Capabilities for Cyber Advancement

NAICS CODE: 541715

FEDERAL AGENCY NAME: Department of the Air Force, Air Force Materiel Command, AFRL - Rome Research Site, AFRL/Information Directorate, 26 Electronic Parkway, Rome, NY, 13441-4514

BAA ANNOUNCEMENT TYPE: Initial announcement

BROAD AGENCY ANNOUNCEMENT (BAA) TITLE: Capabilities for Cyber Advancement

BAA NUMBER: FA8750-21-S-7001

PART I OVERVIEW INFORMATION

This announcement is for an Open, 2 Step BAA which is open and effective until 01 Dec 2025. Only white papers will be accepted as initial submissions; formal proposals will be accepted by invitation only. While white papers will be considered if received prior to 6:00 PM Eastern Standard Time (EST) on 01 Dec 2025, the following submission dates are suggested to best align with projected funding:

FY21 by 05 Apr 2021

FY22 by 30 Sep 2021

FY23 by 30 Sep 2022

FY24 by 30 Sep 2023

FY25 by 30 Sep 2024

FY26 by 30 Sep 2025

Offerors should monitor the Contract Opportunities on the Beta SAM website at https://beta.SAM.gov in the event this announcement is amended.

CONCISE SUMMARY OF TECHNOLOGY REQUIREMENT: Seeking innovative, next-generation technologies to achieve cyber superiority to integrate and transition into warfighting capabilities.

This BAA is a follow-on to FA8750-18-S-7002.

BAA ESTIMATED FUNDING: Total funding for this BAA is approximately $975M. Individual awards will not normally exceed 60 months with dollar amounts normally ranging from $100K to $99M. There is also the potential to make awards up to any dollar value as long as the value does not exceed the available BAA ceiling amount.

ANTICIPATED INDIVIDUAL AWARDS: Multiple Awards are anticipated.

TYPE OF INSTRUMENTS THAT MAY BE AWARDED: Procurement contracts, grants, cooperative agreements or other transactions (OT) depending upon the nature of the work proposed. In the event that an Other Transaction for Prototype agreement is awarded as a result of this competitive BAA, and the prototype project is successfully completed, there is the potential for a prototype project to transition to award of a follow-on production contract or transaction. The Other Transaction for Prototype agreement itself will also contain a similar notice of a potential follow-on production contract or agreement.

AGENCY CONTACT INFORMATION: All white paper submissions and any questions of a technical nature shall be directed to the cognizant Technical Point of Contact (TPOC) as specified below (unless otherwise specified in the technical area):

BAA MANAGER:

Walter Karas

AFRL/RIGA

525 Brooks Rd

Rome, NY 13441-4505

Telephone: (315)330-2625

Email: afrl.riga.baa@us.af.mil

Questions of a contractual/business nature shall be directed to the cognizant contracting officer, as specified below:

Amber Buckley

Email: Amber.Buckley@us.af.mil

Emails must reference the solicitation (BAA) number and title of the acquisition.

Pre-Proposal Communication between Prospective Offerors and Government Representatives: Dialogue between prospective offerors and Government representatives is encouraged. Technical and contracting questions can be resolved in writing or through open discussions. Discussions with any of the points of contact shall not constitute a commitment by the Government to subsequently fund or award any proposed effort. Only Contracting Officers are legally authorized to commit the Government.

Offerors are cautioned that evaluation ratings may be lowered and/or proposal rejected if proposal preparation (Proposal format, content, etc.) and/or submittal instructions are not followed.

PART II FULL TEXT ANNOUNCEMENT

BROAD AGENCY ANNOUNCEMENT (BAA) TITLE: Capabilities for Cyber Advancement

BAA NUMBER: BAA FA8750-21-S-7001

CATALOG OF FEDERAL DOMESTIC ASSISTANCE (CFDA) Number: 12.800 and 12.910

I. TECHNOLOGY REQUIREMENTS:

The Air Force Research Laboratory's (AFRL's) strategic vision for cyber superiority is to ensure the success of cyberspace-dependent missions in air, space, and cyberspace. The purpose of this BAA is to develop the next-generation technologies necessary to achieve this vision, so that they can be integrated and transitioned into warfighting capabilities.

Providing mission assurance in an Air Force context means supporting the notions of Global Vigilance, Global Reach, and Global Power across the five enduring AF core missions: air and space superiority; intelligence, surveillance, and reconnaissance; rapid global mobility; global strike; and command and control.

