted that the conservative procurement practices of the federal government can't keep up with the high-risk culture of tech industry startups, which innovate at a rapid pace and are increasingly a target for acquisition by larger businesses.
Cybersecurity is one area in which agencies appear to have failed to take advantage of private sector innovation. “Products for IT get overlapped by new software within six months,” Erica McCann, director of federal procurement for the Information Technology Alliance for the Public Sector tech trade association, explains. Agencies like the Defense Department use outdated software because procurement rules at the General Services Administration require programs to be on the market for two years to be eligible for government use, she said.
“Selling to the federal government is so arcane that many companies opt out, especially start-ups or newer IT companies that are used to a much faster pace,” James Lewis, a cybersecurity researcher at the Center for Strategic and International Studies, says. “Funding for start-ups runs into problems over who owns the intellectual property. [Intellectual property] is the single biggest asset for most startups and federal rules can put it at risk, making it unattractive to do business with the U.S. government.” Startups have to be particularly patient when working with the government since receiving funding can take months or years, as can the process of meeting government regulations, he says.
“The political system is not good at making long-run investments with uncertain impacts,” Ben Bernanke, former chairman of the Federal Reserve said during the panel discussion. Michael O’Hanlon, a research director at the Brookings Institution think tank, said “the overall system is not fundamentally broken; there are parts of it that are broken, in my mind.” Congress and agencies, however, are working harder than ever to make it easier to buy products from the tech sector, McCann says.
Defense Secretary Ashton Carter has recently tried to attract programmers to work with the government to boost its IT staff instead of taking a higher paying job at a private sector firm. These efforts included opening a full-time DoD outreach office in Silicon Valley, called the Defense Innovation Unit Experimental.
The Department of Defense (DoD) is taking a major step in stopping the waste of taxpayer dollars. DoD sent a legislative proposal to Congress to narrow the definition of a "commercial item" to mean goods or services that are actually sold to the general public in "like quantities." This proposal is a huge improvement over the current definition, a broadly worded definition open to abuse because it includes good or services “of a type” that are “offered” for sale or lease.
Why does this matter? Once a good or service is considered “commercial,” the government has little to no information about the relative cost of a good or service, and has little ability to audit the numbers behind the cost that the government is paying. If the new definition becomes law, DoD will no longer have to buy C-17s, C-130Js, or billions of dollars of specialized weapons-related subsystems (see pages 8-10) as commercial items. This should yield savings for taxpayers, as it has in the past. In 2006, for example, the conversion of the C-130J from a commercial item, which caused the repricing of 39 aircraft, resulted in “institutional net savings of $168 [million]” — thank you, Senator John McCain (R-AZ, who was credited with the Air Force’s actions).
Our most recent recommendation to alter the definition of a commercial item came in 2011, when we asked Congress to re-establish the taxpayer-protection checks and balances that have been removed from the contracting system, including requiring contractors to provide cost or pricing data to the government for all contracts except those where the actual goods or services being provided are sold in substantial quantities in the commercial marketplace.
Unfortunately, many government commercial item purchases have been awash in wasteful spending based on the elasticity of the current definition. Items with little or no commercial market availability were easily labeled as commercial, and were purchased on a sole source basis (i.e., non-competitive contracting) with no objections by government acquisition staff or reviews by auditors. The “commercial item” definition was developed by industry and enacted into law in the 1990s (as part of so-called “acquisition reform”) precisely in order to prevent the contracting agencies from obtaining cost or pricing data when adequate price competition—which exists in real commercial markets—does not exist. The law should more accurately have been called the “sole source contracting without cost or pricing data act.”
Not surprisingly, the contracting industry is opposing DoD’s proposal, claiming that competition will suffer as certain companies won’t do business with the federal government because of stricter contracting rules. The benefit of the current definition—for contractors at least—is that it permits sole source without cost or pricing data. This is because once an item or service is labeled as “commercial,” (under an extraordinarily creative definition), the government is legally denied access to certified cost or pricing data which is used to ensure that the items or services being purchased are reasonably priced.
