I took a photo of this wonderful sign on this construction truck.
It says:
“To All The Men And Women Of Our Armed Forces
Thank You!
United We Stand.”
Next week on Wednesday is Veterans Day, but feeling gratitude to those who stand and fight for our freedom is not just a one day a year message.
Let’s always remember that freedom is not free! 😉
(Source Photo: Andy Blumenthal)
What a beautiful job by the National Archives and Records Administration (NARA).
In Operation Iraqi Freedom in 2003, our Special Forces looking for WMD instead discoverd thousands of ancient Jewish texts.
The texts dating from 1540 to 1970 taken from the Iraqi Jewish Community were sitting defiled in the basement of Saddam Hussein’s Intelligence HQS molding and decomposing under 4 feet of water.
The U.S. military and NARA rescued these texts and have painstakingly restored and preserved them through freezing, categorizing, condition assessment, stabilization, mold remediation, mending pages, washing, binding, and more.
Pictures of the collection of texts from Iraq before and after preservation can be found here.
The collection includes:
– A Hebrew Bible from 1568
– A Babylonian Talmud from 1793
– A Zohar/Kabbalah from 1815
– A Haggadah from 1902
– 48 Torah scroll fragments
– And much more.
On October 11, NARA will unveil an exhibit in Washington, DC featuring 24 of the recovered items and the preservation effort.
Hopefully, the collection of Jewish religious texts will ultimately be returned to the Jewish community from which it came, so that it can be held dear and sacred once again, and used properly in religious worship and never again held hostage or profaned.
Thank you so much to both the Department of Defense and to the National Archives for saving and preserving these ancient, sacred Jewish religious texts.
You did a beautiful mitzvah! 😉
There is a very interesting discussion of the protection of Federal Networks and the Fourth Amendment in “Cybersecurity, Selected Legal Issues,” Congressional Research Service (CRS) Report for Congress (3 May 2012).
The Department of Homeland Security (DHS) in conjunction with the National Security Agency (NSA) rolled out EINSTEIN, an intrusion detection system (IDS) in early iterations, and later an intrusion prevention system (IPS) at all Internet points of presence (POPs) for the government.
The system works through copying, storage, and deep packet inspection of not only the metadata for addressing information, but also the actual contents of the flow. This handling is necessary in order to identify suspicious malware signatures and behavior and alert the United States Computer Emergency Response Team (US-CERT) in order to block, quarantine, clean, and respond to the attacks and share information about these.
However, the civil liberties and privacy issue with EINSTEIN is that according to the Fourth Amendment, we are protected from unreasonable search and seizures. Thus, there are concerns about the violation of the Fourth Amendment, when DHS monitors and inspects addressing and content of all email and Internet communications to and from federal agency employees and the public–including not only from government email accounts and systems, but also from private email accounts such as Yahoo and Gmail and social media sites like Facebook and Twitter.
The justification for the use of EINSTEIN includes:
1. The government cannot reasonably get warrants in real time in order to safeguard the federal network and systems at the speed that the attacks are occurring.
2. The government places banners and user agreements on all Federal networks notifying users of monitoring, so there is no expectation of privacy in the communications.
3. The monitoring is conducted only for malicious computer activity and not for other unlawful activities—so “clean” traffic is promptly removed the system.
4. Privacy protections are ensured though review mechanisms, including Attorney General and Director of National Intelligence (DNI) reporting to Congress every six months and a sunset provision requiring monitoring reauthorization every four years.
This tension between monitoring of Federal networks and traffic and civil liberties and privacy is a re-occurring issue when it comes to cybersecurity. On one hand, we want cybersecurity, but on the other hand, we are anxious about this security infringing on our freedoms—whether freedom of expression, from search and seizure, from surveillance, or from potentially costly regulation, stifling innovation, and so forth. It is this tension that has stalled many cybersecurity bills such as the Stop Online Privacy Act (SOPA), Cyber Intelligence Sharing and Protection Act (CISPA), The Computer Security Act of 2012 and more.
In the absence of a clear way forward with legislation to regulate and enforce, or incentivize, standards and best practices for cybersecurity, particularly for critical infrastructure protection, as well as information sharing, the White House released Presidential Policy Directive/PDD-21 on Critical Infrastructure Security and Resilience to establish DHS and other federal agency roles in cybersecurity and to manage these on a risk-based model, so that critical infrastructure is identified, prioritized, assessed, and secured accordingly.
While PDD-21 is a step in the right direction, it is an ongoing challenge to mediate a balance between maintaining our values and constitutional freedoms, while at the same time securing cyberspace.
