Professional Documents
Culture Documents
T he mission of the
US Department of
Defense (DoD) is
to protect national
security and to generate, equip,
and sustain military forces to
deter war and prevail in combat.
situational awareness.
Although systems engineer-
ing and testing are among the
DoD’s strengths, the traditional
practice of engineering is chal-
lenged not only by the scale
and operational tempo of the
To accomplish this complex and national security enterprise, but
challenging mission, the size and by additional factors that
scale of the national security Kristen J. Baldwin D. Scott Lucero
include fiscal and budgetary
enterprise is vast: 2.5 million constraints, the evolution and
men and women in uniform, including 1.3 million on globalization of advanced technology and software, the
active duty and 862,000 in the reserves, supported by a necessary integration of complementary systems to
civilian workforce of more than 742,000. Within this achieve mission effects, and the responsibility to pro-
workforce are more than 100,000 engineering profes- vide a safe, secure military capability that is ensured to
sionals, including more than 39,000 acquisition-certified perform as expected.
engineers directly supporting the design, development, These factors translate into design and performance
and delivery of military systems. These engineers—and demands for defense engineers in terms of resilience,
their peers who carry out critical program management, affordability, interoperability, reliability, safety, and
test, logistics, and other acquisition functions—are security. In an ongoing effort, the DoD is taking steps
engaged daily to innovate, develop, produce, and main- to sustain and strengthen critical organic workforce
tain superior capabilities for the nation’s defense. capabilities; to improve engineering, test, and evalua-
Several compounding factors drive complexity in tion methods and tools; and to broaden its partner-
the engineering, testing, and evaluation of defense sys- ships with commercial and defense industry,
tems. DoD engineers and testers must deliver techno- universities, and federally funded research and devel-
logically superior military capabilities, most of which opment centers that augment organic capabilities with
involve complex, integrated, and networked systems. critical talent.
The capabilities must serve a diverse range of mission
areas, including mounted and dismounted infantry Challenges
operations; undersea navigation and protection; long- The nation’s military must be resilient to the volatile
range precision strike; homeland defense; cyber opera- changes in today’s operational environment. The prac-
tions; search, rescue, and medical treatment operations; tice of engineering is most straightforward with a
disaster relief and humanitarian operations; sustain- known set of stable boundaries and requirements for
ment and logistics support; and tactical and national which optimal solutions can be generated, along with
clearly defined expectations for contracts and parame- unprecedented challenges for defense engineers and
ters for verification and validation. In the defense envi- testers to evaluate the totality of these exchanges and
ronment, however, the threat continues to evolve, functions, as well as the safety and security of code from
challenging engineers to develop architectures and known and unknown sources. Complexity increases as
design margins that allow for uncertainty and the functions are embedded into smaller microsystem com-
inevitable changes in operational requirements. With ponents, and as systems integrate greater manned and
the democratization of advanced technology, creative unmanned functionality. Defense engineering and test
adversaries can exploit emerging opportunities. Our methods are evolving to ensure systems can be verified
operational forces are also creative and employ systems to behave as expected and contain no unwanted behav-
in unanticipated ways. iors. The defense research community is investigating
The practice of systems engineering in the DoD has approaches that could prove useful for certifying per-
shifted from the design of exquisite systems against a formance. Software opportunities and challenges will
static set of requirements to a practice informed by war continue to be pervasive and persistent, and engineers
gaming and intelligence. Systems engineering involves and testers will need to be creative in addressing these
advanced analytics to evaluate trade space at multiple challenges.
