INFORMATION TECHNOLOGY ENGINEERING SUPPORT SERVICES
MARKET SURVEY
N102-15-ITESS
29 JUNE 2015
From: MSC N102
Subject: INFORMATION TECHNOLOGY (IT) ENGINEERING SUPPORT SERVICES
DESCRIPTION:
This is a market survey for acquisition planning purposes ONLY. No formal solicitation exists at this time. MSC is soliciting input to determine the technical, administrative, management and financial capability of potential offerors to perform this kind of work.
Interested offerors must submit a brief but complete capability statement that demonstrates the capability to perform the type of services described below. MSC requests a response to this market survey by no later than 8 July 2015. This information will be used by the Contracting Officer to assist in developing the procurement strategy.
This is a request for information only and your response is not an offer. This request for information does not commit the Government to pay for any costs incurred in preparation of any submission to this market survey.
DRAFT REQUIREMENT
Information Technology (IT) Engineering Support Services (ITESS)
PERFORMANCE WORK STATEMENT (PWS)
1. Contract or Task Order Title. Information Technology (IT) Engineering Support Services (ITESS)
2. Background.
MSC's mission is to support our nation by delivering supplies and conducting specialized missions across the world's oceans.
Additional information on MSC is available at www.msc.navy.mil.
The C4S Directorate (N6) is responsible for MSC IT worldwide. The Director of C4S serves as MSC's Command Information Officer (CIO), the principal IT advisor to the MSC Commander.
N6's mission is to provide IT support to MSC managers and staff necessary to effectively and efficiently carry out the agency's mission; to provide integrated, standards based, secure IT solutions within the context of the Global Information Grid in concert with the DoD and its partners; and to ensure that IT resources are acquired and managed in a manner consistent with the standards, policies, and priorities established by the Secretary of Defense and the MSC Commander.
MSC C4S Engineering manages engineering resources in support of Information and Communications capabilities ashore and afloat including requirement management, capability maintenance, development, initial installations and retirement.
2.1 Current Operating Environment
Ashore environment:
MSC is supported by or uses the following ashore networks including: Navy Marine Corp Internet (NMCI) Continental United States (CONUS), Overseas Navy Enterprise Network (ONE-NET) Outside the Continental United States (OCONUS), MSC Data Centers (CONUS) and Afloat Network Operations Center (ANOC) (CONUS).
MSC's ashore desktop operating environment is currently a hybrid of various Windows, and UNIX environments.
MSC's current ashore server operating environment includes Windows, UNIX and LINUX environments at the MSC Corporate Data Center (MCDC), ANOC, and MSC Disaster Recovery Site (MDRS). DESKTOP APPLICATIONS include both standard off-the-shelf software products such as the Microsoft Office Suite and other common Windows software such as Media Player and Microsoft Internet Explorer. In addition, MSC has a wide variety of Commercial-Off-The-Shelf (COTS), Government-Off-The-Shelf (GOTS), and legacy applications on user desktops.
Shipboard Environment:
SMIS-UNCLASS Network, Attachment J-001, consists of workstations, primary and backup domain controllers, a database server, a switch, router, Dynamic Host Configuration Protocol (DHCP) and Windows Internet Name Service (WINS) server, accelerator, encryptor/decryptor, and link to the ANOC via satellite transport services. The MSC Shipboard SMIS-UNCLASS environment currently operates using Microsoft operating systems and Internet Explorer. The workstations utilize various Government-off-the-shelf (GOTS), Commercial-off-the-shelf (COTS), and Shipboard Management Information System (SMIS) applications and software. These applications and software are listed on the Afloat Applications Gold List. Depending on the hull type of an MSC ship, the number of on board workstations can range from 15, up to and above 120.
SMIS-CLASS Network Attachment J-002 includes a single Server running Microsoft Exchange and thin-client workstations running Windows. Exchange servers and client desktops runs in a virtualized server environment. Data for Active Directory, DNS, and Exchange is replicated among local and remote domain controllers.
3. Objectives:
The objective of this contract is to obtain IT Systems Engineering Support Services that will assist N6 in providing technical solutions to satisfy emerging requirements, enhance and develop IT capabilities in support of Military Sealift Command's (MSC) mission and assist in the development of governance to ensure IT capabilities align to MSC N6's strategic plan, MSC N6's technical architecture road maps and Department of Defense (DoD) mandates.
4. Scope.
The contractor shall provide Information Technology (IT) Systems Engineering Support Services necessary to maintain, upgrade, test, develop and install new IT capabilities for MSC worldwide in accordance with MSC N6 Strategic Plan (Attachment J-003). All systems should be developed in accordance with the DISA Security Technical Implementation guides and assessed using the applicable checklist and benchmarks. Compliance and deviations from these requirements will be documented in the appropriate form and included as a contract deliverable.
The Contractor during performance shall adhere and apply processes that are equivalent to those articulated by CMMI for Development, Version 1.3 (CMMI-DEV, V1.3) capability level 3. The Contractor shall also provide disciplined systems engineering and project management practices in accordance with DoD 5000 and shall be in compliance with all DoD and DoN mandates and instructions, and consistent with the work requirements identified in this Performance Work Statement (PWS).
Unless otherwise indicated, copies of the specifications, standards, and handbooks referenced in this PWS are available from the Document Automation and Production Service (www.defense.gov/pubs/), 700 Robbins Avenue, Building 4D, Philadelphia, PA 19111-5094. MSC unique documents are available from the Military Sealift Command Head Quarters (MSCHQ), Military Sealift Command Washington, 914 Charles Morris Court, SE Bldg. 210, Washington Navy Yard, DC 20398-5540.
In the event of a conflict between the text of this document and the references cited herein, unless otherwise indicated, the text of this document takes precedence. Nothing in this document, however, supersedes applicable laws and regulations unless a specific exemption has been obtained.
• Task Area 1 - Contract Management
• Task Area 2 - Project Management & Technical Management Process Support Services
• Task Area 3 - Systems & Software Engineering (SE/SWE) Support Services
• Task Area 4 - IT Service Management (ITSM) Support Services
• Task Area 5 - Enterprise Architecture (EA) Support Services
• Task Area 6 - Information Assurance (IA) Support
5. Performance Requirements.
5.1 Task 1 - Contract Management
The contractor shall provide all necessary personnel, administrative, financial, and managerial resources necessary for the performance of this activity. The contractor shall designate a single point of contact (POC) as the Contract Manager (CM) for use in communicating issues, concerns or problems on this task order. The PM shall have the authority to commit the contractor's organization and make decisions for the contractor's organization in response to Government issues, concerns or problems. The PM shall be readily available to respond to questions, concerns and comments, as well as be proactive in alerting the Government to potential contractual/technical issues. Although Government staff may coordinate with other contractor staff, the PM shall serve as the single contractor representative responsible for resolving all issues, concerns and problems.