One thought is that perhaps we can model cybersecurity after the Posse Comitatus Act of 1878 that separated federal military from domestic national guard and law enforcement powers. Using this model, we can create in cyberspace a separation of cybersecurity from our borders outward by the federal government, and within the domestic private networks by our national guard and law enforcement.
Thus, we can create stronger security radiating out at the national periphery, while maintaining our important freedoms within, but always working together to identify and neutralize any and all threats to cyberspace. 😉
(Source Photo: Andy Blumenthal)
The first Department of Defense Strategy for Operating in Cyberspace is out (July 2011).
>
What happens when one set of enterprise architects can’t read another’s enterprise architecture “artifacts”?
This may sound ridiculous, but this is a very real problem at the Department of Defense (DoD) and at many other agencies.
Government Computer News, 1 February 2010, has an article on “Primitives and the Future of SOA” about how “DoD looks to develop a common vocabulary to improve system design.”
Dennis Wisnosky, the chief technical officer at the DoD Business Transformation Agency came face-to-face with this problem:
“We were building a business enterprise architecture when the whole team changed because the contract [that the work was being performed under] was won by different people…The new company came in and, all of a sudden, their people had different ideas for how the architecture should be built…Their way might have been a good way, but we had already invested hundreds of millions of dollars in another way, and it seemed to be a wiser course of business action to get these new people to learn the old way.”
Mr. Wisnosky tackled the problem head-on:
Like the periodic table of 117 core elements that make up everything in our world, Mr. Wisnosky set out to build the DoD architecture using a set of primitives or basic building blocks. “Primitives are a standard set of viewing elements and associated symbols” based in DoD’s case on the Business Process Modeling Notation (BPMN)”—a graphical representation for processes in a workflow. Armed with the set of primitives, DoD was able to get “the business process architecture, so that they are described in a way that the meaning of this architecture…is absolutely clear to everyone.”
Wisnosky aptly compared using a common language (or set of primitives) for EA, so everyone could read and understand it, regardless of their particular EA methodology to how musicians anywhere in the world can read standard music notation and similarly how electrical engineers can read electrical diagrams based on standards symbols.
This is a big step for EA, where traditional architecture artifacts are not as user-centric as they should be and often leave their readers/audience questioning the purpose and message intended. In contrast, the use of a common EA vocabulary and set of symbols is right in line with developing a user-centric enterprise architecture that is easy for users to understand and apply, because once you know the standard set of primitives you can read and understand the architecture better than an architecture based on a proprietary or ever changing vocabulary.
As Wisnosky points out, primitives are also a nice fit with Service Oriented Architecture, because you can use primitives or patterns of primitives to represent standard business processes and these can be used over and over again for the same services that are needed throughout the business.
This use of primitives for business process notation is consistent with the use of the National Information Exchange Model (NIEM) for information notation. “NIEM enables information sharing, focusing on information exchanged among organizations as part of their current or intended business practices. The NIEM exchange development methodology results in a common semantic understanding among participating organizations and data formatted in a semantically consistent manner. NIEM will standardize content (actual data exchange standards), provide tools, and managed processes.”
While, we need to leave a certain amount of flexibility in EA for architects to apply their trade to meet specific agency requirements, there is a huge benefit to standardizing on a common vocabulary, so architects can speak the same language. This concept is all the better when the language and design methodology selected for EA is simple and clear so that even non-EA’s (our regular business and IT people) can read and understand the architecture.
Building EA with primitives and clear and simple vocabulary and design represents a user-centric EA moment that I for one, applaud loudly. Another way to say this is that an EA without primitives is a primitive EA.
>See video on Department of Defense (DoD) vision for Net-Centricity:
http://www.blogger.com/img/videoplayer.swf?videoUrl=http%3A%2F%2Fv14.nonxt8.googlevideo.com%2Fvideoplayback%3Fid%3D6259f916796e74a2%26itag%3D5%26begin%3D0%26len%3D86400000%26app%3Dblogger%26et%3Dplay%26el%3DEMBEDDED%26ip%3D0.0.0.0%26ipbits%3D0%26expire%3D1270317776%26sparams%3Did%252Citag%252Cip%252Cipbits%252Cexpire%26signature%3D58696B425D5829FB7550DAD75100B02F9A6E5877.39CD43AB83FECBE8E4B24F933A9BAC590B7737CD%26key%3Dck1&thumbnailUrl=http%3A%2F%2Fvideo.google.com%2FThumbnailServer2%3Fapp%3Dblogger%26contentid%3D6259f916796e74a2%26offsetms%3D5000%26itag%3Dw320%26sigh%3DJ1zfvCBFKzXFemPBXgpvlEyv0PM&messagesUrl=video.google.com%2FFlashUiStrings.xlb%3Fframe%3Dflashstrings%26hl%3Den&nogvlm=1
Source: Department of Defense
>
Enterprise architecture is one way for an organization to drive business process improvement and technology enablement. Another way is through Lean Six Sigma.
