General Development Policies
All developers with access to any development repository must commit their code back to the development repository at regular intervals. Accounts will be suspended, and applications will no longer be signed if source code is not committed within a 30-day rolling window. When committing code, the developer must include a README file containing the detail included in the hello building sample plugin. The originating agency, as the plugin owner, is responsible to determine the releasability and testing status of its plugin. With the permission and coordination of the originating authority, other agencies are able to fork the development of a plugin but are required to change the naming and iconography of that plugin and assume responsibility of determining the releasability and testing status of the resulting plugin. Abandoned efforts must be reported to the core development team. Rules of Behavior, Consent to Monitor, and Approved Use notifications must be acknowledged prior to accessing TAK DEV TOOLS and can be found on the TAK Developer Policies Page in TAK Confluence.
Government developers are employees of federal, state, or local government agencies. Commercial companies under contract or agreement with government agencies for a TAK deliverable have identical access to government developers and are therefore not differentiated by reference for the purpose of this section.
Through a repository access request hosted on TAK.gov, Government Developers may access the SDK to develop add-on capability in the form of TAK software plugins. TAK applications support plugins for many reasons, including:
- to enable third-party developers to create abilities that extend TAK
- to support easily adding new features
- to reduce the size of TAK
- to separate source code from TAK because of incompatible software licenses
Government developers employed or sponsored by a DoD agency will have access to the Military SDK. The Military SDK contains interface control documents with sample source code to plugins providing military controlled capability, identifier values, parameters, and error codes for message and data types to enable the creation of interface tools to other software capabilities and/or hardware devices. The Military SDK also contains an unkeyed developer build of the most recently released host TAK software platform for development level testing. It should be noted that the developer build of the TAK software contains military controlled capability, but it is provided in executable code and displays a “Development Build” watermark across the map display.
Government Developers not employed or sponsored by a DoD agency will have access to the Standard SDK. The Standard SDK contains interface control documents with sample source code to plugins providing non-military specific capability, identifier values, parameters, and error codes for message and data types to enable the creation of interface tools to other software capabilities and/or hardware devices. The Standard SDK also contains an unkeyed developer build of the most recently released host TAK software platform for development level testing. It should be noted that the developer build of the TAK software is provided in executable code and displays a “Development Build” watermark across the map display.
Feature freeze dates are posted on the development portal on a 120-day development cycle, and plugin software source code produced by Government Developers is built against the latest version of its host TAK platform. After developmental testing is complete, the originating authority should provide development status and data rights details in the form of a signed Memo for Record (MFR) to the TAK Product Center when submitting a build request. If the capability is intended for foreign release, the originating authority’s Foreign Disclosure Office (FDO) must also provide export determination guidance to the TAK Product Center before the plugin is appropriately keyed for transfer to operate with an FMS recipient’s TAK variant. The built plugins are then keyed in accordance with that guidance, and versions are hosted for download in the TAK.gov binaries repository. This keying methodology allows for international transfer of capability sets through plugins as determined by the originating authority and enables the TAK CSB to comply with export determination guidance and limits the proliferation of unauthorized transfers.
After evaluation of requirements by the TAK Product Center and sponsorship by a TAK CSB Board Member, Government Developers are also authorized to access feature branches containing source code for the TAK Core software. Feature branch development efforts are evaluated, accepted, and integrated to TAK Core Trunk by the TMB of the TAK Product Center.
Development Contract Considerations
Vendors on contract will be granted the lowest level of access required to satisfy their scope of work. Access to the development repository may be limited to the Standard SDK or specific project directories. Developers are bound by the nondisclosure agreement that should exist in the contract under which access is authorized. The contracting organizations responsible for the vendor’s access must acknowledge the TAK Developer Policies prior to onboarding contracted developers.
The TAK Community has benefited greatly from government Open Technology Development, which relies heavily on government data rights, primarily Unlimited Rights. It is critical that all TAK development contracts pursue a similar Intellectual Property Management Strategy. The language below is typical of Technical and Data Rights clauses incorporated in Task Orders with TAK software as a deliverable:
- 6.0 (U) TECHNICAL AND DATA RIGHTS.
- 6.1 (U) Software: All source code, programs, algorithms, applications, modifications, and supporting documentation produced under this contract by the contractor, contractor personnel, and contractor subs shall be provided with UNLIMITED DATA RIGHTS.
- 6.2 (U) Hardware: All hardware and technical data, modifications, and supporting documentation produced under this contract by the contractor, contractor personnel, and contractor subs shall be provided with UNLIMITED DATA RIGHTS.
- 6.3 (U) Copyright: Express written permission of the Contracting Officer is required to assert copyright in all data first produced in the performance of this contract.
