Other Transaction Solicitation Call: Software Artifact Dependency Graph Generation at Scale
ID: 70RSAT24R00000042Type: Combined Synopsis/Solicitation
Overview

Buyer

HOMELAND SECURITY, DEPARTMENT OFOFFICE OF PROCUREMENT OPERATIONSSCI TECH ACQ DIVWASHINGTON, DC, 20528, USA

NAICS

Research and Development in the Physical, Engineering, and Life Sciences (except Nanotechnology and Biotechnology) (541715)

PSC

GENERAL SCIENCE AND TECHNOLOGY R&D SERVICES; GENERAL SCIENCE AND TECHNOLOGY; BASIC RESEARCH (AJ11)

Original Source

https://sam.gov/opp/87facc5a3a8c49ecb7ea16d1028011d6/view
Timeline
    Description

    The Department of Homeland Security's Science and Technology Directorate seeks innovative solutions through its Silicon Valley Innovation Program (SVIP) for the "Software Artifact Dependency Graph Generation at Scale" project. DHS aims to enhance software vulnerability management by implementing intrinsic identifiers, improving the identification of software components across its operational units. Applicants are invited to submit proposals online, including technical and cost/schedule details, with a focus on enabling public correlations across graphs and creating value-added services. Intellectual property rights will be retained by the successful applicant, while the government gains certain usage rights. With a budget of up to $1.7 million for all phases and a submission deadline of December 16, 2024, this non-FAR-based procurement process offers a comprehensive nine-month schedule and detailed cost breakdowns. Potential vendors should carefully review the specified prohibitions and representations related to federal contracting.