Providing mission assurance in a Space Force context means supporting the responsibilities of Preserving Freedom of Action in a space domain, Enable Joint Lethality and Effectiveness, and Provide Independent Options across the Space Force's five core competencies: space security; combat power projection; space mobility and logistics; information mobility and logistics; information mobility; and space domain awareness.

The scope and direction of this BAA are derived from these as follows:

Global Vigilance and Preserving Freedom of Action in the space domain requires continuous situational awareness and understanding across the warfighting domains. However, maintaining this awareness, which is equivalent to a pilot's need to keep their understanding of the situation ahead of the plane, is impossible in an environment based on anything other than an assured and trusted infrastructure. In such an environment, most threats and attacks are avoided because of the very nature and construction of the infrastructure, not because of human operators or reactive tactics. Thus, a trusted infrastructure that is secure against attacks as well as resilient (i.e., able to recover from adverse events) is a prerequisite for the more complex, higher-level operations that achieve Global Vigilance.

An assured and trusted cyber infrastructure begins with proven-correct designs that are technologically immune to threats and have an autonomous ability to modify the cyber domain to avoid unforeseen attacks and emerging threats. With this kind of infrastructure as the foundation, additional warfighting capabilities can be instantiated. For example, the infrastructure's intrinsic ability to avoid and be resilient to attacks can be supplemented with tried-and-true warfighting tactics such as deception, maneuver, and even deterrence.

In addition to a secure, resilient, and trusted foundation with an ability to autonomously stay ahead of the threat, the need for situational understanding, and in turn Global Vigilance, demands a complete understanding of how missions depend on the cyber infrastructure. Since mission execution is dynamic in both time and space, the ability to establish and maintain a dependency map of mission functions and threads to infrastructure must also be dynamic and resolve to continually maintain the validity of the dependency analysis.

Global Reach and Provide Independent Options implies the ability to continually access and exercise command and control over warfighting forces. In the cyber domain, this applies to cyber assets supporting ongoing, as well as transient, on-demand missions deployed globally. As deployed and in-garrison cyber assets are exposed to threats, there should be contingency capabilities in the event that the infrastructure described earlier meets a threat with the potential to degrade dependent missions. These contingencies require the ability for critical slices of the infrastructure, i.e., those mapped as supporting mission essential functions (MEFs), to possess an inherent resiliency allowing them to survive the attack by re-provisioning resources to maintain the viability of designated MEFs.

When attacks degrade or destroy resources required for MEFs, the infrastructure shall have the ability to automatically maintain mission continuity by restoring, repairing, or re-provisioning critical resources.

Global Power and Enable Joint Lethality and Effectiveness is the ability to deliver precision effects any time, any place. In the context of cyber defense, this means using the assured and trusted infrastructure to automatically compute, provision, and deliver effects-based defenses designed to preserve missions, elicit specific desired adversary action, or provide defensive counter-cyber actions.

Technologies of interest to the strategic vision of this BAA include, but are not limited to: cloud architectures, code analysis and evaluation, cyber modeling & simulation, decision support for cyber missions, design frameworks, evaluation & measurement techniques, formal methods, mobile and embedded device security, means for recovery from attack, methods/means for non-traditional cybersecurity, methods for data security in untrusted environments, protocol development and analysis, risk management approaches, secure processors, secure development tools and techniques, standards for information exchange, trusted hardware and software, virtualization, and zero trust computing.

Platforms of interest to the Air Force include, but are not limited to: Military platforms and Programs of Record (POR) with cyber components or dependence, shared/commercial and private/Government clouds, embedded devices and firmware, mobile and bring your own device (BYOD) platforms, automation systems, tactical systems, wired and wireless networks at the enterprise and tactical levels.

In addition, AFRL/RI requires research and development of assured and resilient full spectrum cyber capabilities to include cyberspace infrastructure and effects to be used in pursuit of cyber engagement and freedom of operations in cyberspace. This includes defensive technologies to strengthen the security of US cyber assets and defend against adversarial cyber advancement and cyber exploitation technologies to provide the US with intelligence regarding the cyber landscape and adversary activities in the cyber domain.

IMPORTANT NOTES REGARDING:

FUNDAMENTAL RESEARCH. It is DoD policy that the publication of products of fundamental research will remain unrestricted to the maximum extent possible. National Security Decision Directive (NSDD) 189 defines fundamental research as follows:

Fundamental research' means basic and applied research in science and engineering, the results of which ordinarily are published and shared broadly within the scientific community, as distinguished from proprietary research and from industrial development, design, production, and product utilization, the results of which ordinarily are restricted for proprietary or national security reasons.