If industry partners would like to develop a TAK plugin without providing government data rights, the third-party pipeline is available with no additional encumbrance.
Off-Contract or Internal Research and Development Developers
Off-Contract or Internal Research and Development (IRAD) Developers are commercial entities developing TAK capability at their own cost and without government oversight. IRAD plugin development most often occurs with the intent to increase sales of an associated external hardware or software system. Less often, commercial software is developed as a plugin to ATAK with the intent of exclusively marketing the plugin software. While these “off-contract” development efforts are less frequent than contracted development, several of these capabilities have developed into COTS requirements within the user community. The TAK Configuration Steering Board has open sourced ATAK-CIV and SDK on DoD GitHub and approved the public release of additional binaries on TAK.gov to support IRAD development. Access to these resources does not imply development support or operational transition.
An ephemeral build service, hosted at TAK.gov, is available to sign third-party plugins, enabling operational baseline functionality. This third-party pipeline is available to anyone not on the Denied Parties List (DPL) who would like to experiment with TAK development at no obligation. Information submitted though the third-party signing service is not monitored nor is it stored by the government. A visual indicator informs the end user that a plugin was signed using the third-party signing service rather than the official TAK Product Center build pipeline.
Non-US TAK-FMS Developers
Foreign Military Sales (FMS) recipients who have purchased the development package and foreign companies under USG contract will be the only non-US persons authorized access to TAK.gov, TAK DEV TOOLS and the SDK hosted within. Keycloak will be used to establish login credentials to private directories established for approved FMS recipients listed on the Letter of Acceptance. Any individual on the Letter of Acceptance (LOA) can add or remove foreign government user accounts to their FMS directory as government personnel transition. LOAs for TAK that are intended to extend development capability to FMS recipients include language to authorize the continued technical support of the SDK for the development of plug-ins (generally found in Note 1. Line 001). This includes the back and forth exchange of source code/compiled software and information/capability/executable code allowing for the scan, build and key using the TAK Product Center’s Continuous Integration pipeline. Data rights should be defined in the LOA specific to any source code developed using the SDK provided under the FMS agreement. There are no additional costs associated with these activities which are considered covered under the initial procurement of the SDK and technical support. Government-to-Private-Entity Third-Party Transfers for the purpose of foreign government contracted software development must be approved by the Program Manager of the Office of Regional Security and Arms Transfers (PM/RSAT). Upon approval, an FMS recipient listed on the Letter of Acceptance must forward a copy of the approval letter from PM/RSAT to the TAK Product Center before login credentials to private directories are provided to the third-party contractors, including US software developers. Foreign Developers may submit unobfuscated source code through their private directory within the TAK development repository to the test environment. This policy enables code scan analysis through USG owned automated testing resources. Upon completion of automated code scans, results are analyzed against a risk threshold. Software exhibiting an acceptable level of risk will be deemed to have passed the analysis and built against the latest version of TAK host software and keyed to function on that FMS Case version of that software only. Further release guidance for the FMS capability is provided in the MFR required prior to build kick-off and signed by the originating authority and their foreign disclosure office equivalent.
General Distribution Policy
Distribution of TAK software is addressed by the government distribution statement, export notification and the corresponding TAK Software License Agreement, also known as a Click-Wrap Software End User License Agreement (EULA).
TAK Software License Agreement
This software license agreement (hereinafter the “agreement”) governs all versions of the following TAK software products (hereinafter the “TAK Software”): TAK-CIV, TAK-GOV, TAK-MIL and the TAK Software Development Kit (hereinafter the “TAK-SDK”), including software object code, software source code, and software documentation related to the TAK Software.
This agreement is entered into between the United States Federal Government, as represented by the U.S. Army Futures Command, Combat Capabilities Development Command (CCDC), C5ISR Center (hereinafter the “The Government”) and the recipient of the TAK software (hereinafter referred to as “you”). "You" (or "your") means an individual or a legal entity exercising rights under this agreement.
In consideration for your access and use of the TAK Software (hereinafter “The Software”), you hereby agree to the following terms and conditions of this agreement:
- By downloading or accessing The Software (or otherwise indicating assent to this agreement), you are agreeing to the terms and conditions of this agreement.
- If you do not agree to these terms and conditions, do not download or access The Software; click the "i do not agree" or "no" button or otherwise indicate refusal; make no further attempt to access or use The Software; promptly return any media containing The Software; and remove or delete any electronic copies of The Software.