Years ago, a DoD Inspector General (IG) audit report about an $860 million contract for spare parts used on weapon systems found that “higher prices were paid for commercial items” because “there was no competitive commercial market to ensure the reasonableness of prices.” According to the report, the contractor, Hamilton Sundstrand Corporation, “refused to provide [Defense Logistics Agency] contracting officers with ‘uncertified’ cost or pricing data for commercial catalog items, and terminated Government access to the Sundstrand cost history system”; and “guidance on commercial items qualified any item ‘offered for sale … to the general public’ as a commercial item without clearly addressing commercial pricing concerns, particularly when DoD was the primary customer procuring significantly larger quantities than other commercial customers.”
The DoD proposal would put an end to the kinds of disputes highlighted in that report. In fact, DoD’s analysis states:
For example, GAO Report 06-838R dated July 7, 2006, cites “adequate pricing” as one of five key area vulnerabilities of the DoD. In part, the report states that “Also, DoD sometimes uses commercial item procedures to procure items that are misclassified as commercial items and therefore not subject to the forces of a competitive marketplace. While the use of commercial item procedures is an acceptable practice, misclassification of items as commercial can leave DoD vulnerable to accepting prices that are not the best value for the department.”
These amendments of the law would prompt commensurate adjustments of the Federal Acquisition Regulation and ensure that commercial goods and services are acquired by the DoD and other Federal agencies only at fair and reasonable prices consistent with comparable sales actually observed in the competitive marketplace.
Further reading:
GAO: Commercial Item Test Program Beneficial, but Actions Needed to Mitigate Potential Risks
the Coast Guard's Aviation Logistics Center used the test program for 139 of 370 new awards that fell within test program thresholds, whereas its Headquarters Contract Operations used the test program for only 3 of 164 new awards. Coast Guard officials explained that the commercial nature of the parts and services bought by the Aviation Logistics Center lends itself to using the test program, while the headquarters office used existing contracts, which can be another means to fulfill recurring needs for commercial supplies such as information technology services.DOD: Commercial Item Handbook
DOD: Guidebook for the Acquisition of Services
GSA/DOD: Improving Cybersecurity and Resilience through Acquisition
The cost of not using basic cybersecurity measures would be a significant detriment to contractor and Federal business operations, resulting in reduced system performance and the potential loss of valuable information. It is also recognized that prudent business practices designed to protect an information system are typically a common part of everyday operations. As a result, the benefit of protecting and reducing vulnerabilities to information systems through baseline cybersecurity requirements offers substantial value to contractors and the Government.THE Department of Defense Cyber Strategy April 2015
The baseline should be expressed in the technical requirements for the acquisition and should include performance measures to ensure the baseline is maintained and risks are identified throughout the lifespan of the product or service acquired. Due to resource constraints and the varying risk profiles of Federal acquisitions, the government should take an incremental, risk-based approach to increasing cybersecurity requirements in its contracts beyond the baseline.
Over the last ten years Internet access increased by over two billion people across the globe. Yet these same qualities of openness and dynamism that led to the Internet’s rapid expansion now provide dangerous state and non-state actors with a means to undermine U.S. interests. We are vulnerable in this wired world.The Future is Coming Much Faster than we Think, Here’s Why
The Internet was not originally designed with security in mind, but as an open system to allow scientists and researchers to send data to one another quickly. Without strong investments in cybersecurity and cyber defenses, data systems remain open and susceptible to rudimentary and dangerous forms of exploitation and attack.
Governments, companies, and organizations must carefully prioritize the systems and data that they need to protect, assess risks and hazards, and make prudent investments in cybersecurity and cyber defense capabilities to achieve their security goals and objectives. Behind these defense investments, organizations of every kind must build business continuity plans and be ready to operate in a degraded cyber environment where access to networks and data is uncertain. To mitigate risks in cyberspace requires a comprehensive strategy to counter and if necessary withstand disruptive and destructive attacks.
To succeed in its missions the Defense Department must operate in partnership with other Departments and Agencies, international allies and partners, state and local governments, and, most importantly, the private sector.
Samsung Unveils The World's Largest Hard Drive, Boasting 16 TB In A 2.5-Inch Case
This is a pretty significant announcement. Flash memory is generally faster than its disc-spinning counterpart, although it generally doesn't offer the highest amounts of storage. This drive, however, offers much more than the largest conventional drives made by Western Digital or Seagate, which max out at around 10 TB.The Flash Storage Revolution Is Here
So how is Samsung able to make such a large hard drive – its actual capacity clocks in at 15.36 TB? The secret is the company's new 256-GB NAND flash die, which is two times as impressive as the 128 GB NAND dies that were put into commercial use by storage makers last year. Samsung announced the new tech by showing off a server with 48 of these new hard drives at the summit in California. It is able to handle up to 2 million input/output operations each second.
