Secure Test Data Management, Storage Modernization, and Distributed Access Architecture

2. Background and Statement of the Need

Current test data storage and access mechanisms across EGTTR rely on legacy systems, isolated repositories, and inconsistent data handling processes. The objective is to establish a unified architecture that ensures secure ingestion, tagging, storage, retrieval, and controlled dissemination of test data across geographically distributed test nodes. The Government seeks to modernize this environment by enabling:
  - Secure, multi-caveat data storage and access (Protection Level (PL1) PL3, Secret, Special Access Program (SAP)-capable)
 - Distributed data availability across authorized test nodes
  - Role-based and attribute-based access control
 -  Data tagging, lineage tracking, and lifecycle management
  - Long-term archival storage with rapid retrieval capabilities
  - Controlled cross-caveat data transfer mechanisms where authorized
 - Integration with existing tests, analysis, and mission systems
Industry input is requested to refine architectural options, identify technical risks, and assess potential solution pathways.

3. Information Requested

3.1 A description of your company s potential technical approach or architecture for a secure, distributed test data management system that addresses the needs described above.  Respondents are highly encouraged to address the following areas: 
 - Methods for enforcing caveat separation and controlled dissemination
-  Data tagging, metadata management, and lineage tracking
-  Approaches for long-term archival storage and rapid retrieval
-  Cross-caveat data handling approaches (where authorized)
-  Integration with existing test and analysis systems

3.2 An identification of key technologies needed for such a system and whether those technologies require maturation. The Government is primarily interested in solutions at or near Technology Readiness Level (TRL) 7, but information on promising, lower-TRL technologies is also welcome.

3.3 A description of your corporate experience as a prime or subcontractor in developing systems that meet similar requirements within the last 3-5 years. If applicable, please provide general information such as the scope of work and the capabilities provided.

3.4 Identification of potential performance risks that are typically encountered in the development and implementation of similar programs, particularly risks that may manifest early in the program lifecycle.

3.5 A general Rough Order of Magnitude (ROM) or typical pricing model for the capabilities described. Detailed quotes are not requested at this time.

3.6 Feedback on the most effective contracting approaches for this type of effort. Please identify any existing contract vehicles that may be suitable.

3.7 Demonstrated Capability and Past Performance
Respondents shall provide:
-  A summary of past performance relevant to secure data management systems.
-  Information on technical maturity (e.g., fielded systems, prototypes, accredited components).
-  Examples of performance metrics (throughput, access latency, reliability).
-  General deployment history and operational context.
-  Providing references is welcome but not required.

3.8 Reliability and Qualifications
Respondents shall describe:

-  Corporate experience with secure or distributed data management systems

-  Experience supporting multi-caveat environments (PL1 PL3, Secret, SAP)

 - Cybersecurity maturity and cross-caveat handling experience

3.9 Risks, Dependencies, and Assumptions
-  Technical risks and mitigation strategies

-  Dependencies on existing infrastructure or Government Furnished Information (GFI)

-  Caveat separation and cybersecurity considerations

3.10 Mandatory System-of-Interest (SoI) Isolation Rule
If the proposed solution is part of a larger system or ecosystem, the vendor shall isolate and describe only the components relevant to secure test data management, storage modernization, and distributed access. Content not directly traceable to the SoI shall be placed in an appendix.

4. Responses

4.1 All interested vendors are requested to respond to this RFI with a white paper and/or a PowerPoint presentation. White papers and/or PowerPoint presentations are due no later than 30 days from RFI release. White papers should be 8.5 x 11 page size with 12 point font. Submissions should be submitted electronically, via the appropriate communication channels to:

Mr. Anthony Aldrich
NIPR: [email protected]

4.2 Submissions should be either PDF files, Microsoft Word documents or Microsoft PowerPoint. 

4.3 Please contact Mr. Aldrich via email if submission of any potentially sensitive or classified material is required. 

4.4 Section 1 of the white paper or the beginning of the presentation should provide administrative information and should include the following as a minimum. This information does not count toward page limits: 

A. Company name, mailing address, cage code, point of contact (POC), POC telephone number, email address, and business website. 
B. Business size status (i.e. 8(a), HUBZone, Woman/Woman Owned or Service-Disabled Veteran-Owned, small business, large business, etc.).
C. Status as a foreign-owned/foreign-controlled firm and any contemplated use of foreign nation employees. 

4.5 Section 2 of the white paper or right after the above, in the presentation should address the information requested in Section 3 of this RFI.  Proprietary information, if any, must be clearly marked.  Please be advised that all submissions become U.S. Government property and will not be returned.  Only government employees will review submitted responses to this RFI.  

5. Questions

All inquiries regarding this announcement which contain proprietary or controlled information shall be marked appropriately. Questions should be submitted via email to Mr. Aldrich. Government responses to general, non-proprietary questions will be shared with all participating industry members. The government does not guarantee that questions received after 15 days from release date will be answered in time for the 30 days from release date submittals.

6. Summary

This is a Request for Information (RFI) only, intended to support the modernization of the Eglin Test and Training Complex and its test missions. The information provided in this RFI is subject to change and is not binding on the U.S. Government. The U.S. Government has not made a commitment to procure any of the items discussed, and the release of this RFI should not be construed as such a commitment or as an authorization to incur costs for which reimbursement would be required or sought. All submissions become U.S. Government property and will not be returned.