- TAK-CIV object code license grant: At the sole discretion of The Government, you may be granted access to the TAK-CIV software in object code format. If you are granted access to the TAK-CIV object code, you are granted a perpetual, non-exclusive, no-charge, royalty-free right to use, copy, and/or distribute the TAK-CIV software in object code format, and to permit persons to whom The Software is furnished to do so. You are not permitted to sell, reverse engineer, disassemble, or decompile the TAK-CIV software, or to permit others to do so. Except as expressly stated herein, this agreement does not grant you any intellectual property rights in The Software and all rights not expressly granted are reserved by The Government and/or the copyright owner. If you publish and/or distribute the TAK-CIV software, you shall provide a copy of this agreement and corresponding third party license notices to the recipient of the TAK-CIV software; you are not permitted to alter the terms and conditions of this agreement.
- TAK-GOV object code license grant: At the sole discretion of The Government, you may be granted access to the TAK-GOV software in object code format. If you are granted access to the TAK-GOV software, you are granted a perpetual, non-exclusive, no-charge, royalty-free right to use the TAK mil software in object code format. You are not permitted to copy, merge, publish, distribute, sublicense, sell, reverse engineer, disassemble, or decompile the TAK-GOV software, or to permit others to do so. Except as expressly stated herein, this agreement does not grant you any intellectual property rights in The Software and all rights not expressly granted are reserved by The Government and/or the copyright owner.
- TAK-MIL object code license grant: At the sole discretion of The Government, you may be granted access to the TAK-MIL software in object code format. If you are granted access to the TAK-MIL software, you are granted a perpetual, non-exclusive, no-charge, royalty-free right to use the TAK-MIL software in object code format. You are not permitted to copy, merge, publish, distribute, sublicense, sell, reverse engineer, disassemble, or decompile the TAK-MIL software, or to permit others to do so. Except as expressly stated herein, this agreement does not grant you any intellectual property rights in The Software and all rights not expressly granted are reserved by The Government and/or the copyright owner.
- TAK-SDK license grant: At the sole discretion of The Government, you may be granted access to the TAK-SDK. If you are granted access to the TAK-SDK, you are granted a perpetual, non-exclusive, no-charge, royalty-free right to use the TAK-SDK and to derive new works or applications based on the TAK-SDK. You are not permitted to copy, modify, publish, distribute, sublicense, sell, reverse engineer, disassemble, or decompile the TAK-SDK or to permit others to do so. Except as expressly stated herein, this agreement does not grant you any intellectual property rights in The Software and all rights not expressly granted are reserved by The Government or the copyright owner.
- You agree that your use of the TAK Software will comply with all international, federal, state and local laws, rules and regulations of the United States and any foreign country in which The Software is used. In addition, you shall strictly comply with all applicable laws, rules and regulations in connection with your use of The Software. Without limiting the foregoing, the TAK software (and related technical data) is subject to United States export control laws and is subject to export or import regulations in other countries. You shall comply strictly with all such regulations and acknowledge that you have the responsibility to obtain all necessary licenses to export, re-export, or import The Software.
- Notices of proprietary rights: You shall maintain and reproduce all trademark, copyright, patent, and other notices of proprietary rights on all copies, in any form, of The Software in the same form and manner that such trademark, copyright, patent, and other notices of proprietary rights are included on The Software.
- Limited warranty and disclaimer:
a. No warranty whatsoever, expressed or implied, with respect to The Software is made by The Government or its licensees or contractors, any and all other warranties are expressly disclaimed, including, without limitation, any warranty of merchantability, fitness for a particular purpose, data accuracy or integrity, non-infringement or quiet enjoyment. The Government does not represent or warrant that: (i) The Software will operate error-free; (ii) your use of The Software will be uninterrupted; (iii) all defects will be identified, reproducible, or resolved; (iv) The Software will meet your particular business needs; or (v) The Software will be immune from unlawful or unauthorized access or use by third parties, including computer hacking, tampering, corruption or destruction of The Software.
b. The Government has used reasonable efforts to minimize defects or errors in The Software. However, you acknowledge and agree upon entering into this agreement to assume the risk of any and all liability, damage or loss from use, or inability to use The Software.
- Limitations on liability: In no event will The Government or any of its affiliates, contractors suppliers or agents be liable to buyer for any indirect, incidental, consequential or special damages for any act or omission arising out of or in connection with The Software or with the sale, delivery, installation, maintenance, operation, performance or use of The Software, including without limitation any losses, expenses, or damages incurred by reason of loss of use, lost revenues or profits, costs associated with down-time, costs of substitute products, facilities or services, lost, damaged or destroyed data and any similar or dissimilar damages, expenses or losses, even if foreseeable or if The Government has been advised of the possibility of such damages.