As of the date of publication of this BAA, the Government cannot identify whether work proposed under this BAA may be considered fundamental research and may award both fundamental and non-fundamental research. Proposers should indicate in their proposal whether they believe the scope of the research included in their proposal is fundamental or not. While proposers should clearly explain the intended results of their research, the Government shall have sole discretion to select award instrument type and to negotiate all instrument terms and conditions with selectees. Appropriate clauses will be included in resultant awards for non-fundamental research to prescribe publication requirements and other restrictions, as appropriate.

For certain research projects, it may be possible that although the research being performed by the awardee is restricted research, a sub-awardee may be conducting fundamental research. In those cases, it is the awardee's responsibility to explain in their proposal why its sub-awardee's effort is fundamental research.

CLOUD COMPUTING. In accordance with DFARS Clause 252.239-7010, if the development proposed requires storage of Government, or Government-related data on the cloud, offerors need to ensure that the cloud service provider proposed has been granted Provisional Authorization by the Defense Information Systems Agency (DISA) at the level appropriate to the requirement.

II. AWARD INFORMATION:

1. FUNDING: Total funding for this BAA is approximately $975M. The anticipated funding to be obligated under this BAA is broken out by fiscal year as follows:

FY21 - $ 121M

FY22 - $ 160M

FY23 - $ 195M

FY24 - $ 211M

FY25 - $ 226M

FY26 - $ 62M

1. Individual awards will not normally exceed 60 months with dollar values normally ranging from $100K to $99M per award. There is also the potential to make awards up to any dollar value as long as the value does not exceed the available BAA ceiling amount of $975M.
   
2. The Government reserves the right to select all, part, or none of the proposals received, subject to the availability of funds. All potential Offerors should be aware that due to unanticipated budget fluctuations, funding in any or all areas may change with little or no notice.
   2. FORM. Awards of efforts as a result of this announcement will be in the form of contracts, grants, cooperative agreements or other transactions depending upon the nature of the work proposed.
   3. BAA TYPE: This is a two-step open broad agency announcement. This announcement constitutes the only solicitation.
   As STEP ONE The Government is only soliciting white papers at this time. DO NOT SUBMIT A FORMAL PROPOSAL. Those white papers found to be consistent with the intent of this BAA may be invited to submit a technical and cost proposal. See Section VI of this announcement for further details regarding the proposal.
   III. ELIGIBILITY INFORMATION:
   1. ELIGIBILITY: All qualified offerors who meet the requirements of this BAA may apply.
   2. FOREIGN PARTICIPATION/ACCESS:
   
3. This BAA is closed to foreign participation. This includes both foreign ownership and foreign nationals as employees or subcontractors.
4. Exceptions.
   1. Fundamental Research. If the work to be performed is unclassified, fundamental research, this must be clearly identified in the white paper and/or proposal. See Part II, Section I for more details regarding Fundamental Research. Offerors should still identify any performance by foreign nationals at any level (prime contractor or subcontractor) in their proposals. Please specify the nationals' country of origin, the type of visa or work permit under which they are performing and an explanation of their anticipated level of involvement. You may be asked to provide additional information during negotiations in order to verify the foreign citizen's eligibility to participate on any contract or assistance agreement issued as a result of this announcement
   2. Foreign Ownership, Control or Influence (FOCI) companies who have mitigation plans/paperwork in place. Proof of approved mitigation documentation must be provided to the contracting office focal point, Amber Buckley, Contracting Officer, telephone (315) 330-3605, or e-mail Amber.Buckley@us.af.mil prior to submitting a white paper and/or a proposal. For information on FOCI mitigation, contact the contact the Defense Counterintelligence and Security Agency (DCSA). Additional details can be found at: https://www.dcsa.mil/mc/ctp/foci/.
   3. Foreign Nationals as Employees or Subcontractors. Applicable to any effort not considered Fundamental Research. Offerors are responsible for ensuring that all employees and/or subcontractors who will work on a resulting contract are eligible to do so. Any employee who is not a U.S. citizen or a permanent resident will be restricted from working on any resultant contract unless prior approval of the Department of State or the Department of Commerce is obtained via a technical assistance agreement or an export license. Violations of these regulations can result in criminal or civil penalties.
5. Information Regarding Non-US Citizens Assigned to this Project
   
