The scope of work shall include Command, Control, Communications, Computers, and Intelligence (C41) software engineering support to Space and Naval Warfare (SPAWAR) Systems Center (SSC) Pacific. These efforts will include engineering products related to C41 software applications, web service development, and database or database management systems for current and future C41 systems and related business systems applications. System engineering eff01ts may include support for the web enablement of applications and services to support Service Oriented Architectures (SOA) and Net-Centric Warfare efforts. The technical support shall entail the full range of software development including system requirements, product analyses/evaluations, design, prototyping, software engineering/development, implementation, integration, documentation, and training. Programs to be supported include but are not limited to Global Command and Control System — Maritime Family of Systems (MGF), DOD Storefront, and Comprehensive Automated Maintenance Environment – Optimized (CAMEO). Work will require an in-depth understanding of the Software Engineering Institute (SEI) Capability Maturity Model Integration (CMMI) for the entire software life-cycle process, SEI Secure Coding Standards, and processes defined in IEEE 12207. This work provides support to perform software development, integration, test, and maintenance, and shall monitor progress using reporting procedures and measures of performance in accordance with best practices indicated by the SEI CMMI, or as defined by the applicable Program Offices.
This work requires developers implement and follow SEI CERT Secure Coding Standards, as defined at SecureCoding.cert
An essential element of secure coding in any programming language is a well-documented and enforceable coding standard. The CERT Secure Coding Standards provide rules for secure coding in the major programming languages. The goal of these rules is to eliminate insecure coding practices that can lead to exploitable vulnerabilities. The application of the secure coding standard leads to higher quality systems that are safe, secure, reliable, dependable, robust, resilient, available, and maintainable and can be used as a metric to evaluate source code for these properties (using manual or automated processes).
The C41 applications and databases and associated database applications may entail complete system solutions involving integration with commercial off-the-shelf software (COTS) and other non-developmental items (NDI). Implementations will generally fall under the standards and guidelines established by Defense Information System Agency (DISA) and pertinent Program Element Offices, to include shared data environments, Common Operating Environment (COE) and other follow-on architectural guidance, such as Network Centric Enterprise Services (NCES). Best practices (e. g., Software Engineering Institute, Institute of Electrical and Electronics Engineers, and Rapid Integration and Test Environment processes) shall be utilized throughout the software development process to improve product quality, reduce costs, and minimize risks.