Federal Computer Week, 3 March 2008, reports that “DoD rallies around Lean Six Sigma: The methodology has become the Defense Department’s ‘tool of choice’ for business transformation.”
“Lean Six Sigma is simply a process-improvement method for reducing variability and eliminating waste.” With Six Sigma (developed by Motorola), the idea is to make processes efficient and repeatable, so that there are fewer than 3.4 defects per 1 million. The Lean (developed by Toyota) concept refers to “eliminating any steps that don’t add value.”
In Lean Six Sigma, process improvement is enabled through the following steps:
In 2000, Deputy Defense Secretary Gordon England made Lean Six Sigma the foundation for DoD’s continuous process improvement program.
Currently, “about two-thirds of DoD organizations by some estimates are committed to Lean Six Sigma.”
DoD is training their people in Lean Six Sigma and intends to have 5% of its employees attain Green Belt (involves typically a week of training) and 1% reach Black Belt (typically involves approximately two years of training in math and statistics and several years experience working on projects as Green Belts).
However, DoD has been criticized by some for focusing more on the training, than on translating that training into practical on the job know-how to transform the Department.
Yet, by some measures DoD has made improvement. The Army claims to have “completed 770 Lean Six Sigma projects, from which it estimated savings of $1.2 billion in 2007.”
To me it seems like enterprise architects would do well to work in partnership with Lean Six Sigma professionals in order to understand the business processes, improve them, and identify requirements to technology enable those. In User-centric Enterprise Architecture, business drives technology rather than doing technology for technology’s sake. Lean Six Sigma can help business led the way for truly useable and usable technology solutions.
>
Enterprise architecture develops the architecture for the enterprise, right? You’d think that’s a no-brainer. Except what happens when the enterprise is so large and complex that it defies the efforts to architect it?
Federal Computer Week (FCW), 24 March 2008 reports that Dennis Wisnosky, the chief architect and chief technical officer for DoD’s Business Mission Areas states that “the Department [of Defense (DoD)] is too large an organization to attempt to encompass all of its activities in a single enterprise architecture.”
Similarly, FCW, 26 November 2007, reported that “the size of the Navy Department and the diversity of its missions make it impossible to describe the service in a single integrated architecture.”
Dennis Wisnosky goes on to say that “DoD must achieve business transformation by breaking off manageable components of an enterprise architecture rather than trying to cover everything at once…[this is how we will achieve] the goal of an enterprise architecture [which] is to guide future acquisition and implementation.”
Richard Burk, former chief architect of the Federal EA (FEA) at OMB states: “there is no practical way to create a useful architecture for a large organization. You can get an overall picture of an agency using an [enterprise architecture] of everything the agency does, but when you get down to making it operational, at that point you really need to break it down into segments, into the lines of business.”
The Navy is using the concept of segment architecture, but is calling it “architecture federation.”
Michael Jacob, the Navy’s chief technology officer, “compared the architecture effort to the development of a city plan, in which multiple buildings are built separately, but to the same set of standards and inspection criteria.”
Mr. Jacob continues that “our effort will allow common core architecture elements [technical standards, mission areas, business processes, and data taxonomies] to be identified so that architecture efforts can be aligned to those same standards.”
I believe that every level of an organization, including the highest level, can have a architecture, no matter what the size, and that we should tailor that architecture to the scope of the organization involved. So for an organization the mega-size of DoD, you would have very little detail in at the highest level, EA (like the FEA Practice Guidance demonstrates), but that the detail would build as you decompose to subsequent layers.
For any organization, no matter its size, every level of the architecture is important.
Within the enterprise architecture itself we need multiple views of detail. For example, from an executive view, we want and need to be able to roll up organizational information into summary “profiles” that executives can quickly digest and use to hit core decision points. At the same, time, from a mid-level manager or analyst view, we want and need to be able to drill down on information—to decompose it into models and inventory views–so that we can analyze it and get the details we need to make a rational decision.
Similarly, within the overall architecture, we need the various views of enterprise, segment, and solutions architecture. The enterprise view is looking at strategic outcomes for the overall enterprise; the segment view decomposes this into actionable architectures for the lines of business; and the solutions architecture “brings it all home” and operationalizes the architectures into actual solutions.