    Point(s) of Contact
    SVIP Team
    DHS-Silicon-Valley@hq.dhs.gov
    Files
    Title
    Posted
    DHS Clauses_8_12_24.pdf
    The file outlines several prohibitions and representations regarding federal contracting. It contains provisions related to the use of appropriated funds, specifically prohibiting agreements with inverted domestic corporations unless waived for national security reasons. Additionally, it mandates prohibitions and representations about telecommunications and video surveillance equipment and services. Contractors must ensure compliance with these requirements and provide necessary disclosures. These provisions aim to safeguard national security and integrity in federal procurement. Agencies must carefully vet and monitor contractors to ensure adherence to these restrictions.
    Public Portal Registration Guide.pdf
    The Department of Homeland Security's Science and Technology Directorate issues this guide to help users register for the Public Portal of the Office of Industry Partnerships. This end-to-end proposal management system supports proposal and award processes for multiple programs, including SBIR, BAA, and SVIP. New users must create accounts with personal and company details, while existing company records require registration with a unique PIN. The portal facilitates secure communication and efficient management of submission and evaluation processes for both proposers and DHS. This manual provides comprehensive instructions, from navigating the portal to registering as a new user, handling company registrations, and logging in with existing accounts. It also allows users to update their account information.
    SVIP_FAQs_8_12_24.pdf
    The Department of Homeland Security's Silicon Valley Innovation Program (SVIP) seeks innovative solutions from non-traditional contractors, including startups. This FAQ guide outlines the application process, eligibility criteria, and review procedures for potential applicants. SVIP funds non-FAR-based prototype projects through Other Transaction Agreements, with topics ranging from technology demonstrations to specific operational needs. Applicants must respond to active topic calls and use the designated web portal for submissions, which are evaluated based on specified criteria. Feedback is provided in writing, and applicants can resubmit if a topic call is still open. The program engages closely with industry, protecting sensitive information and allowing applicants to retain intellectual property rights. Security clearances are not required, but suitability assessments may be conducted for access to sensitive data. With a focus on protecting intellectual property and a prohibition on discussing application details, SVIP encourages applicants to carefully review the documentation and reach out with any questions.
    SVIP Cost and Schedule Volume_8_12_24.xlsx
    The government agency seeks a contractor for a multi-phase project, with a focus on developing a comprehensive report and associated deliverables. The project has a grand total budget of $193,901. Each phase has distinct milestones related to equipment purchases, architecture documentation, proof of concept demonstrations, and commercialization planning. The labor costs are broken down by milestones, categorized into senior engineer, software engineer, and administrative assistant hours, with associated rates. Materials, hardware, and software costs are outlined, including server expenses. Travel expenses are also detailed for trips between Boston and Washington DC. The schedule spans nine months, with milestones assigned to specific months. This file provides a breakdown of costs and tasks for each phase, offering potential vendors a comprehensive overview of the procurement process and requirements.
    SVIP FAQs_8_12_24.pdf
    The Department of Homeland Security's Silicon Valley Innovation Program (SVIP) seeks innovative solutions from non-traditional contractors, including startups. This FAQ guide outlines the application process, eligibility criteria, and review procedures for potential applicants. SVIP funds non-FAR-based prototype projects through Other Transaction Agreements, with focus areas determined by Topic Calls. Applicants must use the designated web portal for submissions, which are evaluated based on specified criteria. The process emphasizes the importance of adhering to deadlines, using designated application templates, and addressing technical and cost aspects. Successful applicants may receive non-FAR-based awards, and intellectual property rights are negotiated. The program encourages applicants to thoroughly review Topic Calls and seek clarification on specific questions via designated email channels.
    SWADG_Technical_Volume_and_Instructions_8_12_24.pdf
    The Department of Homeland Security is seeking innovative solutions for its Software Artifact Dependency Graph Generation at Scale (SWADG) project. Applicants are invited to submit proposals via an online portal, including a Technical Volume (TV) and Cost/Schedule Volume (CSV). The TV, limited to eight pages, must address technical details, while the CSV provides cost and schedule information using specified templates. The focus is on enhancing artifact dependency graphs, with solutions relevant to at least one Technical Topic Area (TTA). TTAs cover enabling public correlations across graphs and creating value-added services. The selected provider will retain intellectual property rights, but the government will gain unlimited use rights for reports and limited rights for project data. The submission deadline is December 16, 2024. Applicants must detail their approach, prototype maturity, and expected outcomes for each phase, beginning with a Phase 1 Minimum Viable Product. The budget for Phase 1 is set at $200,000.
    SWADG_Topic_Call_8_12_24.pdf
    The Department of Homeland Security (DHS) seeks innovative solutions from the private sector to enhance its software vulnerability management capabilities. The goal is to improve the identification and management of software components across DHS operational units. Specifically, DHS aims to implement intrinsic identifiers, such as artifact dependency graphs (ADGs), to complement existing extrinsic identifiers. This approach will contribute to a more efficient and effective software identification ecosystem. DHS invites applications for developing intrinsic identifier generation capabilities integrated into foundational open-source technologies, focusing on compilers, build toolchains, and post-build processes. Additionally, DHS seeks value-added services that leverage ADGs, benefiting enterprise, system administrator, and developer workflows. Applicants can propose solutions across three technical topic areas, each supporting open-source software communities and enabling broad adoption. The selected solutions will undergo a four-phase development process, with potential follow-up operational testing. The SVIP program offers funding opportunities of up to $1.7 million for Phases 1-4 and encourages commercialization and transition to operation. The submission deadline is December 16, 2024.