- Term and termination: This agreement is effective until terminated. The Government shall have the right to terminate your license rights under this agreement at any time and for any reason upon notice to you. In addition, your license rights under this agreement will terminate immediately without notice from The Government if you fail to comply with any provision of this agreement. Upon termination, you must either return all copies of The Software and all associated license keys in your possession or control, together with any archive copies thereof, or certify to The Government that such copies and keys have been destroyed.
- Third party software components: the TAK software includes third party commercial software components that are governed by third party software license agreements. The use, distribution, and modification of these third-party commercial software components are governed solely by these separate license terms and conditions, unless otherwise noted. The licenses are provided in thirdparty.txt file provided with the TAK software, which in turn may reference specific license agreements also contained in the license folder.
- Miscellaneous: If any provision of this agreement is held by a court of competition jurisdiction to be void or unenforceable, the remainder of this agreement will remain in full force and will not be terminated. Neither The Government nor its licensee will be liable for any delays resulting from circumstances or causes beyond its reasonable control. No addition to or modification of this agreement will be effective unless approved in advance by The Government and its licensee. Any delay or failure to enforce at any time any provision of this agreement will not constitute a waiver thereof or of any other provision or any right to enforce any such provision. The rights and remedies expressly provided to The Government herein are not exclusive, but are cumulative and in addition to any other remedies available at law or in equity. You will not assign this agreement or any right or interest under this agreement without The Government's prior written consent. Any attempted assignment without consent will be void. All notices must be in writing and delivered to licensee by certified mail (return receipt requested), overnight, courier, or facsimile with confirmation.
You acknowledge that you have read this agreement and understand it and that by using The Software you agree to be bound by its terms and conditions. This agreement supersedes all prior oral agreements, proposals or understandings, and any other communications between the parties relating to the subject matter of this agreement.
Direct Commercial Sales (DCS)
Foreign government end users with ITAR restricted but non-military-controlled (not U.S. Code Title 10 explicit use) requirements may obtain TAK-GOV through DCS from a commercial organization with access to the 'US Person' role on TAK.gov. Under DCS, The Directorate of Defense Trade Controls in the Bureau of Political-Military Affairs (PM/DDTC) provides regulatory approvals for more than $110 billion per year in sales of defense equipment, services, and related manufacturing technologies controlled under the 21 categories of the USML. These sales are negotiated privately between foreign end-users and US companies.
Under US law, any US company or individual involved in certain activities involving the items enumerated on the USML is required to receive an approved export license or other approval before providing any USML regulated item, technical data, or service to a foreign end user.
As with FMS, export licenses approved under DCS are approved following an intensive USG review and, as required, after Congressional notification. Export licenses are valid up to four years. Authorizations for defense services are also required and may last for longer timeframes. Licenses and authorizations may be extended or amended as needed.
FMS is a Government-to-Government program through which the USG sells conventional military weapons, equipment, and services to allied and friendly nations to assist them in meeting their legitimate defense requirements. FMS is made available to support the principles of joint military operations in accordance with National Disclosure Policy 1. Due to the criticality and sensitive nature of various software packages and assessment of critical program information (CPI) TAK-MIL capability, release and disclosure of military controlled (U.S. Code Title 10 explicit use) TAK government off the shelf software capability, categorized under the USML, and specific to DoD mission requirements, will be considered for release and transfer to allied nations using the FMS or G-to-G transfer on a case-by-case basis using a country tiered approach. Export control measures under DCS will not adequately restrict third-party transfer nor maintain configuration currency of approved TAK-MIL software transfers. FMS transfers with foreign government assurances as well as end use monitoring will reduce unauthorized distributions and, in conjunction with Government-to-Government transfers, maximize configuration control security.
Any USG entity can coordinate FMS of TAK-MIL variants of the TAK software suite to meet its needs, so long as the plugins transferred meet release standards designated by the originating source as well as the TAK CSB. Although the DoD, through the Defense Security Cooperation Agency (DSCA), is responsible for implementing individual FMS cases, the Department of State must first review and approve them. DSCA forwards all FMS cases to PM/RSAT, which is responsible for ensuring that they are properly reviewed within the Department for consistency with US foreign policy and national security objectives. In close coordination with other Department bureaus and offices, PM/RSAT officers provide recommendations to PM leadership on whether to approve the potential sale of military equipment to foreign governments through FMS.
Country specific FMS object code is hosted in the AWS Gov Cloud and accessed by those listed on the FMS LOA through multifactor authentication login to TAK.gov.