   1. Contractor employees requiring access to USAF bases, AFRL facilities, and/or access to U.S. Government Information Technology (IT) networks in connection with the work on contracts, assistance instruments or other transactions awarded under this BAA must be U.S. citizens. For the purpose of base and network access, possession of a permanent resident card ("Green Card") does not equate to U.S. citizenship. This requirement does not apply to foreign nationals approved by the U.S. Department of Defense or U.S. State Department under international personnel exchange agreements with foreign governments. It also does not apply to dual citizens who possess US citizenship, to include Naturalized citizens. Any waivers to this requirement must be granted in writing by the Contracting Officer prior to providing access. Specific format for waiver request will be provided upon request to the Contracting Officer. The above requirements are in addition to any other contract requirements related to obtaining a Common Access Card (CAC).
   2. For the purposes of Paragraph 1, it an IT network/system does not require AFRL to endorse a contractor's application to said network/system in order to gain access, the organization operating the IT network/system is responsible for controlling access to its system. If an IT network/system requires a U.S. Government sponsor to endorse the application in order for access to the IT network/system, AFRL will only endorse the following types of applications, consistent with the requirements above:
      
6. Contractor employees who are U.S. citizens performing work under contracts, assistance instruments or other transactions awarded under this BAA.
7. Contractor employees who are non-U.S. citizens and who have been granted a waiver.
   Any additional access restrictions established by the IT network/system owner apply.
   3. FEDERALLY FUNDED RESEARCH AND DEVELOPMENT CENTERS AND GOVERNMENT ENTITIES: Federally Funded Research and Development Centers (FFRDCs) and Government entities (e.g., Government/National laboratories, military educational institutions, etc.) are subject to applicable direct competition limitations and cannot propose to this BAA in any capacity unless they meet the following conditions:
   
8. FFRDCs: FFRDCs must clearly demonstrate that the proposed work is not otherwise available from the private sector; and FFRDCs must provide a letter on official letterhead from their sponsoring organization citing the specific authority establishing their eligibility to propose to Government solicitations and compete with industry, and their compliance with the associated FFRDC sponsor agreement's terms and conditions. This information is required for FFRDCs proposing to be prime contractors or sub-awardees.
   
9. Government Entities: Government entities must clearly demonstrate that the work is not otherwise available from the private sector and provide written documentation citing the specific statutory authority and contractual authority, if relevant, establishing their ability to propose to Government solicitations. While 10 U.S.C. 2539b may be the appropriate statutory starting point for some entities, specific supporting regulatory guidance, together with evidence of agency approval, will still be required to fully establish eligibility.
   FFRDC and Government entity eligibility will be determined on a case-by-case basis; however, the burden to prove eligibility for all team members rests solely with the proposer.
   Government agencies interested in performing work related to this announcement should contact the Technical Point of Contact (TPOC). If resulting discussions reveal a mutual interest, cooperation may be pursued via other vehicles.
   IV. APPLICATION AND SUBMISSION INFORMATION:
   All responses to this announcement must be addressed to the Technical Point of Contact (TPOC) listed in SECTION VII. DO NOT send white papers to the Contracting Officer.
   1. SUBMISSION DATES AND TIMES:
   It is recommended that white papers be received by 6:00 PM Eastern Standard Time (EST) on the following dates to maximize the possibility of award:
   FY21 by 05 Apr 2021
   FY22 by 30 Sep 2021
   FY23 by 30 Sep 2022
   FY24 by 30 Sep 2023
   FY25 by 30 Sep 2024
   FY26 by 30 Sep 2025
   White papers will be accepted until 6:00 PM EST on 01 DEC 2025, but it is less likely that funding will be available in each respective fiscal year after the dates cited. This BAA will close on 01 DEC 2025.
   All offerors submitting white papers will receive notification of their evaluation results within 45 days of submission. Offerors should email the TPOC and the Contracting Officer listed in Section VII, for status of their white paper(s) after 45 days, if no such correspondence has been received.
   2. CONTENT AND FORMAT: Offerors are required to submit a 4 to 5 page white paper summarizing their proposed approach/solution. The purpose of the white paper is to preclude unwarranted effort on the part of an offeror whose proposed work is not of interest to the Government.
   The white paper will be formatted as follows:
   