    SWADG Technical Volume and Instructions_8_12_24.pdf
    The Department of Homeland Security is seeking innovative solutions for its Software Artifact Dependency Graph Generation at Scale (SWADG) project. Applicants are invited to submit proposals via an online portal, including a Technical Volume (TV) and Cost/Schedule Volume (CSV). The TV, limited to eight pages, must address technical details, while the CSV provides cost and schedule information using specified templates. The focus is on enhancing artifact dependency graphs, with solutions relevant to at least one Technical Topic Area (TTA). TTAs cover enabling public correlations across graphs and value-added services. The selected provider will retain IP rights, but the government will gain unlimited use rights for reports and limited rights for project data. The proposed solution should demonstrate understanding of the technical challenges and offer a viable product. This request is part of a four-phase project, with the first phase involving a minimum viable product delivery. Applicants must register and submit their proposals by the deadline to be considered.
    SWADG Topic Call_8_12_24.pdf
    The Department of Homeland Security (DHS) seeks innovative solutions for Software Artifact Dependency Graph (ADG) Generation at Scale. This initiative aims to enhance cybersecurity and software vulnerability management across federal agencies and critical infrastructure. DHS requires a common approach to identifying software components to streamline collaboration among developers, researchers, and defenders. The solicitation seeks technical capabilities that integrate intrinsic identifiers, like ADGs, into foundational open-source technologies across various programming languages. These identifiers, embedded during compilation or packaging, enable efficient software identification and enhance vulnerability response. Offerings should focus on one or more Technical Topic Areas (TTAs), encompassing intrinsic identifier generation and value-added services that leverage ADGs. Each TTA has specific open-source capabilities (OSSC) requirements. Applications should detail Phase 1 efforts to demonstrate proof-of-concept and may receive up to $200,000 in funding. Subsequent phases focus on prototype development, testing, and operational readiness, with potential funding up to $1.7 million in total.
    Lifecycle
    Title
    Type
    Other Transaction Solicitation Call: Software Artifact Dependency Graph Generation at Scale
    Currently viewing
    Combined Synopsis/Solicitation
    Similar Opportunities
    Silicon Valley Innovation Program 5-Year Other Transaction Solicitation
    Active
    Homeland Security, Department Of
    The U.S. Department of Homeland Security's Science and Technology Directorate seeks innovative solutions from small businesses and startups through the Silicon Valley Innovation Program (SVIP). This five-year federal contract, with a total funding of $75 million, aims to utilize the department's Other Transaction Authority to address emerging homeland security challenges. SVIP offers non-dilutive funding, flexible project structures, and access to expert guidance, focusing on rapid technology development and operational testing. Solutions are sought in cybersecurity, border security, and unmanned aerial systems, with a rigorous selection process based on technical merit and compliance. Applicants must be non-traditional government contractors, and employee numbers must be below a certain threshold. Deadlines and topics will vary, with details outlined in individual Technical Calls.
    2024 Department of Homeland Security (DHS) Directorate of Science and Technology (S&T) Long Range Broad Agency Announcement (LRBAA) 24-01
    Active
    Homeland Security, Department Of
    The Department of Homeland Security (DHS) is issuing the Long Range Broad Agency Announcement (LRBAA) 24-01, aimed at funding innovative scientific and technical projects that enhance the operational capabilities of the Homeland Security Enterprise. This announcement invites proposals across a wide range of research areas, including counter-terrorism, cybersecurity, and agricultural threat resilience, with a focus on transitioning cutting-edge technologies into DHS operations. The LRBAA emphasizes collaboration with industry and academia, and interested parties are encouraged to participate in an Industry Day event on August 21, 2024, to learn more about the submission process and available topics. For further inquiries, contact John Whipple at john.whipple@hq.dhs.gov or Jason Rios at Jason.Rios@hq.dhs.gov.
    Vessel Identification System Data
    Active
    Homeland Security, Department Of
    The Department of Homeland Security, specifically the U.S. Coast Guard, is seeking proposals for a Vessel Identification System (VIS) data service aimed at enhancing information sharing among law enforcement and regulatory entities. The procurement requires vendors to provide a centralized system for sharing state vessel registration and federal documentation information, ensuring compliance with data feed requirements and establishing Memorandums of Agreement (MOAs) with at least 35 states. This initiative is crucial for improving maritime safety and enforcement capabilities, with a contract duration of one base year starting January 2, 2025, and four optional one-year extensions. Interested vendors must submit their quotations by November 12, 2024, and can direct inquiries to Susan Salaj at susan.h.salaj@uscg.mil or Donald Biebel at donald.a.biebel@uscg.mil.
    Open Source Software: Structured Threat Intelligence Graph: Revolutionizing Cybersecurity Data Management
    Active
    Energy, Department Of
    The Department of Energy, specifically the Battelle Energy Alliance at the Idaho National Laboratory, is seeking to advance cybersecurity data management through the development of the Structured Threat Intelligence Graph (STIG), an innovative open-source software solution. This software aims to revolutionize the visualization, management, and analysis of cybersecurity threats by providing a graphical user interface for Structured Threat Information eXpression (STIX) data, thereby enhancing decision-making capabilities in a rapidly evolving threat landscape. STIG is designed for various applications, including cybersecurity analysis, incident response, and research and development, emphasizing its importance in improving automated threat response and customization for utility companies. For further inquiries, interested parties can contact Andrew Rankin at andrew.rankin@inl.gov.
