Cyber Security Work at OMG - Task Force Levels

The new whitepaper from the OMG Cloud Working Group, will help developers, architects, and IT leaders make informed decisions and select the best technology for their specific needs. These technologies span storage, network, and compute services – this Practical Guide focuses on compute options. Jon the paper's authors for a webinar for a review of the many options available (bare metal, VMs, containers, serverless, and more).

The Object Management Group (OMG) is proud to announce that its Cloud Working Group, successor to the Cloud Standards Customer Council (CSCC), has produced a new version of its widely used “Practical Guide to Cloud Service Agreements.” The Guide explains what is contained in a CSA, what its various clauses mean, and how a cloud customer can decide what is in its interest or not. In this version 3.0, several sections have been expanded and clarified, making the Guide even more of a necessary companion to the IT Manager who seeks to evaluate and compare cloud service offerings. Several leaders of this revision effort will discuss the content of the Guide and explain how to use it.

The Government of Canada has made a strong commitment to enabling interoperability, but what does that mean, and how do we make it happen? The Treasury Board Secretariat (TBS) has launched several key initiatives including OneGC, the Digital Exchange Platform, and API Store which all rely on the ability to share data between programs, with provinces, and with industry. This discussion will cover how TBS is approaching interoperability by providing leadership, defining standards, and ensuring that an interoperability ecosystem is available for departments and agencies to leverage.

The OMG is working on a Secure Network Communications (SNC) specification. This specification will add new technology and modeling techniques to the existing Software Based Communications (SBC) standard, previously titled the Software Communication Architecture (SCA) standard, and originally developed for the U.S. Department
of Defense Joint Tactical Radio System for the next generation of radio systems. OMG is looking to modernize this standard and build commercial adoption. This effort is led by the OMG Secure Networking Communications (SNC) Working Group to modernize the standard with cybersecurity and networking capabilities, parametric SysML® models,
automated software code generation and High Performance Embedded Computing standard toolboxes.

The OMG System Assurance (SysA) Task Force is bound by the notion that system and software assurance is focused on the management of risk and the assurance of safety, security, and dependability within the context of system lifecycles. The fundamental goal of the SysA Task Force is a community-developed practical set of specifications/ standards for industry, academia, and the government. The hypothesis is that, if the community can come to an agreement on this complex discipline’s definition and scope, the specifications/standards will come together more quickly and accelerate progress towards the goal of resilient, dependable, and robust systems.
This presentation will review the SysA supported specifications, current work-in-progress, and roadmap for the future.

This presentation will highlight some of the key initiatives being executed by the members of the OMG C4I Task Force including:
*Open Architecture Radar Interface Standard (OARIS)
*Tactical Situation (TACSIT) Specification
*Alert Management Service (ALMAS)
Recorded at the OMG TC Meeting in Ottawa, Canada

Architecture Driven Modernization involves taking a holistic approach to transforming application, data and technical architectures, which includes applying a business-driven approach through business architecture. The OMG Architecture Driven Modernization Task Force has been developing industry standards for the past 15 years for assessing, representing and measuring software systems from a variety of perspectives. The presentation will cover:
*Business-driven IT architecture transformation
*Architecture transformation challenges, expectations and realities
*Architecture-driven modernization case studies and reference points
*A discussion of standards supported by the OMG Architecture-Driven Modernization Task Force (ADM TF)

The Unified Architecture Framework® (UAF®) specification is used for modeling systems of systems. UAF was developed by a diverse group of tool vendors, end users, academia, and government representatives at the OMG. It has the full support of the US Department of Defense (DOD) and the UK Ministry of Defence (MOD). It is a DOD mandated standard. Its foundation in UML/SysML improves the integration between architectural framework modeling and system modeling to support post-acquisition lifecycle design and implementation.

This presentation provides an overview of SysML, a brief introduction to how UAF will provide a standard means of expressing DoDAF, NAF and MODAF using SysML, an overview of the UAF views and viewpoints and language concepts, and selected sample problems to demonstrate how the language can be used.

This presentation will cover the topics of:
•UAF modeling as part of the systems engineering process
•Using capability and systems models to avoid the problems of stovepipe development
•Using strategic, acquisition and systems modeling to ensure that systems deployment is in line with capability deployment requirements
•Transitioning from a system of systems to systems development
•Integrating requirements management into architecture modeling and the development lifecycle
•The future of architecture development

The OMG® Systems Assurance (SysA) Task Force is working on Model-based Cybersecurity Assessment (MBCA). MBCA is a risk assessment paradigm that emphasizes the use of rigorous models, analytics, and automated tools and best practices for the repeatable assessments of the cybersecurity of systems. MBCA is aligned with Model-Based Systems Engineering (MBSE) and emphasizes leveraging engineering models for the purposes of risk assessment. This presentation will discuss how to use MBCA with the Unified Architecture Framework (UAF) to identify, analyze, classify and understand cybersecurity threats and related risks. This assessment will help stakeholders determine where to focus mitigation efforts, budget and resources.

An increasing number of government and pubic sector organizations are seeking to architect systems based on the Open Group's Future Airborne Capability Environment™ (FACE™) architecture design. For this to occur, FACE modelss must be aligned to supporting DODAF and NAF views and viewpoints, and integrated into the broader set of organizational architectures and models. The C4I DTF is seeking to develop a FACE profile for the OMG® Unified Architecture Framework® (UAF®) aligning FACE concepts into the UAF's ontological foundation and subsequently into DODAF and NAF.