10. Section A: Title, Period of Performance, Estimated Cost, Name/Address of Company, Technical and Contracting Points of Contact (phone and email)(this section is NOT included in the page count);
11. Section B: Task Objective; and
12. Section C: Technical Summary and Proposed Deliverables.
    All white papers shall be double spaced with a font no smaller than 12 point. In addition, respondents are requested to provide their Commercial and Government Entity (CAGE) Code, their unique entity identifier and electronic funds transfer (EFT) indicator (if applicable), an e-mail address and reference BAA FA8750-21-S-7001 with their submission.
    Multiple white papers within the purview of this announcement may be submitted by each offeror. If the offeror wishes to restrict its white papers, they must be marked with the restrictive language stated in FAR 15.609(a) and (b).
    3. HANDLING AND MAILING INSTRUCTIONS:
    a. CLASSIFICATION GUIDANCE. All Proposers should review the NATIONAL INDUSTRIAL SECURITY PROGRAM OPERATING MANUAL (NISPOM), 32 CFR Part 117, dated February 28, 2006, and Change 2, dated May 18, 2016, as it provides baseline standards for the protection of classified information and prescribes the requirements concerning Contractor Developed Information under paragraph 4-105. Defense Counterintelligence and Security Agency (DCSA) Site for the NISPOM is: http://www.dcsa.mil/.
    In the event of a possible or actual compromise of classified information in the submission of your white paper or proposal, immediately but no later than 24 hours, bring this to the attention of your cognizant security authority and AFRL Rome Research Site Information Protection Office (IPO):
    Information Protection Office (contact only if a security compromise has occurred)
    Monday-Friday (0730-1630): Call 315-330-4048 or Email: vincent.guza@us.af.mil
    Evenings and Weekends: Call 315-330-2961
    b. CLASSIFIED SUBMISSIONS. AFRL/RIGA will accept classified responses to this BAA when the classification is mandated by classification guidance provided by an Original Classification Authority of the U.S. Government, or when the offeror believes the work, if successful, would merit classification.
    Security classification guidance in the form of a DD Form 254 (DoD Contract Security Classification Specification) will not be provided at this time since AFRL is soliciting ideas only.
    Offerors that intend to include classified information or data in their white paper submission or who are unsure about the appropriate classification of their white papers should contact the technical point of contact listed in Section VII for guidance and direction in advance of preparation.
    c. MAILING INSTRUCTIONS.
    

Email Unclassified electronic submission to afrl.riga.baa@us.af.mil. Encrypt or password-protect all proprietary information prior to sending. Offerors are responsible to confirm receipt with the TPOC. AFRL is not responsible for undelivered documents. If electronic submission is used, only one copy of the documentation is required.

Questions can be directed to the TPOC listed in Section VII.

4. OTHER SUBMISSION REQUIREMENTS/CONSIDERATIONS:

a. COST SHARING OR MATCHING: Cost sharing is not a requirement. Cost sharing may be proposed and will be considered on a case-by-case basis. Cost share will not be a factor in selection for award.

b. SYSTEM FOR AWARD MANAGEMENT (SAM). Offerors must be registered in the SAM database to receive a contract award, and remain registered during performance and through final payment of any contract or agreement. Processing time for registration in SAM, which normally takes forty-eight hours, should be taken into consideration when registering. Offerors who are not already registered should consider applying for registration before submitting a proposal. The provision at FAR 52.204-7, System for Award Management (Oct 2018) applies.

c. EXECUTIVE COMPENSATION AND FIRST-TIER SUBCONTRACT/ SUBRECIPIENT AWARDS: Any contract award resulting from this announcement may contain the clause at FAR 52.204-10 - Reporting Executive Compensation and First-Tier Subcontract Awards (Jun 2020). Any grant or agreement award resulting from this announcement may contain the award term set forth in 2 CFR, Appendix A to Part 25 which can be viewed at: https://www.govinfo.gov/app/details/CFR-2012-title2-vol1/CFR-2012-title2-vol1-part25-appA.

d. ALLOWABLE CHARGES: The cost of preparing white papers/proposals in response to this announcement is not considered an allowable direct charge to any resulting contract or any other contract, but may be an allowable expense to the normal bid and proposal indirect cost specified in FAR 31.205-18. Incurring pre-award costs for ASSISTANCE INSTRUMENTS ONLY are regulated by 2 CFR part 200.458, Pre-Award Costs.

e. GOVERNMENT APPROVED ACCOUNTING SYSTEM: An offeror must have a government approved accounting system prior to award of a cost-reimbursement contract per limitations set forth in FAR 16.301-3(a) to ensure the system is adequate for determining costs applicable to the contract. The acceptability of an accounting system is determined based upon an audit performed by the Defense Contract Audit Agency (DCAA). IMPORTANT: If you do not have a DCAA approved accounting system access the following link for instructions: https://beta.sam.gov/opp/e628c811fafe041accdddf55fb8539bf/view?keywords=AFRL-BAA-Guide&sort=-relevance&index=&is_active=true&page=1

f. HUMAN USE: All research involving human subjects, to include the use of human biological specimens and human data, selected for funding must comply with Federal regulations for human subject protection. Further, research involving human subjects that is conducted or supported by the DoD must comply with 32 CFR 219, Protection of Human Subjects found at: http://www.access.gpo.gov/nara/cfr/waisidx_07/32cfr219_07.html, and DoD Instruction 3216.02, Protection of Human Subjects and Adherence to Ethical Standards in DoD-Supported Research found at: http://www.dtic.mil/whs/directives/corres/pdf/321602p.pdf.

