Cyber Security Work at OMG - Task Force Levels

In September 2019 OMG launched the BPM+ Health community – a community-of-practice focused on the development, use, and adoption of sharable clinical pathways and workflow across health care, based upon open, standards-based languages. Within the community are four “pillar” stakeholder groups, each addressing a different element of this landscape:

Pathway Authoring, exploring how to create and document pathways and workflows using the community “Field Guide”
Institutional Adoption, focused on ingesting pathways and putting them into practice.
Implementation, exploring how to create software that consumes and/or produces pathways.
Methodology, centered on the underpinning languages, formalisms, and practice patterns.

Led by a team of experts from their respective disciplines, this webinar will recap the Community Launch event, and reveal for the first time the outcomes of the inaugural worksessions of each of these groups. It will recap the goals of the community and discuss how to get involved, and will present a high-level calendar of events for the coming year.
Attendance is recommended for people with a general interest in healthcare business process management, for organizations deciding how and where they would like to get involved, or for prior participants to get a “pulse” on how the community is organizing.

Topics will include:

Community Overview and Current Status
Workgroup Outbrief (Key discussion topics, priorities, and project plans)
Summary of upcoming Events
Announcement of Community Calendar

Attendance: Open to all interested parties.

Driven by new customer expectations, advanced technology and real time connected devices, the retail industry is rapidly transforming.

Managing and moving data is critical, and an ontology is the way to clearly define the concepts, relationships and properties of all data as it moves between new and old systems. Retail ontology standards will ensure interoperability, reduce time to value, and provide the foundation to continued transformations.

What’s more, in practice this enables the enterprise, from a store manager or corporate merchandiser to an IT developer or engineer, to create terminology and share a common understanding with the certainty of words, terminology, and concepts.

Technology standards help lower costs, ensure interoperability, and enable superior time-to-value and speed-to-market.

The Object Management Group® (OMG®) and the National Retail Federation (NRF) entered into a long-term agreement to manage and develop the Association for Retail Technology Standards (ARTS).

Two early movers and shakers — Horace Clemmons and Richard Mader — are here with us today to share the history of development and the enduring value to the Industry. They are joined by Andy Mattice, co-Chair of the Retail Domain Task Force at OMG , who will talk about the current status of development and some of the initiatives the future may hold.

The role of governance is a crucial, yet often misunderstood, activity for information systems and lines of business. Enterprises that are able to efficiently transform to meet new markets and technologies typically show a high level of governance maturity. Cloud computing requires an enterprise to evolve their existing governance to meet the need to align policies and practices between the business, internal IT, and external cloud service providers.

This webinar will present the Object Management Group’s Practical Guide to Cloud Governance, written by an international team of experts and issued in June 2019. We will explain the scope and motivations for cloud governance and the seven steps that must be executed (and repeated over time) to ensure success.

Translating narrative guidelines into a format that is consumable by a digital platform is a challenging but necessary step to improving outcomes in a digital age. A framework for using BPM+ (BPMN, CMMN, DMN) for expressing care pathways will be reviewed, along with the experience of the American College of Obstetricians and Gynecologists in how to put these models into a production system.

The new whitepaper from the OMG Cloud Working Group, will help developers, architects, and IT leaders make informed decisions and select the best technology for their specific needs. These technologies span storage, network, and compute services – this Practical Guide focuses on compute options. Jon the paper's authors for a webinar for a review of the many options available (bare metal, VMs, containers, serverless, and more).

The Object Management Group (OMG) is proud to announce that its Cloud Working Group, successor to the Cloud Standards Customer Council (CSCC), has produced a new version of its widely used “Practical Guide to Cloud Service Agreements.” The Guide explains what is contained in a CSA, what its various clauses mean, and how a cloud customer can decide what is in its interest or not. In this version 3.0, several sections have been expanded and clarified, making the Guide even more of a necessary companion to the IT Manager who seeks to evaluate and compare cloud service offerings. Several leaders of this revision effort will discuss the content of the Guide and explain how to use it.

The Government of Canada has made a strong commitment to enabling interoperability, but what does that mean, and how do we make it happen? The Treasury Board Secretariat (TBS) has launched several key initiatives including OneGC, the Digital Exchange Platform, and API Store which all rely on the ability to share data between programs, with provinces, and with industry. This discussion will cover how TBS is approaching interoperability by providing leadership, defining standards, and ensuring that an interoperability ecosystem is available for departments and agencies to leverage.

The OMG is working on a Secure Network Communications (SNC) specification. This specification will add new technology and modeling techniques to the existing Software Based Communications (SBC) standard, previously titled the Software Communication Architecture (SCA) standard, and originally developed for the U.S. Department
of Defense Joint Tactical Radio System for the next generation of radio systems. OMG is looking to modernize this standard and build commercial adoption. This effort is led by the OMG Secure Networking Communications (SNC) Working Group to modernize the standard with cybersecurity and networking capabilities, parametric SysML® models,
automated software code generation and High Performance Embedded Computing standard toolboxes.

The OMG System Assurance (SysA) Task Force is bound by the notion that system and software assurance is focused on the management of risk and the assurance of safety, security, and dependability within the context of system lifecycles. The fundamental goal of the SysA Task Force is a community-developed practical set of specifications/ standards for industry, academia, and the government. The hypothesis is that, if the community can come to an agreement on this complex discipline’s definition and scope, the specifications/standards will come together more quickly and accelerate progress towards the goal of resilient, dependable, and robust systems.
This presentation will review the SysA supported specifications, current work-in-progress, and roadmap for the future.