TAK-FMS recipients requiring training or maintenance, beyond what is provided in the standard offering, would request a separate Contract Line Item Number (CLIN) for product support on their FMS contract. That CLIN can be fulfilled by any Program Office with the means to provide the support directly or contract with a commercial company to deliver the required support. FMS recipients who have purchased a development package will be the only non-US Persons authorized to access a Partner Nations TAK DEV TOOLS space. This space is firewalled from the US-Only TAK DEV TOOLS environment. In the event the FMS recipient does not desire that a development effort be conducted within the TAK development repository, the foreign government would revert to using a third-party transfer authorization and its own contract vehicle. Third-party transfer and unique iterations of TAK software based on specific country requirements are manageable but create a larger burden on program management that may result in a cost increase for the purchasing party.
Technology transfer of software developed under TAK FMS is authorized under LOA CLINs similar to the following: This line provides for development, integration, test, and delivery of the [Partner Nation] Tactical Assault Kit (TAK) software application suite to include Android Tactical Assault Kit (ATAK), WinTAK, and TAK Server geospatial navigational tool sets that enable collaborative mapping, navigation, and altitude profiling between route locations. This line factors for [Partner Nation] access to common file sharing services for delivery and exchange of TAK software and technical data. TAK data deliverables include, but are not limited to, Concept of Employment (CONEMP), User Manuals/Instructions, and associated support elements to deploy the product and implement/manage IT Information Assurance requirements. This line includes initial stand-up of the [Partner Nation] TAK environment, product familiarization, and developer/user helpdesk support. This line does not provide Map Chart Geodesy and Imagery (MCGI) data.
The TAK.gov portal provides secure application access. It is recommended that PMO-level organizations coordinate TAK downloads with the TAK Product Center to facilitate Authority to Operate approval in parallel. This coordination can facilitate a TAK deployment page hosted on TAK.gov operated and maintained by the PMO. Originating authorities for software hosted on TAK.gov can authorize access to roles (CIV, GOV, MIL, FMS) or approve on a case-by-case basis as requested by individual TAK.gov members.
USG Rehosting Sites
A USG partner can request permission to rehost TAK compiled code. That rehosting site must follow the policies established in this document for software releasability and protection. Any site determined to be violating these policies will be asked to correct any issues. If the issues are not corrected, the site will be asked to cease TAK software distribution.
Software Access Policy
The TAK Product Center does not authorize access or directly provide production release (operational) software to vendors that have no contractual relationship with TPC acquisition authorities. TPC only provides production release products back to the government originating authority who then chose distribution in accordance with the Government Owned Software (GOS) transfer clauses within the contract. These contract clauses act as the technology transfer authority. The TAK.gov distribution portal provides an administrative page that enables electronic access authorization by the originating authority.
Access to TAK-MIL software is available to any US person, as defined in 22 CFR §120.15, employed by a US military functional support organization responsible for developing TAK capabilities, provisioning or issuing government owned EUDs with military-specific technology, to include any TAK baselines keyed to allow operation of the military controlled technology in accordance with an established ATO.
Access to TAK-GOV software is available to any US person, as defined in 22 CFR §120.15, employed by a federal, state, or local government functional support organization, responsible for developing TAK capabilities, provisioning and issuing government owned EUDs with non-military controlled technology that falls under the USML, to include any TAK baselines keyed to allow operation of USML technology in accordance with an established ATO. TAK-GOV binaries can be distributed to non-US Governments through federal government international transfer agreements.
TAK-CIV binaries are made available to the public after the originating authority or their delegated authority has received approval from its Public Affairs Office (PAO) or similar authority. Embargoed countries, individuals and entities denied export privileges on the Denied Persons List are restricted from accessing TAK-CIV binaries. Any dealings with a party on this list that would violate the terms of its denial order are prohibited. See Section 764.3(a)(2) of the EAR.
When a TAK-CIV binary is captured under any ECCN other than EAR99, and a PAO determines it is releasable to US PERSONs only, Distribution Statement F may be an appropriate replacement for Distribution Statement A. In this case, the export control statement and software license agreement control further dissemination as directed by the controlling DoD office.
TAK.gov Role Access
The onboarding workflow for each of the roles described below is provided in Appendix A. Procedures section.
Access to this role on TAK.gov is available to any US person, as defined in 22 CFR §120.15, employed by a US military organization responsible for developing, testing, provisioning, issuing or using DoD owned EUDs with military-specific technology, to include any TAK baselines keyed to allow operation of the military controlled technology in accordance with an established ATO. Access to role membership is verified through CAC/PIV digital certificate or verification of DoD issued email address. A DoD Employee who is serving in a Program Management role or their delegates may also sponsor access for Non DoD Employees.