Just like with the profiles, models, and inventories of enterprise architecture where we can roll-up or down, the key with these various architectural levels is that there is line-of-sight from the enterprise to the segment and to the solution. The lower levels must align to and comply with the levels above. This is how we achieve integration, interoperability, standardization, and modernization.
>
In a world where information superiority can mean battlefield victory, enterprise architecture is critical to military transformation and execution.
Military Information Technology, 11 February 2008, reports “Enterprise Architecture: Key to Netcentricity.”
http://www.military-information-technology.com/article.cfm?DocID=2328
Why is EA important in general:
“An actionable EA provides organizational leaders information sufficient to make enterprise plans, investment resource and management decisions, and to optimize key operational and support processes.”
Why is EA important to The Department of Defense?
The warfighter relies on information superiority to sense a threat, decide on a course of action, and execute faster than the enemy. This is not much different than survival in America’s Wild West years ago, by those who had the fastest [gun] draw.
Today, “The OODA [observe, orient, decide, act] loop is a ‘sense and respond’ cycle driven by actionable data and information for superior information management, battlespace awareness, and operational decision-making…when organizational components use rich and timely information, dramatically improved battlespace operations effectiveness can be realized…the single unifying approach that delivers the needed information and insight is enterprise architecture.”
What is netcentricity?
Netcentricity or “network-centric operations (NCO) enables military forces to anticipate and adapt rapidly to changes in the environment such as enemy warfare tactics. NCO touches all aspects of department operations and, by integrating organizational networks and information, enables enhanced warfare operations effectiveness. NCO is enabled through dramatic changes in mindsets, processes, IT and access to information and networks.”
“An actionable EA is critical to the DoD realizing netcentric capabilities.”
“Unfortunately DoD is struggling to implement actionable EA. The General Accountability Office (GAO)…in 2006 found that the EA programs of the departments of the Air Force, Navy, and Army were among the four most immature EA programs within the government.
What does DoD need to advance their EA?
GAO found that “strong executive leadership could resolve all the challenges organizations experienced in developing and using actionable EA capabilities.”
Transformational leaders in DoD will provide the “vision, integrity, communication, inspiration, and empowerment.” And they “empower organizational members with human, material, and financial resources to accomplish the vision.”
EA cannot be achieved without management commitment and adequate resources!
What about the DoD leaders who say that EA cannot be implemented “because the organization is too complex”?
This thinking is sort of ironic, because EA is what captures information, analyzes and catalogues it, and serves it up to the end-users to enable better decision-making. EA is what simplifies information and makes it transparent enabling strategic transformation and the realization of netcentric capabilities.
EA is exactly what DoD needs for evaluating itself, planning its future state, and transitioning itself to achieve its goals of battlespace superiority through information superiority.
“Implementing an actionable EA capability can take up to five years and requires…[DoD leaders need to] focus on long-term performance improvements,” through enterprise architecture implementation.
>
There are currently two major federal best practices for information sharing: Netcentricity and the Information Sharing Environment.
The Department of Defense (DoD) adopted a Netcentric Strategy in May 2003.
Netcentricity is a strategy for sharing information. As the DoD strategy states: The data strategy is to “shift from private data to community or Enterprise data as a result of increased data “sharing” in the netcentric environment. Tagging, posting, and sharing of data are encouraged through the use of incentives and metrics.” (adapted from DoD Net-Centric Strategy from defense.link.mil, public site)
In 2004, the concept of Netcentricity was extended to the Director of National Intelligence (DNI)’s Information Sharing Environment with the passing of the Intelligence Reform and Terrorism Prevention Act (IRTPA).
The ISE seeks to “facilitate trusted partnerships among all levels of government, the private sector, and foreign partners…[and to] promote an information sharing culture among partners by facilitating the improved sharing of timely, validated, protected, and actionable terrorism information.” (adapted from Information Sharing Environment Implementation Plan from ISE.gov, public site)
Both Net-centricity and ISE are best practices at increasing information sharing to improve and speed up decision-making and protect our nation and its citizens!
In User-centric EA, information sharing, as appropriate, is one of the primary goals of the architecture. Information is one of the six perspectives (performance, business, information, services, technology, and security, and a seventh to be added is human capital) of the EA. The primary principal of the Information perspective is information sharing and accessibility. Further, the Federal Enterprise Architecture (FEA) Data Reference Model (DRM) is driven by the enablement of sharing information across the federal government and to its partners. The methodology is as follows:
User-centric EA is driven to fulfill the vision of Net-centricity and ISE.
andyblumenthal