The contractor shall provide a draft Contract Management Plan (CMP) to the MSC COR at the Kick-Off Meeting. Effective Contract Management will ensure that all contractor support assigned to this task are coordinating and leveraging processes already in place or being developed. This effort will include the overall management of contractor resources assigned to this task order as well as reporting to and direct interaction with the Contracting Officer's Representative (COR) and the Alternate Contracting Officer's Representatives (ACORs). Program Management support includes the full range of project planning, resource management, risk assessment and mitigation, quality management, change control, and management of project deliverables consistent with industry best practices.
5.1.1 Subtask 1 - Contract Kick-Off Meeting
The contractor, after coordination with the Government, will schedule and coordinate a contract kick-off meeting to be held within 5 business days of task order award. The contractor, with the assistance of the Government, will develop an agenda for the meeting. The contractor will ensure that all identified participants are notified of the meeting in advance. At a minimum, kick-off attendees shall include key contractor personnel and key MSC personnel. At the kick-off meeting, the contractor shall present its Transition Plan for overall program management of the awarded task order. The contractor shall develop and, after Government approval, distribute meeting minutes and action items within 5 business days after the kick-off meeting.
(CDRL A101, A102)
5.1.2 Subtask 2 - Contract Management Plan
The Contractor shall develop, deliver, and maintain throughout the contract period of performance, a Contract Management Plan that shall be used as a foundation for technical, resource, production and management planning. The Contractor shall develop and deliver a preliminary Contract Management Plan at the kick-off meeting and an updated Contract Management Plan within 30 calendar days after the kick-off meeting. The Contract Management Plan shall include the following summary information as well as any additional information deemed relevant by the Contractor:
a. design control
b. reliability
c. configuration control
d. standardization
e. quality assurance
f. provisioning
g. control of Government property
i. tests
j. certifications
k. packaging
l. shipping
m. other
Data Item Description (DID) DI-MGMT-80004A may be used and tailored with government concurrence.
(CDRL A103)
5.1.3 Subtask 3 - Contract Management Reviews
The contractor shall prepare and submit a Contract Management Review (CMR) agenda to the COR 5 business days prior to the CMR meeting and prepare minutes within 5 business days after the meeting. The Contractor shall prepare a review to be delivered the day of the review. The CMR shall address current TDL status to include current task order performance in comparison with task order performance metrics, mitigation plans for under-performing areas, and other issues and concerns. The CMR shall summarize the previous three months performance and agreement with the Program Management Plan. The CMR will define the work projected for the subsequent 3 months. The first review will be conducted three-months after award. Subsequent reviews will be conducted at three-month intervals.
(CDRL A104)
5.1.4 Subtask 4 - Performance Measurement
The contractor shall monitor performance standards and report monthly, via the Monthly Contract Status Reports. The contractor shall report performance metrics relative to each TDL; performance metrics shall include TDL status: resources, risk, deliverables, schedule, cost and hours by labor category for each reporting period. Metrics shall be reported for both monthly and aggregate/cumulative totals. Data Item Description (DID) DI-MGMT-81861 may be used, tailored with government concurrence.
(CDRL A105)
5.1.5 Subtask 5 - Performance Cost Reporting
The contractor shall prepare and submit a report concurrently with each invoice presented for payment. The contractor shall report expenses that can be invoiced under the contract. The report shall include labor expended for the period and cumulatively broken out to identify labor categories, labor rate, project ID and project phase and personnel utilized. Contractors must provide a cost summary sheet providing a breakout of monthly costs per effort and cumulative costs as they relate to the estimated amounts. The contractor shall use the report format found as defined in the Performance Cost Report. Data Item Description (DID) DI-FNCL-80165A may be used, tailored with government concurrence; alternate formats may be proposed and used, with prior approval of the Contracting Officer's Representative.
(CDRL A106)
5.1.6 Subtask 6 - Information Assurance
The contractor shall comply with latest Military Sealift Command's Information Assurance Policy. Current policy is detailed in MSC Instruction (COMSCINST 5239.3 series Attachment J-004). Compliance with this directive is mandatory during the execution of design, development, and implementation and maintenance tasks within this PWS.
The contractor shall comply with the Department of Defense (DoD) Information Assurance Workforce Improvement Program (DoD 8570.01-M Attachment J-005). The contractor shall use only certified personnel for all task(s) performed under this task order where certification is a requirement in accordance with DoD 8570.01-M.
5.1.7 Subtask 7 - Quality Assurance
The contractor shall have at contract award, and shall maintain, a quality management system per the International Organization of Standards ISO 9001:2000 standard for all work performed at the contractor's facilities in support of this contract. The Government reserves the right to require the contractor to present its certificate of ISO 9001:2000 compliance at any time. The contractor shall, in addition, support all MSC ISO 9001:2000 assessments by utilizing all N6 processes for work performed under this contract.
The contractor shall provide a quality assurance plan and approach for task order management, task order deliverables, and business process improvement to enhance the current and future processes. The quality assurance plan shall be provided at the contract kick-off meeting. DID DI-QCIC-81794, Quality Assurance Program Plan (QAPP) may be used and tailored with government concurrence.
(CDRL A107)
5.1.8 Subtask 8 - Configuration Management
The Contractor shall implement a Configuration Management (CM) system which complies with the following requirements:
a. Establishes initial hardware and software baseline of requirements. This baseline shall include hardware drawings and software programs and code which represent the delivered end items.
b. Perform CM reviews during formal technical program reviews at the Contractor and subcontractor facilities that verifies the high level system requirements have been incorporated and implemented into the evolving detail baseline.
c. A change control system for identifying, evaluating, dispositioning, and implementing proposed hardware and software changes to the established baseline.
d. A system that provides for periodic audits, including subcontractors, to ensure the overall requirements and objectives of the program are being accomplished and satisfied.