Non DoD Employee (SETA or non-SETA Contractor)
Access to this role on TAK.gov is available to any US person, as defined in 22 CFR §120.15, employed at a company under DoD contract for TAK explicit work and access to resources hosted on TAK.gov is required to complete the scope of that work. Level of access is determined by the DoD Employee sponsor as the lowest level of access required and in accordance with the Government Owned Software (GOS) transfer clauses within the contract. Access to role membership is verified through CAC/PIV digital certificate or verification by the DoD Employee sponsor.
Access to this role on TAK.gov is available to any US person, as defined in 22 CFR §120.15, employed by a US government organization responsible for developing, testing, provisioning, issuing or using government owned EUDs with government-specific technology, to include any TAK baselines keyed to allow operation of the government controlled technology in accordance with an established ATO. Access to role membership is verified through CAC/PIV digital certificate or verification of government issued email address. A Gov Employee who is serving in a Program Management role or their delegates may also sponsor access for Non Gov Employees.
Non Gov Employee (SETA or non-SETA Contractor)
Access to this role on TAK.gov is available to any US person, as defined in 22 CFR §120.15, employed at a company under USG contract for TAK explicit work and access to resources hosted on TAK.gov is required to complete the scope of that work. Level of access is determined by the Gov Employee sponsor as the lowest level of access required and in accordance with the Government Owned Software (GOS) transfer clauses within the contract. Access to role membership is verified through CAC/PIV digital certificate or verification by the Gov Employee sponsor.
Access to this role on TAK.gov is available to any US person, as defined in 22 CFR §120.15, excluding any individuals and entities denied export privileges on the Denied Persons List. Access to role membership is verified through ECA digital certificate only.
Embargoed countries, individuals and entities denied export privileges on the Denied Persons List are restricted from accessing this role.
Embargoed countries are geofenced from accessing the TAK.gov domain which effectively restricts them from this role. VPN detection technology is deployed to avoid geofence circumnavigation.
Exporting TAK for Demonstration / Exercise Policy
TAK can be exported for demonstration and exercise purposes. It should be noted that any technical data transferred to a foreign national attending a demonstration/exercise in the United States or abroad is considered an export. A Foreign Disclosure Office must approve the release request from the organization conducting the demonstration/exercise. The FDO will not authorize any items to be demonstrated to foreign persons that could not subsequently be transferred to that country through FMS, DCS, or other means.
Executive Interdepartmental Transfer Policy
As a best practice, it is recommended that a Memorandum of Understanding (MOU) is executed amongst Executive Departments prior to interdepartmental transfer of capabilities developed as TAK plugins by an originating authority within the DoD. Posse Comitatus Act of 1878 (PCA), designed to limit the deployment of federal military resources in the service of domestic policies, applies largely to personnel and is not automatically applicable to software originating at DoD organizations. In previous interdepartmental transfers, legal counsel for both parties have provided guidance confirming PCA cannot apply where the DoD is not directly fielding to end users of, or collecting data from, Executive Departments implementing domestic policy. Data rights are not a DoD designation, as the technical data-rights are described as “unlimited rights”, or “government purpose rights”. As long as the originating authority deems the capability isn't sensitive to their mission and can be released, there are no legal constraints preventing the software transfer to other Executive Departments. Originating authorities can release how they see fit within the bounds of export regulations and IP rights.
Security is implemented by the TAK TMB and its contracted vendors. The selection and specification of security controls for an information system is accomplished as part of an organization-wide information security program that involves the management of organizational risk. Information security can be defined as the preservation of the confidentiality, integrity, and availability of information. Hardware, software, information, infrastructure, people, and relationships with other businesses all need to be considered at the organizational level in order to provide a secure environment. When it comes to software development, the focus is on limiting the unintentional introduction of vulnerabilities during the development process.
The management of organizational risk is a key element in the organization's information security program and provides an effective framework for selecting the appropriate security controls for an information system. The risk-based approach to security control selection and specification considers effectiveness, efficiency, and constraints due to applicable laws, directives, Executive Orders, policies, standards, or regulations. The TAK Program subscribes to a risk-based approach to the management of information security, allowing for the assessment of risk against information and the implementation of controls appropriate to the level of risk.
Account Management and Authentication
Account management and authentication of users into the TAK enterprise is handled with Active Directory (AD), using the Lightweight Directory Access Protocol (LDAP). AD is a directory service that Microsoft developed for Windows domain networks and is used for centralized domain management. It stores information about members of the domain, including devices and users, verifies their credentials, and defines their access rights. LDAP is a directory service protocol that provides a mechanism used to connect to, search and modify Internet directories. The implementation of AD provides a single logon for all servers and services used for TAK application development.
