Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 116th Congress · S. 1790 (EAH) — 116 S1790 EAH: National Defense Authorization Act for Fiscal Year 2020 · Sec. 224

Sec. 224. Development and implementation of digital engineering capability and automated software testing and evaluation

887 words·~4 min read·/bill/116/s/1790/eah/section-224

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

The Under Secretary of Defense for Research and Engineering and the Director of Operational Test and Evaluation shall jointly design, develop, and implement a digital engineering capability and infrastructure— to provide technically accurate digital models to the acquisition process; and to serve as the foundation for automated approaches to software testing and evaluation. The capability developed under subsection
(a)shall consist of digital platforms that may be accessed by individuals throughout the Department who have responsibilities relating to the development, testing, evaluation, and operation of software. The platforms shall enable such individuals to— use systems-level digital representations and simulation environments; perform automated software testing based on criteria developed, in part, in consultation with the Under Secretary’s developmental test organization and the Director to satisfy program operational test requirements; and perform testing on a repeatable, frequent, and iterative basis. The Under Secretary and Director shall carry out pilot programs to demonstrate whether it is possible for automated testing to satisfy— developmental test requirements for the software-intensive programs of the Department of Defense; and the Director’s operational test requirements for such programs. The Under Secretary and Director shall carry out not fewer than four and not more than ten pilot programs under this section. For each pilot program carried out under paragraph (1), the Under Secretary and Director shall— conduct a cost-benefit analysis that compares the costs and benefits of the digital engineering and automated testing approach of the pilot program to the nondigital engineering based approach typically used by the Department of Defense; ensure that the intellectual property strategy for the pilot program supports the data required to operate the models used under the program; and develop a workforce and infrastructure plan to support any new policies and guidance implemented during the pilot program or after the completion of the program. In carrying out paragraph (1), the Under Secretary and Director may consider using the authorities provided under sections 873 and 874 of the National Defense Authorization Act for Fiscal Year 2018 ( Public Law 115–91 ). Not later than 90 days after the date of the enactment of this Act, the Under Secretary and Director shall submit to the congressional defense committees a report that includes a description of— each pilot program that will be carried out under paragraph (1); software programs that may be used as part of each pilot program; selection criteria and intellectual property and licensing issues relating to such software programs; any recommendations for changes to existing law to facilitate the implementation of the pilot programs; and such other matters as the Under Secretary and Director determine to be relevant. Each pilot program carried out under paragraph
(1)shall terminate not later than December 31, 2025. The Under Secretary and the Director shall issue policies and guidance to implement— the digital engineering capability and infrastructure developed under subsection (a); and the pilot programs carried out under subsection (b). The policies and guidance issued under paragraph
(1)shall— specify procedures for developing and maintaining digital engineering models and the automated testing of software throughout the program life cycle; include processes for automated testing of developmental test requirements and operational test requirements; include processes for automated security testing, including— penetration testing; and vulnerability scanning; include processes for security testing performed by individuals, including red team assessments with zero-trust assumptions; encourage the use of an automated testing capability instead of acquisition-related processes that require artifacts to be created for acquisition oversight but are not used as part of the engineering process; support the high-confidence distribution of software to the field on a time-bound, repeatable, frequent, and iterative basis; provide technically accurate models, including models of system design and performance, to the acquisition process; and ensure that models are continually updated with the newest design, performance, and testing data. In carrying out subsections
(a)through (c), the Under Secretary and Director shall consult with— the Under Secretary of Defense for Acquisition and Sustainment; the service acquisition executives; the service testing commands; and the Defense Digital Service. Not later one year after the date of the enactment of this Act, the Under Secretary and Director shall submit to the congressional defense committees a report on the progress of the Under Secretary and Director in carrying out subsections
(a)through (c). The report shall include— an independent assessment conducted by the Defense Innovation Board of the progress made as of the date of the report; an explanation of how the results of the pilot programs carried out under subsection
(b)will inform subsequent policy and guidance, particularly the policy and guidance of the Director of Operational Test and Evaluation; and any recommendations for changes to existing law to facilitate the implementation of subsections
(a)through (c). In this section: The term Under Secretary and Director means the Under Secretary of Defense for Research and Engineering and the Director of Operational Test and Evaluation, acting jointly. The term digital engineering means an integrated digital approach that uses authoritative sources of system data and models as a continuum across disciplines to support life-cycle activities from concept through disposal. The term zero-trust assumption means a security architecture philosophy designed to prevent all threats, including insider threats and outsider threats. The term red team assessment means penetration tests and operations performed on a system to emulate a capable adversary to expose security vulnerabilities.
Connectionstraces to 1
Citation graph
cites case law
Sec. 224
Development and implementation of digital engineering capability and automated software testing and evaluation
Pub. L.Public Law 115-91
Cites 1Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.