1. Institutions awarded funding for research involving human subjects must provide documentation of a current Assurance of Compliance with Federal regulations for human subject protection, for example a Department of Health and Human Services, Office of Human Research Protection Federal Wide Assurance found at: http://www.hhs.gov/ohrp.
   
2. All institutions engaged in human subject research, to include subcontractors, must have a valid assurance. In addition, personnel involved in human subject research must document the completion of appropriate training for the protection of human subjects.
   
3. For all research that will involve human subjects in the first year or phase of the project, the institution must submit evidence of a plan for review by an institutional review board (IRB) as part of the proposal. The IRB conducting the review must be the IRB identified on the institution's Assurance of Compliance. The protocol, separate from the proposal, must include a detailed description of the research plan, study population, risks and benefits of study participation, recruitment and consent process, data collection, and data analysis. The designated IRB should be consulted for guidance on writing the protocol. The informed consent document must comply with 32 CFR 219.116. A valid Assurance of Compliance and evidence of appropriate training by all investigators should accompany the protocol for review by the IRB.
   
4. In addition to a local IRB approval, an AFRL-level human subject regulatory review and approval is required for all research conducted or supported by the DoD. The Air Force office responsible for managing the award can provide guidance and information about the AFRL-level review process. Confirmation of a current Assurance of Compliance and appropriate human subjects protection training is required before AFRL-level approval can be issued.
   
5. The time required to complete the IRB review/approval process will vary depending on the complexity of the research and/or the level of risk to study participants; ample time should be allotted to complete the approval process. The IRB approval process can last between 1 to 3 months, followed by a DoD review that could last 3 to 6 months. No funding may be used toward human subject research until all approvals are granted. Therefore, in their cost proposals offerors should separate human use into a separate option.

g) SUPPLIER PERFORMANCE RISK SYSTEM (SPRS). Offerors should have a BASIC NIST SP 800 171 DoD Assessment in the SPRS (https://www.sprs.csd.disa.mil/). Basic assessment is to be conducted by the offeror.

V. APPLICATION REVIEW INFORMATION:

1. CRITERIA: The following criteria, which are listed in descending order of importance and will be used to determine whether white papers and proposals submitted are consistent with the intent of this BAA and of interest to the Government:

1. Overall scientific and/or technical merit including technical feasibility, degree of innovation, and understanding of the technical and operational approach for employment of the technology
2. The effort's potential contribution and relevance to the Department of the Air Force objectives
3. The extent to which the offeror demonstrates relevant technology and domain knowledge
4. Reasonableness and realism of proposed costs and fees (if any).

No further evaluation criteria will be used to select white papers for proposal invitation. Proposals will be evaluated IAW this evaluation criteria only and categorized/selected for award as detailed in Section V.2.b.2. White papers and proposals submitted will be evaluated as they are received.

2. REVIEW AND SELECTION PROCESS:

1. Only Government employees will evaluate the white papers/proposals for selection. The Air Force Research Laboratory's Information Directorate has contracted for various business and staff support services, some of which require contractors to obtain administrative access to proprietary information submitted by other contractors. Administrative access is defined as "handling or having physical control over information for the sole purpose of accomplishing the administrative functions specified in the administrative support contract, which do not require the review, reading, and comprehension of the content of the information on the part of non-technical professionals assigned to accomplish the specified administrative tasks." These contractors have signed general non-disclosure agreements and organizational conflict of interest statements. The required administrative access will be granted to non-technical professionals. Examples of the administrative tasks performed include: a. Assembling and organizing information for R&D case files; b. Accessing library files for use by government personnel; and c. Handling and administration of proposals, contracts, contract funding and queries. Any objection to administrative access must be in writing to the Contracting Officer and shall include a detailed statement of the basis for the objection.
2. WHITE PAPER/PROPOSAL REVIEW PROCESS:
3. 1. FIRST STEP White Paper Reviews: The Government will review White Papers to identify those with the greatest potential to meet the Air Force's needs based on the criteria above. If funding is available for an identified white paper, AFRL/RI will request a formal technical and cost proposal from the Offeror. For white papers not of interest to the Government, or for which funding is not available, those Offerors will receive letters from the Government indicating the basis for non-selection.
      