MIL-HDBK-61 may be used for guidance. Data Item Description (DID) DI-SESS-81875 may be used, tailored with government concurrence.
5.1.8.1 Configuration Control
The Contractor shall identify configuration items and maintain configuration change control through the systematic evaluation, coordination, approval/disapproval, and implementation of all approved changes after the functional and product configuration baselines are established.
5.1.8.2 Configuration Identification
The Contractor shall establish configuration identification through the development of formal documentation (i.e., specifications, drawings and documents) that describes the baseline to be used for controlling program requirements.
5.1.8.3 Configuration Change Control
The Contractor shall implement a Government approved configuration change control process. Changes to the established baseline may be submitted to the Government for approval at any time.
5.1.8.4 Data Control
The Contractor shall implement a Data Management (DM) process for identification, acquisition, control, maintenance, status accounting and timely delivery of data items. The Contractor shall provide a Data Accession List (DAL) of all data, documents, reports, studies, etc. All data shall be made available to the Government upon request.
The Contractor shall transfer data and information to the Government electronically to the maximum extent possible to facilitate more rapid communications between Government and Contractor organizations. This objective includes the creation of a cost-effective on-line digital data environment that allows the program acquisition and operational support activities, throughout the life cycle of the program, to digitally create, store, access, manipulate, share and exchange all programmatic and technical data.
5.1.8.5 Documentation
The Contractor shall establish configuration identification through the development of formal documentation (i.e., specifications, drawings and documents) that describes the baseline to be used for controlling program requirements. The Contractor shall document the configuration of all new and modified configuration items established under the Project. The documentation shall include configuration item performance requirements, design, test procedures, maintenance, and version description.
5.1.9 Subtask 9 - Communications
The contractor will develop and organize the communications strategy necessary to keep key stakeholders, and project team leads informed as projects move thru the different phases of the engineering and acquisition processes and shall provide technical support by assisting MSC in drafting plans, Standard Operating Procedures (SOPs) and other guidance documents as pertain to this PWS.
5.1.10 Subtask 10 - Staffing
The Contractor is required to provide resources with required project management, systems engineering and IT Service Management competencies in accordance with the MSC Service Delivery Overarching Framework (Attachment J-006) and Enterprise Project Management Handbook (Attachment J-007).
5.1.11 Subtask 11 - Phase-In / Phase-Out Plans
Phase-In Plan: No later than 5 business days after the contract kick-off meeting, the contractor shall develop, with Government input, a plan of action to ensure the smooth transition of services from the predecessor contractor to the contractor with no degradation of services.
Phase-Out Plan: No later than 120 calendar days prior to the end of the contract, the contractor shall develop, with input from the Government, a plan of action to facilitate the transition of services to the incoming contractor with no degradation in services.
5.1.12 Subtask 12 - Program Management Deliverables
All deliverables shall be provided electronically, in a Microsoft (MS) Office commercially available product format.
PWS Deliverable Distribution CDRL
5.1.1 Contract Management Plan COR/ACOR A103
5.1.1 Contract Kick Off Meeting Agenda COR/ACOR A101
5.1.1 Contract Kick Off Meeting Minutes COR/ACOR A102
5.1.2 Management Plan COR/ACOR A103
5.1.3 Contract Management Review COR/ACOR A104
5.1.4 Monthly Status Reports (MSRs) COR/ACOR A105
5.1.5 Performance Cost Report COR/ACOR A106
5.1.7 Quality Assurance Program Plan COR/ACOR A107
5.1.8 Configuration Management Plan COR/ACOR A108
5.1.11 Phase-In Plan COR/ACOR A109
5.1.11 Phase-Out Plan COR/ACOR A110
5.2 Task 2 - Project Management & Technical Management Process Support Services
The contractor shall provide support for Technical Management Processes and Project Management in support of systems and software engineering projects and in accordance with Department of Defense (DoD) Instruction (DoDI) 5000.02 and Department of the Navy (DoN) mandates, Cybersecurity (Information Assurance) policies, standards, instructions and directions. The purpose of this activity is not to direct the contractor day-to-day systems engineering work provides visibility into the project technical, cost and schedule performance. Additionally, this activity will be used to ensure management and control of activities, reviews and the Technical Data Package (TDP) baseline.
5.2.1 Subtask 1 - Project Management Reviews
The contractor shall prepare and submit a Project Management Review (PMR) agenda to the COR 5 business days prior to the PMR meeting and prepare minutes within 5 business days after the meeting. The Contractor shall prepare a review to be delivered the day of the review. The PMR shall address current project status to include performance in comparison with TDL defined performance metrics, mitigation plans for under-performing areas and risks, issues and concerns. The PMR shall summarize the previous month's performance and overall consistency with the project plan. The first review will be conducted one months following each project kick-off. Subsequent reviews will be conducted at monthly intervals.
(CDRL A201, A202)
5.2.2 Subtask 2 - Project Management Support
The Contractor shall provide Project Management support service in accordance with the DOD Acquisition Life Cycle and as defined in the TDL, including:
a. Develop and update as required by phase, a Work Breakdown Structure (WBS) compliant with MIL-STD-881C Appendix K Attachment J-008 (or as appropriate) specific to each project.
b. Develop and maintain a project cost estimate.
c. Develop and update as required by phase, a Project Management Plan specific to each project.
d. Prepare inputs to and/or draft Plan of Actions and Milestones (POA&Ms) to support the Project Management Plan, WBS, the SEMP, and required technical process areas specific to each project.
e. Prepare and update the project schedule / Integrated Master Schedule. The project schedule shall include "stop light" indicators indicating activity status as defined in the TDL
f. Provide Stakeholder Management, develop Stakeholder Register and ensure communications objectives are planned and met
g. Reviews and prepares engineering and technical analysis, reports, change proposals, and other technical documentation.
h. Apply engineering experience to perform functions such as configuration management, quality assurance testing, and acquisition and resource management.
i. Analyze project cost and schedule performance and determine the effect of current performance on overall program schedule and resource requirements for review by government personnel.
j. Analyze program acquisition strategies and determine the cost benefit(s), if any, of integrating acquisition requirements for review by government personnel.
k. Translate technical requirements and program constraints into inputs for acquisition documentation.
l. Maintain contract deliverable status to ensure that their receipt or non-receipt is integrated into related schedule information.
m. Generate and produce presentation materials (including slides, diagrams and other briefing materials) to support program/project requirements.
n. Attend meetings/conferences with government personnel to gather information to support program/project requirements as requested. Track and report on action items resulting from, but not limited to meetings, training, and to other activity requests.