You’ve likely heard about Samsung’s 16TB hard drive, by far the world’s largest. That is an eye-popping number, a large enough leap forward that it’s difficult to fully process. And the most exciting thing about that 16TB hard drive? It’s just a hint of what’s coming next. It won’t be long at all, though, before they find their way into personal computers, even laptops. “I would expect in three to five years, for a 2.5-inch 16TB SSD to be in a workstation-class notebook,” says Patrick Moorhead, president and principal analyst of Moor Insights & Strategy.
Moorhead notes that despite our recent migration to the cloud, hard drives of that magnitude would obviate much of the need to borrow some massive, faceless tech company’s digital locker to stash our stuff. That amount of room could enable localized smart home solutions that offer more privacy and security than leaning on the cloud currently does.
Intel and Micron recently announced that they’re working on something quite similar, though they don’t expect to produce consumer devices based on the technology until early next year. Toshiba has dabbled in 3D NAND, with products expected by the end of next year. All of them have the systems in place to produce equally, if not more, impressive drives. Samsung left the starting block first, but that may not matter much in a race that will be measured in years.
The implications of storage breakthroughs like this go beyond data centers and laptops, though. “Memory and storage are the two things that are holding up huge innovations in biotech, in design, and for that matter even artificial intelligence,” Moorhead says. “They’ve become a fundamental building block for moving the industry forward. These big innovations at the top trickle their way down into cars, into phones, over a five to seven year period.”
As exciting as a 16TB SSD may be, it still represents an iterative step, a manufacturing trick that found new ways to stuff the same basic pieces into increasingly smaller spaces.
The potentially much bigger breakthrough? Intel and Micro’s 3D XPoint (pronounced “crosspoint”) technology, which completely rethinks the way we’ve been making memory for years. “I think the design change is more exciting,” says Moorhead. “It’s a radical, different design that nobody has, versus taking your memory to the next node, which is essentially Moore’s Law.”Intel, Micron develop 3D XPoint as an eventual successor to NAND flash memory
Rather than rely on transistors to store information, as traditional flash memory does, 3D Xpoint deploys a microscopic mesh of wires, coordinated by something called a “selector” that can be stacked on top of one another.
The result is “non-volatile” storage, meaning it holds onto its data even when the power’s off, that’s 1,000 times faster than NAND flash, and 10 times denser than the volatile DRAM (dynamic random access memory) that PCs use to keep track of temporary data. In other words, it’s a single solution that can handle both memory and storage, and do both better, in most ways, than anything currently available. “Any artificial intelligence or object recognition you want to have on a device works a lot better with XPoint … The more you can put into that really fast memory space, the better your artificial intelligence is going to be,” says Moorhead.
Intel has said not to expect any 3D Xpoint products until next year, but when they appear they’ll be in a position to transform multiple industries, from the esoteric to the squarely consumer-focused.
This development comes at a crucial time during these early days of the Internet of Things. 3D XPoint, which can write up to 40 terabytes per day; SSD NAND, which can write up to 40 gigabytes in a day.
Memory speeds were already proving to be a constraint on processor operations in 2013, when the world generated a total of 4.4 zettabytes, or the equivalent of 1,000,000,000,000,000,000,000 bytes. By 2020, that annual global data generation rate is expected to climb to 44 zettabytes, an increase by a power of 10. By 2050, when it is expected that 50 billion devices will be outfitted with computing processors for digital services, the amount of data generated every year could skyrocket. , will be much more suited for that atmosphere thanImagine the impact this will have on robotics (drones), holographics, down range autonomy and basic research and modeling, 3D printing, sending intelligent machines to the stars. And imagine how quickly that will make redundant whatever it is we buy today. Anything we buy that's based on proprietary hardware or software is likely to be more ball and chain than progress. Think Motorola.
Government technology buyers must approach issues prudently, which means not betting the house on any one gambit. Standardization perhaps should give way to some nodes of autonomous experimentation and incrementalism, however more expensive that may be in the near term.
No comments:
Post a Comment