   2. SECOND STEP Proposal Review and Selection Process
      a) Categories: Based on the evaluation, proposals will be categorized as Selectable or Not Selectable (see definitions below). The selection of one or more offerors for award will be based on the evaluation, as well as importance to agency programs and funding availability.
      1. Selectable: Proposals are recommended for acceptance, if sufficient funding* is available.
      2. Not Selectable: Even if sufficient funding existed, the proposal should not be funded.
      

* Selectable proposals will be designated as funded or unfunded. Letters will be sent to the unfunded offerors. These proposals may be funded at a later date without reevaluation, if funding becomes available.

.

b) The Government reserves the right to award some, all, or none of the proposals. When the Government elects to award only a part of a proposal, the selected part may be categorized as Selectable, though the proposal as a whole may not merit such a categorization.

c) Proposal Risk Assessment: Proposals' technical, cost, and schedule risk will be assessed as part of the above evaluation criteria's application. Proposal risk relates to the identification and assessment of the risks associated with an offeror's proposed approach as it relates to accomplishing the proposed effort. Tradeoffs of the assessed risk will be weighed against the potential scientific benefit. Proposal risk for schedule relates to an assessment of the risks associated with the offeror's proposed number of hours, labor categories, materials, or other cost elements as it relates to meeting the proposed period of performance.

d) Prior to award of a potentially successful offer, the Contracting Officer will make a determination regarding price reasonableness and realism.

1. 1. FEDERAL AWARDEE PERFORMANCE AND INTEGRITY INFORMATION SYSTEM (FAPIIS) PUBLIC ACCESS: The Government is required to review and consider any information about the applicant that is in the FAPIIS before making any award in excess of the simplified acquisition threshold (currently $250,000) over the period of performance. An applicant may review and comment on any information about itself that a federal awarding agency previously entered. The Government will consider any comments by the applicant, in addition to other information in FAPIIS in making a judgment about the applicant's integrity, business ethics, and record of performance under federal awards when completing the review of risk posed by applicants as described in 2 CFR 200.205 Federal Awarding Agency Review of Risk Posed by Applicants and per FAR 9.104-6.

4.ADEQUATE PRICE COMPETITION: As this BAA is an Open BAA, adequate price competition is not anticipated since there is no set response time, and proposals are evaluated at the time of receipt. Offerors whose proposals are selected for award will be expected to submit certified cost and pricing data on contracts exceeding $2M.

VI. STEP TWO INFORMATION REQUEST FOR PROPOSAL & AWARD:

1. PROPOSAL FORMATING: When developing proposals, reference the AFRL "Broad Agency Announcement (BAA): Guide for Industry," Mar 2015, and RI-Specific Proposal Preparation Instructions, Dec 2020, which may be accessed at: https://beta.sam.gov/opp/e628c811fafe041accdddf55fb8539bf/view?keywords=AFRL-BAA-GUIDE&sort=-relevance&index=&is_active=true&page=1 . Always reference the newest versions of these documents.

2. AWARD NOTICES: Those white papers found to be consistent with the research areas of interest and expected results within the broad topic areas as described in the Technology Requirements section of this BAA and of interest to the Government may be invited to submit a technical and cost proposal. Notification by email or letter will be sent by the TPOC. Such invitation does not assure that the submitting organization will be awarded a contract. Those white papers not selected to submit a proposal will be notified in the same manner. Prospective offerors are advised that only Contracting Officers are legally authorized to commit the Government. All offerors submitting proposals will receive notification of their evaluation results within 45 days of submission. Offerors should email the TPOC and the Contracting Officer listed in Section VII, for status of their proposal after 45 days, if no such correspondence has been received.

3. DEBRIEFINGS: If a debriefing is requested in accordance with the time guidelines set out in FAR 15.505 and 15.506, a debriefing will be provided, but the debriefing content may vary to be consistent with the procedures that govern BAAs (FAR 35.016). Debriefings will not be provided for white papers.

