Last month, President Donald Trump issued an executive order that required the federal government to utilize a more competitive marketplace, including the use of commercial off-the-shelf (COTS) products when available. The White House cited a 2019 report that found the federal government could have saved $345 billion over the past 25 years if it opted for COTS IT solution compared to building systems from scratch.
“A major goal of my Administration is to eliminate unnecessary and imprudent expenditures of taxpayer dollars. Previous administrations evaded statutory preferences and abused the Federal contracting framework by procuring custom products and services where a suitable or superior commercial solution would have fulfilled the Government’s needs,” President Trump wrote in the executive order. “Doing so simultaneously stifled the integration of commercially available innovations in Government procurement while increasing Government spending, resulting in avoidable waste and costly delays to the detriment of American taxpayers.”
COTS Can Cut Costs
COTS has long been seen as a ready-made solution that includes both hardware and software, and it has been seen as effective in reducing the time and cost of software development, while it can be obtained at a lower cost than in-house development.
However, the United States Department of Homeland Security has warned that there are security risks with COTS software, as it can introduce security vulnerabilities into an organization’s supply chain. Some of the risks may be worth the tradeoff if the security fears can be alleviated.
“Using commercially available technology tends to cut costs at the possible expense of efficiency and targeted functionality. It forces agencies, when possible, to use products that are typically cheaper due to volume and competition,” explained technology industry analyst Rob Enderle of the Enderle Group.
“As long as there is still a path for custom technology, this shouldn’t result in a reduction in capabilities, but if it forced a non-optimal solution, then the result would suffer as it would with any bad decision,” Enderle told ClearanceJobs.
“Custom technology certainly has a role, but too often this is just the easiest path or the lost lucrative for the supplying vendor, so, as long as the push to COTS wasn’t excessive, than the outcome should be favorable, cost and service wise – COTS products tend to be more readily available – initially, and as long as the supplier is required to maintain adequate part reserves, this benefit can last the life of the resulting solution,” Enderle added.
There are other benefits of COTS, including that it can bypass lengthy development timelines for programs.
Matt Sipe, vice president of strategy and open systems at Parry Labs told ClearanceJobs that COTS can also help lower the overall programs risk profile by adopting no risk COTS solutions versus entering a development effort in which risks, especially in the advanced technology domain will exist.”
“COTS can reduce costs to a program, both non-recurring engineering costs, due to not requiring development activities, and lifecycle capability costs, as COTS are often cheaper given the ability of the company to spread the costs over multiple programs versus a singular program,” said Sipe.
What About Innovation?
Beyond the security concerns, there is also the question of innovation. While there are many programs that can benefit from COTS, others may need a more customized solution.
“When purchasing COTS, the desire for speed and ready solutions can cause customers to trade requirements. Often, COTS can drive a customer to accept an 80% solution that is ready now versus developing a 100% development solution that will be ready at some later point,” Sipe noted. “When purchasing COTS without first establishing clear module boundaries and exposed interfaces, the customer can easily end up vendor locked. Vendor locked conditions can dramatically reduce the customer’s ability to insert new innovative products, especially when those are from competitive companies with the original COTS.”
Customers may opt for implementing Modular Open Systems Approach (MOSA) on a program, which Sipe suggested is the best way to both increase the opportunities for COTS and to ensure the desire for speed doesn’t end up resulting in lifecycle cost or innovation trades.
Emerging Technologies
Where COTS stifling innovation should not be seen as a concern is in emerging technologies.
“This doesn’t necessarily compromise innovation; because innovation can also be tied to using lower-cost but performant parts in what otherwise would have been a custom solution,” said Enderle. “Examples of successful COTS use include PACS (Portable Aircraft Control Station), and the software the Army uses to streamline paperwork, which was also off-the-shelf.”
However, COTS are typically not designed with the military threat environment in mind.
“As such, this can present system-level challenges based on the adoption of COTS,” warned Sipe. “In the hardware domain, this can mean reduced reliability in some of the harshest environments. In the software domain, this can mean the introduction of new cyber threat vectors.”