levels (mission to materials), allows for margin in US technological superiority relies on protection of
design decisions when uncertainty is high and stake- enabling technologies, as well as protection of the
holder confidence is low, and crafts adaptability into unique integration, adaptation, and production of tech-
architectures and business approaches to insert new nology that creates defense system capabilities. We can
technologies and keep pace with evolving requirements. no longer rely solely upon network and information
Adding to these challenges, given today’s fiscal con- security specialists, layers of encryption, and perimeter-
straints, is the demand that systems engineers consider based information assurance and operational security
affordability as part of the trade space. With a shrinking around systems and networks. Traditional security seg-
military and increased budgetary pressure on research, regation and boundary approaches leave adversaries
development, and procurement accounts, systems engi- few impediments once perimeters are breached. Com-
neers must understand the relationship between cost plex supply chains, with software and internal compo-
and other performance constraints. When does the nents obtained from the global marketplace, make
value of a key performance parameter drive the design perimeter protection untenable. Systems engineers
toward the use of exotic materials or unique manufac- must bring security into the design trade space and seek
turing processes? How do short-term cost savings dur- design patterns and system architectures with inherent
ing development affect the overall life cycle costs? resilience. Rather than just conducting red team exer-
Engineers must perform robust trade space analysis that cises during verification, engineers and testers should
considers not only performance but also materials, incorporate “red teaming” practices during the design
manufacturing, and sustainability, and they must assess process to ensure critical technologies and functionality
cost as a performance parameter throughout the plan- can withstand adversaries’ tactics. Engineers need to
ning and design processes to ensure that plans are consider protection of data, security, anti-tamper, and
affordable, with reduced life cycle costs. exportability requirements during early development.
Today’s defense systems are critically dependent on Failure to do so can be a costly oversight.
software, which provides a flexible mechanism to rapidly Systems engineering traditionally has relied on
improve or correct performance. The sheer quantity of monitoring the execution of defined and repeatable
software that enables defense systems today drives com- processes to ensure predictable development. Decisions
plexity in engineering, test, and evaluation. Defense sys- are made at subcomponent and system levels at succes-
tems use hundreds of millions of lines of code generated sive reviews to meet carefully chosen exit criteria and
by defense teams, reused from known government or technical performance measures. This traditional prac-
commercial-off-the-shelf systems, and incorporated from tice is challenged by growing complexity. The DoD has
open sources. Software dependencies within and among initiated collaborations to advance the state of practice
systems are complex. Along with software-controlled sys- for current and future environments. Following are a
tems has come an explosion of data and opportunities few of these initiatives.
for networking and information exchange across count-
less combinations of system interfaces. Partnerships
This power comes at a cost. Software and data inte- Complex engineering challenges are not unique to
gration, management, test, and assurance lead to the DoD. US Government agencies and international
defined, coherent, and loosely coupled to enable the System Security Engineering. To address the com-
agility called for in defense strategy. Technical standards prehensive set of threats to defense systems, systems
are also important enablers. Implementation of modular engineering must include system security engineering
design approaches requires the prudent use of standards as a fundamental element.
across system development, acquisition, and sustain- Security specialties have emerged over time in
ment. In 2015, the Defense Standardization Council char- response to new threats and risks. For example, infor-
tered an exploratory technical standards working group mation security protects information and information
to identify standards, determine gaps, and define the role systems from unauthorized access, use, disclosure, dis-
for defense standardization in supporting modular and ruption, modification, or destruction; physical and per-
open systems approaches. sonnel security protects information and other valuable
Digital, Model-Based Engineering. Technological assets physically stored within facilities and installa-
advances in capturing, managing, and analyzing data tions; and communications/network security protects
offer a game-changing opportunity for engineering. information transiting networks. Security now has risen
Today, model-based engineering incorporates digital to a system-level risk.
modeling methods, processes, and tools to introduce Twenty years ago, systems were relatively stand-
analytical rigor into all acquisition processes, including alone, software was critical but not prevailing, and the
engineering concept, design, development, test, manu- supply base was known and traceable. Today’s complex,
facturing, and delivery. A digital approach to these software-controlled, highly networked systems are built
processes, with an open framework for reusing the by prime contractors who integrate hundreds of suppli-
models and data throughout the system’s life cycle, can ers’ and commercial-off-the-shelf components of
transform the traditional waterfall approach to become opaque origin and integrity. Security vulnerabilities
predictive and highly integrated. The DoD sees value in now present themselves not only in a manner to which
adopting digital engineering design and model-centric information assurance controls are typically applied,
practices, enabling a shift from the linear, document- but in internal systems’ embedded software and hard-
centric acquisition and engineering process toward a ware components, and system-of-systems architecture
dynamic digital, model-centric ecosystem. designs. The system security engineering discipline pro-
By organizing information in a standard way, using vides an important mechanism for the engineering
model-driven approaches, and taking advantage of team to assess and mitigate system and subsystem
advances in computing, the DoD seeks to create oppor- vulnerabilities.