Third-party developers are not given access to any of the program services unless authorization has been received by a government program point of contact. This access will be restricted to only those services required, with additional restrictions applied within the service to control access to only the areas needed by the individual development group. This will generally limit developers to the branches of the code repositories required for the portion of the TAK program for which they are authorized: TAK GitLab service with branches plugins (most requests) and TAKMaps (special needs); WinTAK – Git service with branches WinTAK, TAK-assets, and winTAK-sample-plugin; iTAK – Git service with branches iTAK, TAK-assets, pgsc-raster, pgsc-utils, and stl-soft.
All user accounts are created on the LDAP server, setting user access and permissions for the different servers controlled by AD. AD enforces strong password rules, with passwords a minimum of twelve characters, with the inclusion of at least 2 characters from each of the four-character sets (uppercase characters, lowercase characters, numbers, and symbols). These passwords must be changed at a minimum of every 90 days, with an automated warning sent 14 days before password expiration. A password history policy is enforced, where the same password cannot be reused for the past 24 password changes. In the event of ten invalid or failed logon attempts, the account will become locked for 15 minutes. The account will remain locked for this duration or until unlocked by an administrator. As an additional level of protection, all user accounts that have not had their password changed after 91 days will automatically be disabled in the system. This policy is intended to flush the dormant accounts out of all services and will also address the issue of subcontractor personnel leaving companies and not notifying TAK TMB of their departure.
In addition, a firewall review has been implemented in which all severs used on the project, in the Amazon Web Services (AWS) GOV Cloud, will have the Security Group (firewall) rules reviewed every 30 days. All rules set up in AWS will be annotated with a comment describing the reason for the inclusion of the rule. All unneeded rules will be deleted. The log file, which is created during the automated review, will have a note added with the date, name of the reviewer, and comment on any changes that were made based on the review. The changes will be reflected in the following month’s report.
Software Application Security
The following sections describe the TAK Program’s use of the Risk Management Framework (RMF) and application of Security Technical Implementation Guides during the development, enhancement, and modifications to the TAK software. These measures are used to assure the security of the TAK applications. The TAK TMB’s focus is at the application level and so does not attempt to characterize security controls appropriate at the system level. The TAK Product Center can assist in advising best practices for these system-level security controls, but many of these measures will be selected at the time of deployment, at which time the requirement owner or program office will be required to pursue the ATO). The RMF documents and Security Technical Implementation Guides developed by the TAK Product Center can serve as a basis for obtaining that ATO.
Risk Management Framework
TAK’s security process is defined by National Institute of Standards and Technology (NIST) RMF. This federal government framework, tailored to the Special Operations Community (SOCOM), is applied during the development of the TAK software to build in security measures and mitigate risk. The RMF is based on a six-step approach (Categorize, Select, Implement, Assess, Authorize, and Monitor) for implementing an effective information security program. These steps can be applied to both new and legacy information systems within the context of the development life cycle. This framework is applied while selecting the security controls necessary to protect the integrity of the software product being developed.
eMASS is the tool used to manage the Body of Evidence the RMF requires. eMASS is an enterprise Information Technology (IT) risk management suite that meets the complex challenges of managing IT risk with continuous compliance monitoring, security assessment and ongoing authorization. It is a tool that automates the six-step approach outlined by RMF and generates the reports and documentation needed for regulatory compliance. ATAK has been registered in SOCOM’s instance of eMASS running on the Secret Internet Protocol Router Network (SIPRnet). All artifacts necessary for software certification are entered as records for the ATAK project registered in the accreditation system.
Security Technical Implementation Guides
The Defense Information Systems Agency (DISA) is the entity responsible for maintaining the security posture of the DoD IT infrastructure. One of the ways DISA accomplishes this is by developing and using Security Technical Implementation Guides (STIGs).
A STIG is a cybersecurity methodology for standardizing security protocols within networks, servers, computers, and logical designs that enhance overall security. STIGs are nothing more than alternate configurations that make commonly used applications more secure. All DoD IT assets must meet STIG compliance in some fashion before they are allowed to operate on DoD networks. Mission operations vary among agencies, so it is not feasible to implement every STIG requirement without impacting an IT system’s overall functionality. Most IT systems will have some number of vulnerabilities that cannot be fixed due to its role. The risk is accepted or mitigated through the Plan of Action and Milestones (POA&M) process. All information is documented, and every effort is made to reduce the risk to the system.
STIGs are selected during the RMF process by the TAK TMB Software Security Lead to build in security measures and mitigate risk. STIGs are available for multiple operating systems, including Windows and Android, and for application development. The interpretation and application of the various STIGs during the RMF (including determining which vulnerabilities are an acceptable risk) is critical for obtaining certification of the ATAK and WinTAK applications. During the selection step of the RMF process a subset of the Application Development and Mobile Computing STIGS is selected. Specific STIG paragraphs being addressed for application development are specified by SOCOM’s templates and recorded in eMASS.