This presentation will highlight some of the key initiatives being executed by the members of the OMG C4I Task Force including:
*Open Architecture Radar Interface Standard (OARIS)
*Tactical Situation (TACSIT) Specification
*Alert Management Service (ALMAS)
Recorded at the OMG TC Meeting in Ottawa, Canada

Architecture Driven Modernization involves taking a holistic approach to transforming application, data and technical architectures, which includes applying a business-driven approach through business architecture. The OMG Architecture Driven Modernization Task Force has been developing industry standards for the past 15 years for assessing, representing and measuring software systems from a variety of perspectives. The presentation will cover:
*Business-driven IT architecture transformation
*Architecture transformation challenges, expectations and realities
*Architecture-driven modernization case studies and reference points
*A discussion of standards supported by the OMG Architecture-Driven Modernization Task Force (ADM TF)

The Unified Architecture Framework® (UAF®) specification is used for modeling systems of systems. UAF was developed by a diverse group of tool vendors, end users, academia, and government representatives at the OMG. It has the full support of the US Department of Defense (DOD) and the UK Ministry of Defence (MOD). It is a DOD mandated standard. Its foundation in UML/SysML improves the integration between architectural framework modeling and system modeling to support post-acquisition lifecycle design and implementation.

This presentation provides an overview of SysML, a brief introduction to how UAF will provide a standard means of expressing DoDAF, NAF and MODAF using SysML, an overview of the UAF views and viewpoints and language concepts, and selected sample problems to demonstrate how the language can be used.

This presentation will cover the topics of:
•UAF modeling as part of the systems engineering process
•Using capability and systems models to avoid the problems of stovepipe development
•Using strategic, acquisition and systems modeling to ensure that systems deployment is in line with capability deployment requirements
•Transitioning from a system of systems to systems development
•Integrating requirements management into architecture modeling and the development lifecycle
•The future of architecture development

The OMG® Systems Assurance (SysA) Task Force is working on Model-based Cybersecurity Assessment (MBCA). MBCA is a risk assessment paradigm that emphasizes the use of rigorous models, analytics, and automated tools and best practices for the repeatable assessments of the cybersecurity of systems. MBCA is aligned with Model-Based Systems Engineering (MBSE) and emphasizes leveraging engineering models for the purposes of risk assessment. This presentation will discuss how to use MBCA with the Unified Architecture Framework (UAF) to identify, analyze, classify and understand cybersecurity threats and related risks. This assessment will help stakeholders determine where to focus mitigation efforts, budget and resources.

An increasing number of government and pubic sector organizations are seeking to architect systems based on the Open Group's Future Airborne Capability Environment™ (FACE™) architecture design. For this to occur, FACE modelss must be aligned to supporting DODAF and NAF views and viewpoints, and integrated into the broader set of organizational architectures and models. The C4I DTF is seeking to develop a FACE profile for the OMG® Unified Architecture Framework® (UAF®) aligning FACE concepts into the UAF's ontological foundation and subsequently into DODAF and NAF.

The Data Distribution Service™ (DDS™) is a middleware protocol and API standard for data-centric connectivity from the OMG®. This presentation will cover the use cases of DDS and share example implementations of the DDS standard. DDS integrates the components of a system together, providing low-latency data connectivity, extreme reliability, and a scalable architecture required by business and mission-critical Internet of Things (IoT) applications.
In a distributed system, middleware is the software layer that lies between the operating system and applications. It enables the various components of a system to more easily communicate and share data. It simplifies the development of a distributed system by letting software developers focus on the specific purpose of their applications rather than the mechanics of passing information between applications and systems.

Software Systems, hardware systems, business systems - the mind reels at all that we are building or modernizing today. Can we possibly handle the complexity and achieve reliability? Yes, we can, by creating models. A model is a concrete representation of the often abstract, hard-to-comprehend aspects of a system. With models, we can understand requirements, analyze problems, and design solutions, whether for a system to be guilt or an existing one under study. And, crucially, we can also use models to communicate within and between teams. But clear communication requires the use of a common language backed up by a common community of practice.

This is exactly what OMG modeling language standards provide: a broad suite of industry-defined languages, with extensive tooling support, for modeling all sorts of systems: Unified Modeling Language (UML), Systems Modeling Language (SysML), Business Process Model and Notation (BPMN), Case Management Model and Notation (CMMN) and Decision Management Model and Notation (DMN).

But if you are new to this richness of standards, it is sometimes hard to know where to begin! this presentation will give you a concise overview of how these standards came to be, how they are being applied today and how they are continuing to evolve to meet growing user expectations. At the end of this presentation, you should feel comfortable with the breadth of modeling languages that the OMG has to offer and be ready to explore them in a bit more depth in subsequent presentations. Recorded live in Ottawa, September 2018.

This presentation will provide an overview of both UML (Unified Modeling Language) and SysML (Systems Modeling Language) and demonstrate how they are successfully applied in practice. You will also learn about the exciting work going on as these standards continue to evolve, including the expanding suite of standards defining precise, executable semantics for UML and SysML and the broad industry effort ongoing to develop SysML v2. Presentation recorded in Ottawa, Canada September 2018.

Every wonder about the source of a seemingly legitimate post on Facebook or even in a mainstream media publication? How about the source of the food you're eating? If E.coli is found is produce from a particular farm, how do we know what products to take off the shelf? How do we know that the electronic records from a business have been maintained appropriately? If they've been changed, who could have done it? To answer these types of questions, we need to understand how each "artifact" was created and then handled and by whom. Understanding the source and and/or process by which a piece of data was created is the lineage or "pedigree" of the data element. Understanding who has possession or custody of a data element in addition to who "owns" or has responsibility for it is the "provenance" The OMG Provenance and Pedigree Working Group has been developing a set of standards for tracking and exchanging information related to the provenance and pedigree of artifacts, whether they be data or physical objects. This presentation was recorded in Ottawa, Canada.