tunities to reduce cycle time and lower the cost required For the past several years, the DoD has organized
to modify designs and sustain systems over time. Using initiatives to establish the practice of system security
model-based processes, engineers have the tools to engineering. Engineering teams now perform criticality
readily assess how changes made in requirements and analysis as a risk-based approach to determining allo-
design impact manufacturing and quality, minimizing cation of security requirements. Components identified
potential rework. Engineers also will be able to develop as having high consequence if attacked or exploited are
a deeper understanding of the non-linear, complex rela- engineered to be resilient to attack and are subjected to
tionships in today’s systems to ensure that design, additional vulnerability reduction methods, including
development, and delivery happen predictably, with supply chain risk management practices.
fewer surprises. The DoD continues to mature these practices with
A digital system model, along with simulations and academia and industry partners. It is hoped that in the
test results, will help ensure that design and develop- long run, system security engineering will be as com-
ment efforts do not become divorced from actual per- monplace a discipline as reliability, safety, and quality
formance. Engineers will be able to store and share engineering practices, replete with tools and methods
design information, rationale, and models in a digital for assessing the adequacy of these design parameters.
form, reducing the work to regenerate information Security standards will become integral to engineering,
from paper-based products and the potential introduc- along with technical and management practices, and
tion of errors. The DoD is sponsoring SERC research in security will be simply another design requirement.
interactive, model-centric systems engineering and is Program and technical teams will address security
developing policy and guidance to encourage the use requirements while the largest possible trade space
of digital system models. Many of these tools are in use exists, and ensure the technical maturity and resilience
today, and with policy and leadership support over time of the security solution throughout the acquisition life
they should be commonplace across the DoD. cycle. To achieve this goal, the DoD along with its
partners must develop ways to measure and evaluate (USSOCOM) has placed many challenging problems
security, tools, and techniques to support design for requiring multidisciplinary solutions in the capstone
security, architectural approaches to neutralize threats, marketplace (www.capstonemarketplace.org) and has
and the means to optimize life cycle security costs. seen a great return on their investment. Several student
As described, system security engineering plays an teams have outperformed industry by providing fresh
important role in ensuring our systems function as insights, novel approaches, and innovative solutions to
intended and are free from malicious vulnerabilities. complex problems.
This threat is challenging and varies from the tradi- Student teams have participated in USSOCOM’s
tional kinetic, capability overmatch, or even nontradi- tests of the capabilities and limitations of their systems.
tional threats seen in overseas contingency operations. A student team from Stevens Institute has pursued
This information-age threat challenges the engineering patents on their water/pressure-activated floatation
community to treat security as a consideration in the device. Other research at the University of Texas (UT),
risk and design trade space. Austin has identified how fundamental systems engi-
Human Capital. The complexity of today’s defense neering principles can be integrated into a capstone
systems drives a demand for engineering and testing tal- design course without displacing other educational
ent. The DoD has a number of ongoing and planned content. Exposing the students to defense system chal-
human capital initiatives to strengthen our workforce. lenges not only enhances their breadth of experience
The military departments are taking steps to identify and increases their leadership skills, it shows young
critical technical competencies and to track and main- engineers the opportunities available in the DoD to
tain them. To maintain the technical edge of this make a significant contribution to the nation’s defense.
organic engineering workforce, the DoD seeks to pro- Many capstone students have gone on to internships in
vide technical training in critical technologies and spe- DoD labs and in the defense industrial base.
