Phase II Amount
$1,000,000
AF Simulators Division has a national defense-related mission in the area of cybersecurity for use with the AFCreate/MOTAR Platform. Specifically, AFLCMC/WNS needs a Lightweight Simulator Ecosystem (LSE) Cyber Security Assurance Readiness (CSAR) process that supports DevSecOps activities and continuous cyber security authorization. Ingalls CSAR process is an agile, continuous delivery approach for developing, evaluating, and assessing cyber security approvable concepts and processes supporting LSE assets to rapidly deploy and continuously authorize assets into, and removal from, secure environments. Ingalls CSAR proposed process builds on the existing containerized, development approach within AFCreate/MOTAR Portal that allows and encourages vendors to participate and contribute toward a common cyber assurance methodology supporting LSE. In addition, CSAR meets AF Simulators Divisions Simulator Common Architecture Requirements and Standards (SCARS) umbrella initiative and Strategic Agility! CSAR process has three levels of assessments. Level 1, focusing on Staging environment type of hardware, software, and products, is promoted into an ATO production environment once Level 2 is completed, ultimately landing in Level 3 for continuous authorization. Compliance assessment levels increase when certain projects inherit approved cloud controls and configuration best practices. CSAR proposal process displays in the AFCreate Admin Portal existing dashboard metrics providing users with indicators and awareness of status, tasks to be completed, and playbook of security control baseline standards. CSAR proposed process provides the LSE ecosystem with a Roadmap and Playbooks for successful cyber implementation that comply with NIST RMF, DFARS 7012, and CMMC Practices helping to accelerate technology innovation for LSE ecosystem.