Security Test and Evaluation (ST&E)
Upon completion of DT Phase II testing, DISA Security (GO42) will conduct penetration tests and other IA
assessments on each release. The goals of the ST&E tests are to:
- Determine that the system security features perform as specified.
- Identify any discrepancies in component security performance.
- Establish system security benchmarks.
- Evaluate system security documentation.
- Document results on which to base a recommendation of ready or not for secure operational implementation.
- Determine that unchanged security functions still perform as specified.
- Determine improvements or degradation in component security performance as compared with previous test results.
ST&E testing also checks for proper functioning of the security features provided with the DMS products,
product configurations, and procedures. Performances of ST&E tests occur in parallel with the other JITC
test phases.
Field Engineering Notice (FEN) Testing
DMS FENs provide information and associated solutions for identified problems. The DMS integration
contractor is the primary developer of FENs. A FEN generally takes one of the following forms:
- Documentation FENs provide new documentation, corrections, and updates.
- Procedural FENs provide problem solutions including detailed operational procedures and specific commands
for one or more components.
- Software FENs provide problem solutions involving the application of a software patch.
JITC is authorized to test all pre-compliant FENs for DMS acceptance before operational fielding.
Interoperability Certification
In addition to conducting DT and OT events, JITC will conduct an interoperability certification evaluation
of the DMS on major releases. Major releases normally require an OA or OT after a DT. The most recent
interoperability evaluation was conducted for Release 3.0 Gold. Existing test data from the DT and OT was
used to determine the extent which the DMS met interoperability requirements. The next interoperability
evaluation is scheduled during the Release 3.0 MR2 test effort. All DMS capabilities, including tactical
solutions and selected Product Review Team (PRT) products, are encouraged to participate during the DT and
OA/OT events that support an interoperability evaluation.
The DMS C4ISP and the DMS 3.0 Gold TEMP define the Key Interface Profiles (KIPs). This matrix depicts the
system information exchange criteria relative to DMS and other messaging systems. Within this list,
selected interfaces are deemed as being critical thus satisfying the Interoperability Key Performance
Parameters (I-KPPs). The Release 3.0 Gold DT and OT test events demonstrated that the system provides the
required functionality at the specified criterion as defined in the DMS MROC Change 2 and the IER matrix.
Test events predominately involve message exchange between DMS components, and between DMS and other
messaging systems. The aspects of information exchange are fundamental to the DMS; DT and OA/OT testing
demonstrate the DMS's ability to meet the IERs. Substantial cost and time savings are realized whenever DT
and OA/OT efforts support interoperability evaluations.