cialty engineering practices, and encourages advanced Although the research at the SERC and UT Austin
education. To address gaps, the SERC is conducting has shown great promise, incentives are needed to
efforts in human capital as well. The experience accel- encourage universities to work across departments and
erator project seeks to provide an immersive experience provide the competencies needed to deal with the com-
in which engineers make decisions on an acquisition plexity of today’s systems. Government, industry, and
program and see the consequences of their actions. The professional organizations can benefit from engaging
SERC’s Helix project is researching what makes systems with academia to:
engineers effective and identifying specific factors that • Provide the hard problems that require technical
enhance their proficiency. leadership and multidisciplinary solutions
Great engineers require technical depth, breadth, • Serve as the customer and mentor, conveying real-
and leadership skills to manage today’s complex sys- istic experiences
tems. This ability starts with education. Most engineers,
however, graduate from college with depth in one dis- Continued leadership and commitment are needed
cipline but with limited breadth of experience and lim- to realize the benefits of this research on a broader
ited leadership skills. Academic stovepipes are tough to scale. A professional association or consortium could
break—there are few incentives to work across depart- take on the mission to serve as a clearinghouse for mul-
ments, leading to shortfalls in systems and design tidisciplinary capstone projects. This capstone effort
thinking, and in systems engineering. These competen- would not only provide sponsors with a fresh look at
cies are typically addressed after graduation through challenging problems, it would help build the engineer-
industry training, mentoring, and rotational assign- ing workforce of the future.
ments. Although industry training helps address these
shortfalls, there are opportunities for engineering stu- Continuing Commitment
dents to gain breadth of experience and leadership Although there are many sources of complexity in
skills in an academic setting. today’s defense systems, the DoD is making progress.
Capstone Projects. The DoD has conducted suc- Federal agencies are communicating, coordinating, and
cessful research in providing undergraduate design collaborating on initiatives to improve the engineering
teams with relevant DoD problems for their senior of complex systems. The SERC and ERS are developing
capstone projects, helping these teams gain a broad improved methods and tools. Complexity is inherent
understanding and build leadership skills. For the last in providing our warfighters with the best systems and
several years, the US Special Operations Command latest cutting-edge technology to remain superior to any
potential adversary, but the DoD acknowledges this Planning Guide for Buildings and Infrastructure Systems.
challenge and is seizing opportunities to improve its Vols I and II. Washington, D.C.: NIST, U.S. Department
ability to engineer these complex systems. of Commerce, October 2015.
http://www.nist.gov/el/resilience/guide.cfm
Inter-Agency Working Group (IAWG) on the Engi-
KRISTEN J. BALDWIN is the Acting Deputy Assistant Sec- neering of Complex Systems. “Transforming the Prac-
retary of Defense for Systems Engineering, US Department of tice of Engineering for Large Complex Systems.”
Defense. Her areas of responsibility include the engineering Position paper. Washington, D.C.: IAWG, December
and technical workforce, engineering policy, and systems engi- 2013. http://www.acq.osd.mil/se/outreach/pubs.html
neering planning for major defense acquisition programs.
Websites
DON SCOTT LUCERO is the Deputy Director for Strategic Capstone Marketplace.
Initiatives within the Office of the Deputy Assistant Secretary www.capstonemarketplace.org.
of Defense for Systems Engineering. He is the government Department of Defense Systems Engineering.
program manager for the Department of Defense Systems http://www.acq.osd.mil/se/index.html
Engineering Research Center, a consortium of universities Systems Engineering Research Center (SERC).
that work collaboratively to conduct research addressing http://www.sercuarc.org/
defense systems engineering challenges. Guide to the Systems Engineering Body of
Knowledge
References (SEBoK).http://sebokwiki.org/wiki/Guide_to_the_
National Institute of Standards and Technology Systems_Engineering_Body_of_Knowledge_(SEBoK)
(NIST) Special Publication 1190. Community Resilience