(CDRL A203, A204, A205, A206, A207)
5.2.3 Subtask 3 - Technical Management Process Support
Provide Technical Management Process support service in accordance with the DOD Acquisition Life Cycle, including:
a. Develop and update as required by phase, a Systems Engineering Management Plan (SEMP) specific to each project.
b. Develop and update as required by phase, a Test and Evaluations Master Plan (TEMP) specific to each project.
c. Risk Management in accordance with guidance provided in the "Risk Management Guide For DoD Acquisition Fifth Edition, Version 2.0"
(1) Provide support for Systems Engineering Project Risk Management, create and maintain risks in RiskExchange, Provide bi-weekly status briefs of status for all risks
(2) Release and Transition Management including shall planning, scheduling, and controlling the transition of releases to test and live environments, ensuring the integrity of the product baselines, the live environment and that the correct configuration items are released.
d. Provide technical assessment to deliver real-time visibility into the project and demonstrate technical readiness
e. Provide requirements management and maintain requirements baselines
f. Provide configuration management and change control
g. Provide Decision Analysis and Resolution
h. Provide Interface Management, develop Interface Control Documents
i. Provide Technical Data Management, manage Configuration Item and technical baselines, manage changes to new and existing baselines as defined in this PWS
j. Provide Deployment and Transition planning and management
(CDRL A208, A209, A210, A211, A212)
5.2.4 Subtask 4 - Earned Value Measurement and Tracking
The contractor shall ensure that projects are measured and tacked to provide Earned Value Management (EVM) data. Project EVM shall include be conducted at a level sufficient to report project earned value, CPI and SPI as defined in the TDL. Project EVM shall be reported monthly at the Engineering Project Review (EPR). Data Item Description (DID) DI-MGMT-81861 may be used, tailored with government concurrence.
(CDRL A213)
5.2.5 Subtask 5 - Technical Measurement and Metrics
The contractor shall ensure that projects metrics are measured and tracked throughout the project life cycle as defined in the TDL. Areas where measurement and metrics should be monitored include:
(1) Software Metrics (e.g., size, complexity, reuse, defects, productivity)
(2) Hardware metrics (space, weight and power (SWaP), available RAM, storage)
(3) Technical Staffing (labor hours by labor category per task)
(4) Cost
(5) Risk
(6) Schedule
(7) Quality (defects in products or project artifacts)
(CDRL A214)
5.2.6 Subtask 6 - Travel
5.2.6.1 Travel Request
The Contractor shall develop and deliver a trip request 15 business days prior to any travel. The travel request shall detailed travel information in include information on requirements, associated costs, objectives, purpose, summary of activities, and individuals traveling.
(CDRL A215)
5.2.6.2 Trip Report
The Contractor shall develop and deliver a trip report is provided within 5 business days after the conclusion of all travel in support of project efforts and contains the detailed travel information and accomplishments. It shall contain sufficient detail of the travel information including:
• Dates
• Purpose
• Location
• Dates at Site
• Personnel Contacted
• Summary
• Chronology of Events
• Observations
• Deliverables Left
• Training Provided
• Software Performance & metrics
• Action Items
• Conclusion
• Recommendations
(CDRL A216)
5.2.7 Subtask 7 - Project Management Deliverables
All deliverables shall be provided electronically, in a Microsoft (MS) Office commercially available product format unless otherwise defined.
Task Deliverable Distribution CDRL
5.2.1 Project Management Review (Minutes) COR/ACOR/
TPOC A201
5.2.1 Project Management Review (Minutes) COR/ACOR/
TPOC A202
5.2.2 Work Breakdown Structure (WBS) COR/ACOR/
TPOC A203
5.2.2 Project Management Plan (PMP) COR/ACOR/
TPOC A204
5.2.2 Plan of Actions and Milestones (POA&M) COR/ACOR/
TPOC A205
5.2.2 Project Schedule COR/ACOR/
TPOC A206
5.2.2 Stakeholder Register COR/ACOR/
TPOC A207
5.2.3 Systems Engineering Management Plan (SEMP) COR/ACOR/
TPOC A208
5.2.3 Test and Evaluations Master Plan (TEMP) COR/ACOR/
TPOC A209
5.2.3 Interface Control COR/ACOR/
TPOC A210
5.2.4 Deployment and Transition Planning COR/ACOR/
TPOC A211
5.2.4 Deployment and Transition Planning COR/ACOR/
TPOC A212
5.2.4 Earned Value Measurement and Tracking COR/ACOR/
TPOC A213
5.2.5 Technical Measurement and Metrics COR/ACOR/
TPOC A214
5.2.6.1 Travel Request COR/ACOR/
TPOC A215
5.2.6.2 Trip Report COR/ACOR/
TPOC A216
5.3 Task 3 - Systems & Software Engineering Support Services
The contractor shall provide technical and engineering support services to ensure the development, integration, deployment and sustainment of new systems, software and capabilities, the development of modifications to systems and equipment, and correction of deficiencies in systems and equipment. The contractor shall provide systems and software engineering support services compliant with all DoD/DoN mandates and instructions.
Paragraphs in this section describe the scope of engineering services to be performed under this contract. Although the task order shall be self-initiating, the contractor shall be given additional technical direction or clarification to accomplish work as specified through issuance of Technical Direction Letters (TDLs). Services provided shall be in support of Military Sealift Command (MSC), N6 Command, Control, Communication and Computer Systems (C4S). Services shall be performed at the contractor's facilities, at government facilities and laboratories, and aboard MSC ships.
5.3.1 Subtask 1 - Engineering Studies and Analysis Services
The Contractor shall perform engineering studies and analysis for requirements definition, operations concept definition, systems engineering decisions, trade studies, analysis of alternatives, and system definition in support of efforts in the formulation, implementation, and/or operations phases. Tasks cover a broad range of mission and system development domain areas.