The Data Distribution Service™ (DDS™) is a middleware protocol and API standard for data-centric connectivity from the OMG®. This presentation will cover the use cases of DDS and share example implementations of the DDS standard. DDS integrates the components of a system together, providing low-latency data connectivity, extreme reliability, and a scalable architecture required by business and mission-critical Internet of Things (IoT) applications.
In a distributed system, middleware is the software layer that lies between the operating system and applications. It enables the various components of a system to more easily communicate and share data. It simplifies the development of a distributed system by letting software developers focus on the specific purpose of their applications rather than the mechanics of passing information between applications and systems.

Software Systems, hardware systems, business systems - the mind reels at all that we are building or modernizing today. Can we possibly handle the complexity and achieve reliability? Yes, we can, by creating models. A model is a concrete representation of the often abstract, hard-to-comprehend aspects of a system. With models, we can understand requirements, analyze problems, and design solutions, whether for a system to be guilt or an existing one under study. And, crucially, we can also use models to communicate within and between teams. But clear communication requires the use of a common language backed up by a common community of practice.

This is exactly what OMG modeling language standards provide: a broad suite of industry-defined languages, with extensive tooling support, for modeling all sorts of systems: Unified Modeling Language (UML), Systems Modeling Language (SysML), Business Process Model and Notation (BPMN), Case Management Model and Notation (CMMN) and Decision Management Model and Notation (DMN).

But if you are new to this richness of standards, it is sometimes hard to know where to begin! this presentation will give you a concise overview of how these standards came to be, how they are being applied today and how they are continuing to evolve to meet growing user expectations. At the end of this presentation, you should feel comfortable with the breadth of modeling languages that the OMG has to offer and be ready to explore them in a bit more depth in subsequent presentations. Recorded live in Ottawa, September 2018.

This presentation will provide an overview of both UML (Unified Modeling Language) and SysML (Systems Modeling Language) and demonstrate how they are successfully applied in practice. You will also learn about the exciting work going on as these standards continue to evolve, including the expanding suite of standards defining precise, executable semantics for UML and SysML and the broad industry effort ongoing to develop SysML v2. Presentation recorded in Ottawa, Canada September 2018.

Every wonder about the source of a seemingly legitimate post on Facebook or even in a mainstream media publication? How about the source of the food you're eating? If E.coli is found is produce from a particular farm, how do we know what products to take off the shelf? How do we know that the electronic records from a business have been maintained appropriately? If they've been changed, who could have done it? To answer these types of questions, we need to understand how each "artifact" was created and then handled and by whom. Understanding the source and and/or process by which a piece of data was created is the lineage or "pedigree" of the data element. Understanding who has possession or custody of a data element in addition to who "owns" or has responsibility for it is the "provenance" The OMG Provenance and Pedigree Working Group has been developing a set of standards for tracking and exchanging information related to the provenance and pedigree of artifacts, whether they be data or physical objects. This presentation was recorded in Ottawa, Canada.

This presentation, recorded at the OMG meeting in Ottawa, will outline the key concepts and components for automating the data tagging and labeling process and the OMG C4I Task Force efforts to address these issues in an open and non-proprietary manner. In addition, we will discuss the Information Exchange Framework (IEF) - an OMG initiative to establish a family of specifications for responsible information sharing using email, file share, instant message, chat, etc.

In a globalized world in which we need to share information across entities, while at the same time respecting confidentiality constraints and a complex web of laws and regulations, governments as well as commercial enterprises face a growing need to manage the processes, roles and responsibilities related to the handling of sensitive data. This webinar will explore the many initiatives OMG has underway to help meet this challenge.

This presentation will introduce the core concepts, differentiation and business value of the "triple crown" of business process modeling (BPM) standards developed by OMG in recent years - the Business Process Model and Notation™ (BPMN™), the Case Management Model and Notation™ (CMMN™), and the Decision Model and Notation™ (DMN™). This session will demonstrate methods and best practices, specific roles and users, and usage in the context of government business innovation and transformation.

Data Residency consists of issues and approaches related to the location of data and metadata, and how to minimize the risk of adverse consequences due to the many laws and regulations that constrain where various types of information (financial, private, sovereign, etc.) can be stored. The OMG Data Residency Working Group published two important discussion papers in 2017: a study of Data Residency Challenges and Opportunities for Standardization, and a Data Residency Maturity Model. OMG's intent is to develop standards to describe laws and regulations on one hand, and the sensitive nature of a dataset on the other hand, allowing tools to expose the issues on might face when moving that data from one location to another. Recorded September 27 in Ottawa, Canada.

About this webinar:

Trends in retail unfold at a dizzying pace and the impact for retailers on their business structure and value proposition to shoppers is profound. Retail winners - those who outperform the market year after year - don't just sell more stuff, they have different priorities and it's worth examining them and their approach to technology to understand how retailers can be successful in a changing world.

Listen in on a moderated conversation with Retail Systems Research Analyst Brian Kilcourse as successful retailers discuss their priorities for the next 12-18 months and the technology to support it.

Speakers:

Brian Kilcourse is a recognized thought leader in the United States on how businesses innovate to deliver differentiating and sustainable value through the power of information. Brian is a managing partner at Retail Systems Research LLC, a company focused on helping companies develop winning strategies with its industry-leading research focused on the extended retail industry.

Susan Reda is Editor of STORES Media, the official publishing division of the National Retail Federation. She is responsible for developing all content for the magazine and additional STORES properties. With a passion for all things related to retail, Reda researches and writes multiple stories per issue, exploring the big-picture ideas, issues and innovations bubbling up in the industry.