Tactics, Techniques, & Procedures (TTP) for Analyzing the Use of Open Source Software (OSS) in Software Development Enclaves

The Department of Defense, specifically the United States Air Force, is seeking proposals for the Small Business Innovation Research (SBIR) program focused on developing Tactics, Techniques, and Procedures (TTP) for analyzing the use of Open Source Software (OSS) in software development enclaves. The objective is to create a comprehensive methodology that enables cybersecurity personnel to assess the risks associated with OSS within system architectures, particularly in light of increasing security vulnerabilities exploited by threat actors. This initiative is critical as it aligns with the Department of Defense's Zero Trust mandates and the new NIST SP 800-53 Rev 5 controls, emphasizing the need for rigorous OSS analysis. The solicitation is set to be released on May 7, 2025, with an open date of May 28, 2025, and a closing date for applications on June 25, 2025. Interested parties can find more information and submit proposals through the official SBIR website at https://www.dodsbirsttr.mil/topics-app/.