(CDRL A301)
5.3.2 Subtask 2 - Requirements Development Engineering Services
The contractor shall provide requirements engineering support services to ensure the correct and accurate development of new capabilities and modifications to existing systems and equipment, and correction of deficiencies in existing systems and equipment as defined in the TDL. Such efforts shall include examining existing requirements for establishing baselines for new systems and equipment, with the aim of defining how best to meet these requirements as well as evaluating existing systems and equipment for possible improvement. The contractor shall conduct technical studies and evaluations to determine the cost and feasibility of implementing systems engineering concepts. Successful completion of the requirements engineering and definition phase shall be determined by a completed Product Definition Review (PDR) and complete Technical Data Package (TDP) defining the functional baseline as defined in the TDL. All Requests for Action (RFAs) produced during the PDR will be closed. The contractor shall:
a. Perform Requirements Analysis.
b. Ensure all requirements specifications are DoDD 8500.1 / DoDI 8500.2 compliant
c. Develop or update Operations Requirement Documents (ORD) and Capability Development Document (CDD) as required by the TDL
d. Perform Functional Analysis and Allocation.
e. Provide Analysis of Alternatives (AoA).
f. Evaluate the adequacy of existing or developmental equipment and systems to meet current and future requirements with normal growth considered.
g. Evaluate operability, reliability, and maintainability in intended environments.
h. Assess interoperability with other systems.
i. Coordinate with MSC C4S Program Management (N61) to ensure adequacy of requirement definition, including life cycle sustainment, and verification & validation of system effectiveness and suitability in the operating environment.
j. Evaluate life cycle cost effectiveness
k. Conduct technical evaluation and support services during system requirements development of MSC systems. These evaluations shall include:
(1) Documenting specific evaluation processes, results and an explanation of their implications.
(2) Identifying system capabilities to meet design goals in an operational environment. This shall include identification of high-risk or low-performance areas, definition of alternate design methodologies, recommendation of design modifications, and evaluation of interoperability with existing and forthcoming systems. The contractor shall identify risks, alternatives, and modification recommendations.
l. Review, evaluate, prepare, and revise system technical specifications at their inception. Prepare specifications for a variety of C4S equipment and systems.
m. Prepare and revise a Requirements Traceability & Verification Matrix (RTVM) to support all phases of systems development and provide traceability to verification and validation
n. Review, evaluate, prepare, and revise system test plan, processes and procedures
o. Review, evaluate, prepare and update a system Life-Cycle Sustainment Plan (LCSP)
p. Prepare and revise engineering and system drawings for C4S. Create detailed engineering diagrams to be used for guidance and information; prepare single line block diagrams, system interface block diagrams, systems wire run sheets, space arrangement drawings, and installation control drawings.
(CDRL A302, A303, A304, A305, A306, A307, A308, A309, A310, A311, A312, A313, A314)
5.3.3 Subtask 3 - Design Engineering Services
The contractor shall conduct system, subsystem and component design engineering on specific systems architecture and conduct system design engineering on new or existing systems undergoing improvement modifications with current and future system performance considered as defined in the TDL. Successful completion of the design phase shall be determined by a completed Solution Design Review (SDR) and complete Technical Data Package (TDP) defining the allocated baseline. All Requests for Action (RFAs) produced during the SDR will be closed. The contractor shall:
a. Prepare and update system specifications applicable to new or existing systems or components.
b. Ensure all design specifications are DoDD 8500.1 / DoDI 8500.2 compliant
c. Review requirements and specification documentation to ascertain design goals and standards established during component or system concept formulation and initial product definition phases.
d. Review and update final specifications for production units.
e. Identify points of design inadequacy within the specified component or system for the desired application (e.g., response time, frequency coverage, etc.).
f. Evaluate the component or system capability to meet design goals and standards in an operational environment and the capability to be interoperable with existing or forthcoming systems or components; identify high risk or performance shortfalls, to identify alternate design methodologies, and recommend design modifications.
g. Participate with Government technical representatives in review meetings, engineering reviews, and conferences/presentations where subject matter expertise is required.
h. Develop the System Design Specification, Software Design Specification, Hardware Design Specification and Interface Design Specification.
i. Perform integration tests on improved or new/existing components and systems. Submit test reports, procedures and results.
j. Designing and fabricating test aids for use in test and evaluation of systems or equipment, and providing definitions of design inadequacies.
k. Prepare reports providing initial component or system evaluation results, possible design improvement alternatives with associated tradeoffs, and recommended approaches. Prepare updates to documentation packages including parts list and schematics.
l. Perform system effectiveness studies to evaluate overall system effectiveness, reliability, maintainability, human engineering, and logistic supportability.
m. Review systems engineering requirements and identify integration functions necessary to meet requirements.
n. Review available equipment performance characteristics and identify suitable equipment required for integration.
(CDRL A315, A317, A318, A319, A320, A321)
5.3.4 Subtask 4 - Implementation and Integration Support Services
The contractor shall provide implementation and integration services to establish total systems and software capable of performing specific functions as defined in the TDL. Successful completion of the design phase shall be determined by a completed Test Readiness Review (TRR) and complete Technical Data Package (TDP) defining the product baseline. All Requests for Action (RFAs) produced during the TRR will be closed. The contractor shall:
a. Support component installation, system integration, installation test and evaluation, in-service engineering, repair and validation, and lab upgrades and maintenance,
b. Ensure all developed solutions are DoDD 8500.1 / DoDI 8500.2 compliant
c. Support development tasking involving system design and feasibility evaluation,
d. Support system design engineering, installation testing and evaluation of new or modified systems and equipment including the generation of requirements analysis, test plans, procedures, training outlines, operational evaluation, and recommendations.
e. Review systems engineering requirements and identify integration functions necessary to meet requirements.
f. Review available equipment performance characteristics and identify suitable equipment required for integration.
g. Prepare System Implementation Plans; describes how the information system will be deployed, installed and transitioned into an operational system.
h. Prepare detailed installation design drawings and interface definitions.
i. Accomplish integration and installation, including any necessary hardware and software integration testing and deficiency remediation.
j. Install/remove systems and equipment onto/from the test site and/or the Fleet platform; property accountability and/or inventory information shall be maintained at all times,
k. Develop and provide revisions to operator and technical manuals, develop production and checkout procedures, perform installation checkouts, and prepare reports of checkout results. Manuals include, but are not limited to, instructions for handling, transporting, installing, operating and maintaining systems.
