PSC Services (UK) Ltd. Project Solutions Corporation
Home PSC Team client listcase studies contact

TSCP Case Study

Emerging Business Environment

The increasing technical complexity, the cost and risks in delivering defense programs and the overarching requirement for interoperability are causing governments and industry to adopt a collaborative business model. This emerging business environment is characterized by multi-company, multi-national contracts and teaming agreements, international program management offices with global supply chains, and the outsourcing of information technology (IT) support services.

Challenges
There is an increasing reliance on the electronic creation, transmission and manipulation of information in order to meet schedule and efficiency objectives. The emerging business environment requires that this occur with an international workforce subject to multiple jurisdictions. This presents significant business risk to the companies involved, in terms of compliance with national laws and regulations on data transfer, increased complexity of governance and oversight, and IT security.

Industry Response – Transatlantic Secure Collaboration Program (TSCP - see www.tscp.org)
Leading aerospace & defense companies in the USA and Europe have come together in this Collaborative Program to address this challenge. Currently (April 2006), TSCP Participants include Boeing, BAE Systems, EADS, Lockheed-Martin, Northrop Grumman, Raytheon and Rolls-Royce. Supporting Governments include the US DoD, the UK MoD and the Government of Canada.

Governance & Program Management
The TSCP Program is managed by a Governance Board made up of Participating organizations, together with a TSCP Director and a Program Office.

PSC has been supporting TSCP since May 2005, currently filling the role of Program Delivery Manager in the Program Office, as well as providing Project Management Support to TSCP Workstream and Work Packages. Our responsibilities include:

  • to develop and execute the Prototype Programmatic Baseline.
  • to deliver the Workstreams of the TSCP Prototype through effective coordination with the Workstream Leaders, the DA Service and the Company Program Managers
  • to develop, implement and maintain the TSCP Program Management Framework (PMF), which defines and supports the programmatic ‘ways of working’ for TSCP

TSCP Prototype – Concept of Operations
TSCP’s primary mandate is to identify the technical, policy and procedural guidelines for a collaborative solution that will enable the participants to comply with regulatory requirements. TSCP participants have recognized they have to deploy an Identity Management Infrastructure to be able to meet the regulatory requirements. This relates to a number governmental forcing functions of which the current drafting of the US Department of Defense Instruction on Identity Management, consistent with Federal Information Processing Standard 201 (FIPS 201), is critical. This requires the use of PKI credentials for all DoD contractors accessing Controlled Unclassified Information and the establishment of an Identity Management System within contracting companies that operates to OMB Level 4 assurance.

In addition to the regulatory demand, there is a need to obtain cost savings by leveraging current investment in Identity & Access Management (I&AM) including PKI and ultimately reduce the systemic risk by providing enforceable technical solutions.

Compliance to these forcing functions represents a long-term implementation path for TSCP participants and will require the support of technology vendors (e.g. Microsoft) to ensure that subsequent iterations of Commercial Off-the-Shelf Software (COTS) products support the new and evolving I&AM requirements. The first stage of this is the development of a TSCP Prototype to establish technical proof of concept and the ability for business applications to leverage the I&AM infrastructure. The output of the Prototype is neither a system nor a product, but a series of implementation manuals (frequently described as Do-it-Yourself Manuals) to support participants own work to ensure I&AM compliance according to an agreed set of policies ands standards, also established by the TSCP Prototype.

The conceptual vision of the technical architecture is illustrated in the diagram below, and shows how the existing enterprise I&AM infrastructure is supported by an enhanced layer including the progressive implementation of key tools such as cross-bridge PKI and Federated Identity Management (FIM). Based on evolutions to COTS products by vendors, applications will plug directly into the enhanced I&AM infrastructure supporting vertical end-to-end security within companies, and horizontal end-to-end security between companies.

Conceptual View of TSCP Technical Architecture

<< back to Case Studies

designed by icon © 2006 - PSC
ContactDownload PDF ReaderDownload Flash