Security Assessment Plan
A security assessment is used to determine the degree to which information system security controls are correctly implemented, whether they are operating as intended, and whether they are producing the desired level of security. The purpose of the Security Assessment Plan is to formalize the review of the TAK Product Center’s documentation and procedures used in the development of the TAK applications. This effort identifies areas of technology management that do not meet industry-recognized best practices and aids in developing a plan to correct those deficiencies.
The Security Assessment Plan is based on the NIST 800-53 revision 4 control set. This control set is comprised of four general classes of security control objectives, and these classes are further broken down into 18 families of security control objectives.
- Address information security program-level security topics.
- Establish the overall framework for management and operational and technical controls.
- Can often be inherited from supporting infrastructure or previously certified foundational components.
- Address techniques and concerns that are normally addressed by management in a corporation’s information security program.
- Focus on the management of the information security program and the management of risk within a corporation.
- Address techniques and concerns that are generally implemented and executed by people, as opposed to systems, that are put in place to improve the security of a particular system or group of systems.
- Often require technical or specialized expertise; often relying upon management activities as well as technical controls.
- Address processes and concerns that a computer system executes.
- Are dependent upon the proper functioning of the system for their effectiveness and therefore require significant operational considerations.
Each family contains security controls related to the security functionality of the family. A two‐character identifier is assigned to uniquely identify each control family. Table 3 summarizes the classes and families in the security control catalog and the associated family identifiers.
In the development of the Security Assessment Plan for the TAK program, the Application Security and Development STIG subset of the NIST 800-53 controls are applied. The Security Assessment Plan is a document produced within SOCOM. While generating the Security Assessment Plan, the SOCOM Information Systems Security Manager gathers information and answers to the STIGs, and the results are input into eMASS. These results are used by the Security Control Assessor in the RMF accreditation process for the application.
Ports, Protocols, and Services Management
The DoD Ports, Protocols, and Services Management (PPSM) mission is to protect internet data end-to-end by ensuring the communication protocols in the Internet protocol suite, data services, and associated ports used on DoD information systems are registered, controlled, and regulated properly. All ports, protocols, and services (PPS) used in the TAK applications are required to be registered through the DoD PPSM. The management of PPS is specifically called out by the NIST SP 800-53 Rev. 4 CM-7(3) control, Registration Compliance.
The Lead Engineer is responsible for maintaining the lists of PPS for the TAK applications. This lead will be notified if it is determined that a new port, protocol, or service is required for any of the applications or if a PPS is no longer needed. These PPS lists are maintained and stored on the gus shared drive and are included as part of the Security Assessment Plan (Section 0). Any changes are reported to the Configuration Management Lead, who will ensure that the test network is locked down and that only those PPS that are included on the list are opened for network traffic. In this way, any extraneous PPS traffic will cause the application to fail during testing.
The TAK Lead Engineers review the ports, protocols, and services for the TAK applications as part of the Security Impact Assessment. The engineers compare the current PPS list to the list from the previous release, and any changes are noted in the Security Impact Assessment report.
Special Security Exceptions
The ATAK and WinTAK applications are DoD deployed systems that do not lend themselves to all of the regulations and standards of a typical federal or DoD system. The TAK software is designed with security in mind, and these special security exceptions are considered on an individual basis. Although outside the role of ATAK, an example of such an exception is the “Password Protected Screen Saver” STIG. A TAK operator in a combat arena cannot afford to have a screen saver come up on a device forcing the operator to enter a password. This exclusion of the screen saver requirement would be treated as a special security exception. Individual exceptions are addressed in the application of the STIGs during the system design and the selection of security controls in the POA&M during the RMF process.
In order to develop secure applications, security must be ingrained into the corporate culture. TAK TMB provides annual security training for all members (managers, designers, developers, and testers) of the program development team. This “Annual Industrial Security Refresher Briefing” covers areas such as the SF312 and security clearances, classified information rules and responsibilities, company proprietary data, computer security safeguards, threat awareness and techniques, operations security (OPSEC), workplace violence, and visitor control and badges. In addition to this security briefing, all employees must also complete Insider Threat training and Personally Identifiable Information/Protected Health Information training.
The TAK TMB security program places emphasis on security education and awareness to ensure the proper safeguarding and handling of classified, UGS restricted (ITAR, EAR, etc.) and proprietary information, as well as promoting the understanding of the foundation to the national security architecture and federal personnel security program. The goal is to eliminate the probability of inadvertent unauthorized disclosure in and outside the workplace.