(CDRL A321, A322, A323, A324, A325)
5.3.4.1 Developmental Test and Evaluation Support Services
The contractor shall provide systems Developmental Test (DT) and Verification and Validation engineering execution and support services to verify & validate systems and software as defined in the TDL. Successful completion of the design phase shall be determined by a completed Deployment Readiness Review (DRR) and delivery of the updated Product Baseline Technical Data Package (TDP) as required. All Requests for Action (RFAs) produced during the DRR will be closed. The contractor shall:
a. Perform development and review of test plans and test procedures documentation in support of design, development, integration and acceptance testing, conducts testing and produces report documentation
b. Participate in the development of technical manuals, Quality Control Inspection Procedures (QCIPS), acceptance test procedures, planned maintenance system documentation
5.3.5 Subtask 5 - Limited Rate Initial Production (LRIP) Deployment Support Services
The Contractor shall provide support for systems deployment and transition and life cycle sustainment. The Contractor shall be required to support and assist with Pre-Installation Test and Check-Out (PITCO) and Limited Rate Initial Production (LRIP) for new and upgraded systems, and assist in the seamless transition from RDT&E to the Production, Deployment and Operations and Support (PD&OS) phase of the System Life Cycle.
The contractor shall:
c. Perform development and review of test plans and test procedures documentation in support of design, development, integration and acceptance testing, conducts testing and produces report documentation
d. Prepare transition and rollback plans
e. Participate in the development of technical manuals, Quality Control Inspection Procedures (QCIPS), Standard Operating Procedures (SOPs), acceptance test procedures, and planned maintenance system documentation
f. Red-Line and update Standard Operation Procedures (SOPs), training materials, tech manuals and drawings.
g. Build and conduct Pre-Installation and Test Check-Out (PITCO) of systems to be deployed during LRIP
h. Support installation and validation of systems deployed during LRIP
i. Update and maintain technical data package (TDP) Product Configuration Baselines for deployed systems during transition.
(CDRL A321, A329, A330, A332, A323)
5.3.6 Subtask 6- Operational Test and Evaluation (OT&E) Support Services
Operational Test & Evaluation (OT&E) Support shall be required when a new/modified system or equipment is scheduled for installation on a platform as part of LRIP, a scheduled upgrade or for technical evaluation/operational test and evaluation purposes as defined in the TDL. The contractor shall provide test and evaluation support services for the monitoring and conducting of tests, evaluations, studies and the preparation of test plans for specified systems, subsystems or equipment.
The contractor shall:
a. Conduct a feasibility impact assessment, including description of equipment, preliminary installation drawings, and definition of support requirements.
b. Assemble using existing Installation Control Drawings (ICDs) and develop ICDs where none exist.
c. Prepare ICD, cable running sheets, arrangement drawings (plan and elevation), and detailed design drawings for any required fabrications. Prepare installation test and checkout plans for specified systems, subsystems or equipment. Provide test and evaluation support services for the monitoring and conducting of tests, evaluations, studies and the preparation of test plans for specified systems, subsystems or equipment.
d. Prepare detailed test procedures for testing and evaluating the specified system, subsystem, or equipment. The contractor shall prepare test plans (including Total Ship Test Plans), to establish basic requirements for and relationships among first article tests, factory acceptance tests, system integration tests, installation tests, acceptance tests, technical evaluations, operational test and evaluations, and test outlines; and provide inputs to Test Bed Implementation Plans, Test and Evaluation Master Plans, and Test and Evaluation Plans. Test plans shall be developed per DoD-STD-2106. The test procedures shall define clearly the objectives of the test, the procedures that must be carried out by the test team to meet the objectives of the test, and the pass/fail criteria for the test, and equipment requirements.
a. Test procedures documentation shall include the following:
1) Test title.
2) Test objectives.
3) Unit(s) to be tested.
4) Test equipment required.
5) Outside services required (if any).
6) Staffing required.
7) Test duration.
8) Number of times each test is to be performed.
9) Detailed test procedures and pass/fail criteria.
b. The contractor shall conduct and support the test and evaluation of specified systems, subsystems, or equipment following approved test plans and procedures.
Specifically, the contractor shall:
1) Install the system or equipment for U.S. Government testing at specified locations, afloat, or ashore.
2) Perform test at specified locations, afloat, or ashore.
3) Design and fabricate test aids for use in testing and evaluating the specified system or equipment at specified locations, afloat or ashore.
4) Plan and design test processes and procedures to test new or existing systems.
5) Develop techniques, design changes, or other strategies aimed at reducing maintenance failures, and prepare reports that include the T&E results of the tested system.
(CDRL A209, A210, A314, A333, A321)
5.3.7 Subtask 7 - Engineering Lab Maintenance and Support Services
The contractor shall maintain and upgrade the test, pre-production and production lab environments located at the MSC N6 Test & Evaluation (T&E) System Integration Laboratory, SP-312 Norfolk, Va., and other test sites as applicable. All test environments shall be kept in working order through preventive and corrective maintenance. Production environment will be maintained to reflect the latest systems configurations and shall be an exact shipboard replication.
Specifically, the contractor shall:
a. Assemble and maintain software library with change documentation
b. Assemble and maintain image library with change documentation
c. Provide configuration and change management support for the test, pre-production and production lab environments.
d. Contractor shall develop operational procedures for all testing environments.
e. Maintain a system failure log for each testing environment.
f. Maintain a list of significant systems-related publications, associated engineering materials, and engineering network equipment.
g. Service Validation and Testing (SV&T) Support Services
Work on specific engineering projects will be initiated via a letter of technical direction from the TOM in accordance with Section 6.0 (a).
(CDRL A321, A334, A335)
5.3.8 Subtask 8 - Training Support Services
The contractor shall develop training materials such as maps, charts, slides, textbooks, handbooks, readers, and computer based training (CBT). The contractor shall develop and update training outlines and associated materials. The Government shall approve training outlines, which shall include information from technical manuals, standards, and other applicable references.
(CDRL A336)
5.3.9 Subtask 9 - Engineering Logistics Support Services
The contractor shall provide engineering logistics support for new and modified MSC IT systems and subsystems. The contractor shall provide engineering logistics, configuration management, and material control services in support of assigned systems and equipment.
The contractor shall:
a. Develop or review engineering elements of strategies for supporting system requirements considering geographic area of deployment, equipment requirements, supportability, equipment/system interoperability, equipment/material availability, procurement lead-times, inventory and stocking requirements.
b. Provide design and feasibility analysis of proposed logistics elements for new, existing, and refurbished/modified systems and subsystems.