    DHS Public Safety and Violence Prevention (PSVP) Program - Broad Agency Announcement
    Active
    Homeland Security, Department Of
    The Department of Homeland Security, Department of, Office of Procurement Operations, SCI TECH ACQ DIV has issued a Combined Synopsis/Solicitation notice for the DHS Public Safety and Violence Prevention (PSVP) Program - Broad Agency Announcement. This 5-year Broad Agency Announcement (BAA) aims to support the DHS Science and Technology (S&T) Public Safety and Violence Prevention (PSVP) Program. The BAA includes Call 0001, which consists of three separate technical topic areas seeking responses from industry. It is important to review the entire BAA Announcement, Call 0001, and associated Statements of Objectives for each of the three technical topic areas. For more information, please contact the PSVP PMO at PSVP@HQ.DHS.GOV.
    Commercial Port Information and Operational Technology
    Active
    Homeland Security, Department Of
    The Department of Homeland Security (DHS) is issuing a Request for Information (RFI) under the Commercial Port Information and Operational Technology (C-PILOT) program to enhance cybersecurity within the U.S. Maritime Transportation System (MTS). This initiative aims to identify vulnerabilities in commercial port operations and their Information Technology (IT) and Operational Technology (OT) systems, facilitating the development of a virtual testbed for evaluating cybersecurity measures without disrupting port activities. The MTS is crucial to the U.S. economy, and this effort supports the U.S. Coast Guard's mission to protect maritime infrastructure against cyber threats. Interested stakeholders, particularly those involved in maritime port operations and equipment production, are encouraged to submit their responses by December 20, 2024, and can contact C-PILOT RFI at MaritimePortResiliencyandSecurityStudy@hq.dhs.gov for further information.
    Open Broad Agency Announcement - Screening at Speed Program
    Active
    Homeland Security, Department Of
    Special Notice: Homeland Security, Department of - Open Broad Agency Announcement - Screening at Speed Program The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has issued an Open Broad Agency Announcement (BAA) for the Screening at Speed (SaS) Program. This program aims to enhance screening processes and technologies. The announcement is not currently accepting submissions, but a separate posting on SAM.gov will be created for future calls under this BAA.
    2025 CB Warfighter Engagements
    Active
    Dept Of Defense
    The U.S. Department of Defense issues a Request for Information (RFI) to connect with industry and academic innovators. The goal is to accelerate the development of technologies that aid the warfighter in understanding, protecting against, and mitigating chemical, biological, and radiological (CBR) threats. The RFI seeks interest and solutions for three experimental events: Chemical Biological Operational Analysis (CBOA), a Concept Tent exhibition, and the Tenacious Dragon 3 (TD3) Advanced Technology Demonstration. These events, to be held in 2025, will evaluate submissions based on their relevance to CBR defense and the maturity of their designs. The need for robust CBR defense technologies is paramount in military operations, especially in detecting threats, ensuring force protection, and responding rapidly to hazardous incidents. The focus is on enhancing the capabilities of personnel operating in these dangerous environments, with specific attention to real-time detection, diagnostics, protective equipment, and rapid mitigation methods. Interested parties should submit their solutions, focusing on one capability area, by the deadline of December 12th, 2024, with an interim cutoff in September. Submissions require a Vulcan Scout Card and registration on the Vulcan platform, with industry and government affiliates following different guidelines.
    Screening Equipment Deployment Services (SEDS) - Checkpoint (CP)
    Active
    Homeland Security, Department Of
    The Department of Homeland Security, through the Transportation Security Administration (TSA), is seeking industry input for Screening Equipment Deployment Services (SEDS) related to checkpoint security technology at U.S. federalized airports and other designated locations. The TSA aims to gather capabilities and innovative strategies for the installation, deployment, and planning of security equipment, with a current contract ceiling of $470.7 million over five years, as the existing Indefinite Delivery/Indefinite Quantity (IDIQ) contract approaches its conclusion. This initiative is critical for enhancing transportation security infrastructure and ensuring compliance with operational standards. Interested vendors must submit their responses, including capability statements and white papers, by November 7, 2024, to the designated TSA contacts, Lindsay Alexander and Heather Karle, via their provided email addresses.
    SDA Battle Management Mission Applications (Program BAA)
    Active
    Dept Of Defense
    The U.S. Space Development Agency (SDA) is issuing a Broad Agency Announcement (BAA) to procure innovative software applications to enhance situational awareness and decision-making capabilities for military space operations. The focus is on developing containerized applications for the Battle Management Command, Control, and Communications (BMC3) module of the Proliferated Warfighter Space Architecture (PWSA) system in Low Earth Orbit. The solicitation seeks cutting-edge solutions from vendors for several key areas, including BMC3 management, power and resource optimization, and cybersecurity, with an emphasis on near-real-time performance and proactive measures. Vendors are invited to submit White Papers for initial review, leading to potential invitations for full proposals. The agency prioritizes rapid deployment, encouraging bidders to propose schedules accordingly. Important deadlines include the submission of White Papers by June 19th, 2024, and Proposals by May 19th, 2025. The SDA reserves the right to issue amendments and extend deadlines, with selections made based on technical merit, mission relevance, and available funding. Contact ussf.pentagon.sda.mbx.FA240124S0002@mail.mil for more information.