The Defense Intelligence Agency has just launched a project that it thinks can help circumvent some of the ills of the government’s notoriously slow procurement process for emerging technology and open the playing field to a much broader set of innovators.
The platform, called Needipedia, formally launched in late November. The basic idea is to let front-line DIA users, who have discrete technological needs, communicate them to the companies and institutions that might be able to solve their problems a bit more directly, short circuiting at least some of the steps in the government’s ponderous process for procurement and requirements development.
“The problem we face in government is that when we want to go out and find new capabilities, just asking for them is a process that takes six to nine months,” said Dan Doney, DIA’s chief innovation officer. “If I want to generate a request for proposals, most of the language is pro-forma, but if I change a couple of words, the lawyers need to review it as if it was the first time, every time. That process is quite lengthy and quite painful.”
So instead of issuing a new RFP every time the agency identifies a new requirement, DIA created a single generic broad agency announcement that simply points to Needipedia, an agency website that serves as a sort of wish list for the agency. New agency needs will be continuously added to the site after undergoing a less-strenuous level of vetting than what usually accompanies a traditional government procurement.
“In that BAA, in the specific spot where I would normally ask for a thing, we now reference that dynamic document,” Doney said during a Web discussion hosted by Government Executive magazine last week. “If I have a niche need, like a 3D printer so I can print up guns, I can publish that. For industry, they can see that DIA is looking for a 3D printer that references a certain need in Needipedia, and they submit their proposal against this open BAA and it gets routed to the specific mission element that needs it. We’ve taken away all the friction associated with how we ask for things.”
What DIA doesn’t know
Doney said the Needipedia construct also will include a technology “catch-all” category designed to let industry submit innovations, even when DIA doesn’t know to ask for them.
The site is one early element of the Open Innovation Gateway, a new agile technology acquisition approach DIA is building to support the Intelligence Community Information Technology Environment (ICITE), the shared services cloud architecture that eventually will support the entire intelligence community.
The agency says the gateway, which it hopes to launch by late January 2014, will give developers access to the same computing environment and technology standards that ICITE will use, so that they can build applications that are designed from their foundation to successfully interoperate with intelligence community systems and meet their security standards.
“We want industry and academia to be able to participate, in place, with as little barrier to entry as possible,” Doney said. “Obviously I can’t expose mission data to folks on the outside, and there are some mission systems I can’t represent to them. But with as much fidelity as we can, we’re going to bring those systems out. What that allows is that a garage innovator in Austin, Texas, or a grad student at Carnegie-Mellon can contribute to our mission setting in a safe house in a way that drives the standards that are being pushed by ICITE.”
Doney said he thinks the potential attractiveness of the DIA gateway model to outside developers is boosted by the fact that once something is built for his agency, it’s potentially exportable to the rest of the 16 other agencies that make up the intelligence community. At least in theory, if a solution is acceptable to DIA, it will meet the rest of the IC’s architectural and security needs as they converge around ICITE.
And once there’s a proliferation of standards-based tools that are designed for that IC cloud environment, the intelligence community can start moving toward what he calls a “pay to use” model rather than a “pay to build” model, he said.
“The risk aversion of the government largely comes from the fact that we have to pay to build our capabilities. That means that we need to know a whole lot about those systems before we even get a chance to try them,” Doney said. “The risk associated with that model causes the government to be quite wary. If we change the model and bring our conditions directly to developers, look at how that changes the evaluation, the integration, the accreditation processes we have now. I can expose my security model. The fact that I use PKI certificates is not secret. If I require capability providers to meet our standards before they can do business with us, they know how to participate in our particular framework. And it’s not because I’ve given them a 500-page document. It’s because we’ve given them the interface that we use.”
Less risky approach
Doney said DIA thinks the new model will enable a very rapid onboarding process for new technologies. The agency currently is targeting a 30-day timeframe between the point at which an innovation is certified as meeting ICITE standards and the time it’s actually in use inside DIA.
That approach, he said, is in line with the bigger philosophy behind ICITE, which involves an agile, standards-based approach to development, fielding new capabilities in smaller, shorter increments.
“People think that means more risk. It doesn’t. You don’t see Google and Microsoft going down very frequently, and yet they’re doing integration and releases on a very regular, even nightly basis,” he said. “If I build integration into the model and let people click into it very early on, which means I need to take some smart risk, it gets to a very significant cultural change. One of the biggest determinants of success in capability delivery is early interaction with end users, and if you look at our existing models for the way we deliver IT, that’s the last part of the process. After we’ve gone through a whole series of other steps, we finally let the users into the mix. We have to change that model, and we are.”
Peggy Evans, a former Office of Management and Budget official and congressional staff member, who is now an independent consultant and senior fellow at the Potomac Institute for Policy Studies, said DIA’s approach has a lot of merit, but that there still are some lingering questions about how industry will play in the model.
“The government regulations in place are really monolithic and outdated, and the key to agility really is getting away from the RFP approach. Opening up the needs to the widest possible audience and publishing the standards is absolutely crucial to this,” she said. “But the next most important thing to industry is how to get paid. When you pay for use, there are certainly some applications that will be used by the entire intelligence community. But there are other niche, mission- driven applications that won’t. And the concern is about the compensation model for those.”