(CDRL A337, A338)
5.3.10 Subtask 10 - Transportation Alteration (TRANSALT) Support Services
The Contractor shall develop and submit a TRANSALT package, for each ship class, in accordance with MSC instruction and as defined in the TDL. The Contractor shall develop and provide a package containing the required documentation per the MSC TRANSALT Process Guide in support of TRANSALT approvals for LRIP platforms.
(CDRL A339)
5.3.11 Subtask 11 - In-Service Engineering Support Services (ISEA)
The contractor shall provide in-service engineering activity (ISEA) support for existing and/or newly developed systems and equipment. This effort includes, but is not limited to performance analyses, problem identification and solution development for MSC systems.
The contractor shall:
a. Perform operational and failure analyses to assess problems and develop solutions, including new designs to enhance performance when necessary. Maintain applicable documentation in the MSC Configuration Management Database (CMDB),
b. Provide engineering support for interfaces among system components and between supported systems and other new or deployed systems. Identify and correct interface discrepancies between systems. Develop, review, propose revisions to, and validate documentation applicable to systems and equipment interface design changes,
c. Provide technical support for on-site engineering investigations to evaluate performance of systems/equipment including critical examination of installation designs and physical layouts for reliability, ease of maintenance, and suitability. Review technical accuracy of all requisite technical documentation,
d. Develop, review and revise Shipboard Automated Maintenance Management (SAMM) preventative maintenance documentation in accordance with MSC Processes,
e. Provide updates to existing System Product Configuration Baselines in accordance with MSC Change and Configuration Management processes and procedures.
(CDRL A340)
5.3.12 Subtask 12 - Software Systems Development, Implementation and Maintenance Services
5.3.12.1 Software Engineering
The Contractor shall define a software development plan (SDP) appropriate for the computer software projects to be performed under this contract. In accordance with the frame work defined in IEEE/EIA STD 12207.0 (series), the SDP shall define the processes, the activities, and the techniques and tools to be used to perform the tasks. Because the IEEE/EIA Std. 12207 does not prescribe how to accomplish the task, the Contractor must provide this detailed information so MSC can assess whether the Contractor's approach is viable. The Contractor shall follow this SDP for all computer software to be developed or maintained under this contract.
The SDP may contain the information defined by IEE/EIA std. 12207.1, section 5.2.1 (generic content) and the Plans or Procedures in Table 1 of IEEE/EIA Std. 12207.1. In all cases, the level of detail shall be sufficient to define all software development processes, activities, and tasks to be conducted. Information provided must include, but is not limited to, specific standards, methods, tools, actions, strategies, and responsibilities associated with development and qualification.
The Contractor shall maintain compatibility with the following software development tools: Microsoft Office, Borland Delphi, Java version 1.4, APACHE HTTP server version, APACHE Tomcat, JBoss EJB, Citrix Metaframe XP, Crystal Reports, Power Tools, ORACLE, SYBASE, Microsoft Outlook, ERWIN and Microsoft NET.
The Contractor shall provide Life Cycle Management (LCM) support during operational life of systems developed or maintained under this contract. The SDP shall define the Contractor's proposed life cycle model and the processes used as a part of that model. In this context, the term "life cycle model" is as defined in IEEE/EIA std. 12207.0. The SDP shall describe the overall life cycle and shall include primary, supporting and organizational processes based on the work content of this contract. The Contractor shall provide LCM end-of-life system support during retirement of systems developed or maintained under this contract.
The SDP may also contain the following activities in addition to those defined in IEEE/EIA STD 12207.0 (as amended):
a. Software modeling support. MSC currently uses Unified Modeling Language (UML) to document Engineering and Logistics Government web applications.
b. Track and provide software code error remediation where required
c. Facilitate system installation which may include but is not limited to:
1) Quality Assurance system installation instructions and scripts
2) Quality Assurance system test instructions and scripts
3) Shoreside system installation instructions and scripts
4) Shipboard system installation instructions and scripts
5) Software Defect Reports
6) Software User's Manual (SUM)
d. Provide all necessary equipment, hardware, software, training, and training documentation needed to perform initial training of MSC operations staff.
e. Provide a Software Version Description (SVD) describing each software version consisting of one or more Computer Software Configuration Items (CSCIs). The SVD is used to release, control and track software versions.
(CDRL A341, A342, A343, A345, A352, A353)
5.3.12.1.1 MSC Data Replication Support
The Contractor shall provide support for the maintenance of MSC's existing database replication architecture. The support efforts required may include but are not limited to the following:
a. Provide a database design and deployment plan for database structure changes
b. Review proposed changes to the infrastructure and methodology of transmitting replication data for impact on the performance of the replicating environment.
c. Test and report on the effects of database structure changes to MSC's database replication environment.
d. Develop Standard Operating Procedures (SOPs) to minimize problems with database replication operations.
e. Assist with management of MSC's database replication operations.
f. Provide reports on the status of data replication between remote and consolidated sites.
5.3.12.1.2 Post Production Software Support (PPSS) Services
The contractor shall provide Post Production Software Support (PPSS) to perform software maintenance for existing software applications as defined by the TDL and in support of the MSC N6 Enterprise. PPSS is a key software support concept that includes the activities necessary to ensure that Systems Engineering and sustainment principles, processes and practices are applied to software throughout the lifecycle. Software maintenance activities will include Corrective, Adaptive, Perfective and Preventative maintenance. The contractor shall:
a. Develop a Software Support Requirements Analysis (SSRA) document(s) to identify all required software configuration items and define the Software Support resources and costs to include the labor, material, and overhead costs for each application,
b. Develop/Update a Computer Resource Lifecycle Plan (CRLCMP) that describes the total software support strategy to include the development, acquisition, test and support plans over the life cycle of computer resources and applications that are integral to or are used in direct support of MSC systems,
c. Provide a Software Support Activity (SSA) with resources required to deliver ongoing software maintenance as determined by the SSRA and CRLCMP and sufficient to meet program and software security objectives.
(CDRL A354, A355, A356)
5.3.12.2 Software Assurance and Security Engineering Practices
In coordination with the Government, the contractor shall design, develop and implement secure applications and configurations through applying applicable DoD STIGs, checklists, vendor security guidance, industry best practices, and applicable vendor product security patches. The contractor shall ensure applications are in compliance with DoDI 8500.2, IA Implementation (current version) and DoDI 8551.1, Ports, Protocols, and Services Management (current version). The contractor shall leverage, to the maximum extent possible, automated tools to identify and remediate vulnerabilities or weaknesses in the application design/coding, such as those described in Common Weakness Enumeration/System Administration, Networking, and Security Institute (CWE/SANS) TOP 25 Most Dangerous Programming Errors and Open Web Application Security Project (OWASP) Top Ten, that could be exploited by unauthorized sources.
