The U.S. Army’s chief information officer (CIO) plans to release a memo outlining new efforts aimed at improving the Army’s continuous authority to operate (cATO) processes, Army CIO Leonel Garciga announced last week.
During a panel at the annual AUSA conference, Garciga explained that the upcoming memo will authorize two continuous integration and continuous deployment (CI/CD) pipelines aimed at enhancing cATO processes.
One pipeline will focus on the Army’s Nett Warrior program at the Program Executive Office for Soldier, which aims to deliver mobile capabilities, enhance situational awareness, and improve interoperability at the tactical edge for faster, more accurate decision-making by leaders across Brigade Combat Teams.
The second pipeline will support defensive cyber operations (DCO) under the Program Executive Office for Intelligence, Electronic Warfare, and Sensors, which develops capabilities for Army Cyber Command.
“So, two different views and two different operating models, but the intent here is to get their CI/CD pipelines approved,” Garciga said.
“The plan is [that] as folks come in, we walk through what their pipeline is. And it’s not a checklist, it’s about [concept of operations],” he said.
About eight additional programs have expressed interest in receiving approval for similar frameworks, according to Garciga.
Additionally, Garciga explained that the upcoming memo will lay the initial foundation for the Army’s transition to cATO processes and establish requirements for accredited frameworks.
The initial foundation is to determine – whether a department asset, an Army asset, or even a commercial asset – “if you meet these requirements, [if so] we’ll approve these platforms to be used,’” he said.
“We got to make sure that they’re platforms that are safe to operate on, they’ve got to meet the minimum requirements break,” Garciga said.
The memo follows a previous policy released in early March designed to facilitate the adoption of modern software development and acquisition practices. This upcoming directive not only offers overarching guidance to enhance the Army’s software development and delivery but also encourages the adoption of cATO processes.
“One of the tasks in the software directive, besides just more generalized risk management framework and cybersecurity reform, was … can we get to this point to put out guidance for cATO?” Garciga said. “There hasn’t really been any guidance, right? It’s still the traditional checklist. So, we’re taking the new digital process and using our great industrial-age processes to overlay on top of them.”
The Army CIO will also begin looking at how to integrate cATO processes for larger weapon systems programs, such as the High Mobility Artillery Rocket System (HIMARS), Garciga said.
“That is our next pilot effort, is working with the program over there to work on some of these problems, to have a hardware-in-the-middle approach,” he said.