The Information System Security Engineer shall participate in Government and contractor formal and informal design reviews to identify potential security weaknesses, deficiencies, and/or vulnerabilities in the design. The Information System Security Engineer shall also ensure appropriate security requirements are included as part of the requirements traceability matrix and are evaluated as part of the security test and evaluation (ST&E). As part of the contractor's change control process, the contractor shall ensure participation by the Information System Security Engineer (ISSE) or a qualified IA representative to evaluate the impact of each change on security. The contractor shall document the results of this evaluation.
5.3.12.2.1 Software Source Code Scanning
The contractor shall perform required base-lined source scanning IAW the SDDC IA policies prior to release to the Government. The Government will provide software security vulnerability scanning and testing tools for the life-cycle development process. The contractor shall use Fortify as the tool which is currently used by the Enterprise.
Deliverable: Code scans due prior to code release to CTE environment and within 30 days of a new rule pack release.
5.3.12.2.2 Software Tracking Security Issues
The contractor shall track all security issues uncovered during the entire software lifecycle. The risk associated with each security issue shall be evaluated, documented, and reported to the Government as soon as possible. Once discovered, the contractor shall include the risk along with a risk mitigation course of action (COA) to include a COA recommendation, as part of the QSR.
5.3.12.2.3 Non-Secure Software
If the Government determines, after a security audit (e.g., ST&E) that software delivered under this contract is non-secure, the Government will provide written notice to the contractor concerning each non-conformity. Software shall be "non-secure" under contract if it contains a programming error listed on the current-approved version of the CWE/SANS TOP 25 (which can be located at http://www.sans.org/top25-programming-errors) or a web application security flaw listed on the current-approved version of the OWASP Top Ten (which can be located at http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project).
The contractor shall have 30 days after receipt of such notice (Remedy Period) to remedy each non-conformity by modifying/replacing and redelivering the software to the Government; or shall notify the Government within 15 days as to why the remedy cannot be implemented in 30 days, and propose a timeline for correction. If the Government determines, after a security audit following a Remedy Period, that the redelivered software is non-secure, and thus non-conforming, the Government may reject the delivery, provide notice of the non-conformance, and document the contractor's performance record. Alternatively, the Government may accept non-conforming software, receive appropriate consideration (equitable price reduction on a fixed price contract, reimbursement for costs of security audit, reimbursement for costs to correct the non-compliances, etc.), and document the contractor's performance record.
5.3.12.3 Delivery of the Secure Application
The contractor shall provide successful installation and implementation of Enterprise software on the Government-owned environments. The Government centralized software installation/implementation team will perform code scans, builds and installation of the code into the Government-owned environments. The contractor shall provide assistance to this team during the verification and build process. The contractor shall use a master build process that reliably builds a complete distribution from source. The contractor's process shall include a method for verifying the integrity of the software delivered to the Government by using digitally signed and encrypted media. For all deliveries, the contractor shall provide all source code, installation kits, documentation *including those related to architecture, test design, and testing results, and installation procedures), and build procedures and scripts delivered to or maintained for the Government.
5.3.12.4 Software Malicious Code Warranty
The contractor represents and warrants that the software shall be free from all computer viruses, worms, time-outs, time bombs, back doors, disabling devices and other harmful or malicious code intended to or which may damage, disrupt, inconvenience or permit access to the software user's or another's software, hardware, networks, data or information.
5.3.12.5 Source Code Configuration Control (Versioning)
The contractor shall utilize a strict version control process for software development and provide two copies of source code for all software versions developed under this contract. The source code will be provided on optical removable media (burned for read-only) or another mutually agreed type of media.
5.3.12.6 Common Development Environment (CDE) (Reserved Task)
The Government has future plans to establish an isolated CDE and facility for all software development to complement the Government's integration and testing environment. Therefore, once this becomes available, the contractor shall assist the Government in transferring all software development operations to this environment. After transition, the contractor shall conduct all software development entirely from within this consolidated Government common development environment. The contractor shall access remotely from their facilities through a Government-approved method, i.e. Virtual Machine-Ware Client. Upon completion of transfer and establishment of operational status of the Government's environment, the contractor shall cease development activities within their environment and remove all sensitive Government materials and information (data), and provide them to the Government for disposition.
In the Government development environment, the programs will be provided basic Virtual Machines or Solaris Zones that have been locked down IAW DISA STIGs and fully patched. The contractor shall maintain the servers in a fully patched state.
The Contractor will be supplied with source code or licenses, as needed, for all Government supplied software. The Government will provide the contractor use of a dedicated computer. The contractor shall use Government-furnished equipment (GFE) or a Government-compliant dedicated computer for remote access to the development environment. The contractor's GFE computer shall not be used for other general-purpose computing or non-development activities such as e-mail and web browsing, or used to access any network, other than the contractor's development environment, including the contractor's corporate network and the internet.
The CDE shall be physically and logically isolated from other networks, to include its Enterprise unclassified network. Security guidelines for the environment must be documented and the security program implemented shall address the security controls described in NIST Special Publication 800-53 (current version), Recommended Security Controls for Federal Information Systems and Organizations (http://csrc.mist.gov/publications/PubsSPs.html).
5.3.12.7 Software Configuration Item (CI) Archiving
The contractor shall maintain source code, design artifacts and other materials as required by the Government within the common development environment.
(CDRL A357. A358, A359, A360, A361)
5.3.13 Subtask 13 - Enterprise Project Management (EPM) Process Engineering Support Services
The contractor shall as required, provide process engineering in support of MSC N6's Enterprise Project Management (EPM) process framework. This shall include process requirements analysis, design & development, and produce documentation and training materials necessary to ensure that process solutions are integrated seamlessly within MSC's EPM process framework. Information of the MSC N6 EPM Process is provided in Attachments J-010. Process Engineering activities include:
a. Producing process requirements
b. Producing the basis of design
c. Producing process diagrams
d. Writing the process description & procedure
e. Developing process training materials
(CDRL A362)
5.3.14