4. ADMINISTRATIVE AND NATIONAL POLICY REQUIREMENTS:

1. FACILITY CLEARANCE. Depending on the work to be performed, the offeror may require a SECRET or TOP SECRET facility clearance and safeguarding capability; therefore, personnel identified for assignment to a classified effort must be cleared for access to SECRET or TOP SECRET information at the time of award. In addition, the offeror may be required to have, or have access to, a certified and Government-approved facility to support work under this BAA.
2. EXPORT CONTROL LAWS. Awards under this solicitation may require access to, or generation of, data subject to export control laws and regulations. Only contractors who are registered and certified with the Defense Logistics Information Service (DLIS) and have a legitimate business purpose may participate in this solicitation. For questions, contact DLIS on-line at http://www.dla.mil/HQ/InformationOperations/LogisticsInformationServices.aspx or at the DLA Logistics Information Service, 74 Washington Avenue North, Battle Creek, Michigan 49037-3084, and telephone number 1-800-352-2255 (24/7). You must submit a copy of your approved DD Form 2345, Militarily Critical Technical Data Agreement, with your white paper/proposal.
3. SMALL BUSINESS PARTICIPATION. The Government encourages the best sources from the scientific and industrial communities to propose, including small business concerns, large businesses, academia and non-profit entities. Non-small businesses are encouraged to team with small business concerns to come up with the best technical solutions and obtain the best mix of cost, performance and schedule.
4. ACTIONS FOR THE PROTECTION OF INTELLECTUAL PROPERTY, CONTROLLED INFORMATION, KEY PERSONNEL AND CRITICAL TECHNOLOGIES. Offerors who are requested to submit a proposal under this solicitation of grants, cooperative agreements, Technology Investment Agreements, and other non-procurement transactions only shall submit specific information for all key personnel, whether or not the individuals' efforts under the project are to be funded by the DoD. Specific requirements will be detailed in the Request for Proposal (RFP) letter. The information shall be included in the Research and Related/Key Person Profile (Expanded) form (https://www.grants.gov/forms/r-r-family.html). This collection only applies to persons identified as key personnel. This information shall not be included in the overall proposal page limits. Failure to submit this information may cause the proposal to be returned without further review, and the DoD reserves the right to request further details before making a final determination on funding an effort. This information will be used to support protection of intellectual property, controlled information, key personnel, and information about critical technologies relevant to national security. Additionally, this information will be used to limit undue influence, including foreign talent programs, by countries that desire to exploit United States' technology within the DoD research, science and technology, and innovation enterprise.
5. BURDEN REDUCTION. With the exception of paragraph d. above, in order to reduce grant recipient reporting burden, effective 1 JAN 2019, use of the SF-424B is optional. Also, effective 1 JAN 2020, the SAM will become the central repository for common government-wide certifications and representations required of Federal grants recipients. As registration in SAM is required for eligibility for a Federal award and registration must be updated annually, Federal agencies will use SAM information to comply with award requirements and avoid increased burden and costs of separate requests for such information, unless the recipient fails to meet a Federal award requirement, or there is a need to make updates to their SAM registration for other purposes. (OMB Memorandum M 18-24).

5. DATA RIGHTS:

1. SBIR RIGHTS. The potential for inclusion of Small Business Innovation Research (SBIR) or data rights other than unlimited on awards is recognized. In accordance with (IAW) the Small Business Administration (SBA) SBIR Policy Directive, Section 8(b), SBIR data rights clauses are non-negotiable and must not be the subject of negotiations pertaining to an award, or diminished or removed during award administration. Issuance of an award will not be made conditional based on forfeit of data rights. If the SBIR awardee wishes to transfer its SBIR data rights to the Air Force or to a third party, it must do so in writing under a separate agreement. A decision by the awardee to relinquish, transfer, or modify in any way its SBIR data rights must be made without pressure or coercion by the agency or any other party.
   
2. NON-SBIR RIGHTS.
   
3. Non-SBIR data rights less than unlimited will be evaluated and negotiated on a case-by-case basis. Government Purpose Rights are anticipated for data developed with DoD reimbursed Independent Research and Development (IR&D) funding.
4. The Air Force Research Laboratory is engaged in the discovery, development, and integration of warfighting technologies for our air, space, and cyberspace forces. As such, rights in technical data and noncommercial computer software (NCS) developed or delivered under this contract are of significant concern to the Government. The Government will therefore carefully consider any restrictions on the use of technical data, NCS, and NCS documentation which could result in transition difficulty or less-than full and open competition for subsequent development of this technology.
5. Third Party Software. DFARS 252.227-7014(d) describes requirements for incorporation of third party computer software. Any third party software (commercial and noncommercial) to be incorporated into a deliverable must be clearly identified in the proposal. Prior to delivery of any third party software, the contractor will obtain an appropriate license for the Government, and the written approval of the contracting officer.
   
6. IDENTIFICATION & ASSERTION. IAW DFARS 252.227-7017, the Identification and Assertion of Use, Release, or Disclosure Restriction provision applies. See AFRL/RI Specific Proposal Preparation Instructions for further guidance and samples.
   6. REPORTING:
   a. Contract Applicable: Once a proposal has been selected for award, offerors will be given complete instructions on the submission process for the reports.
   b. FAPIIS Applicable: As required by 2 CFR 200 Appendix XII of the Uniform Guidance and FAR 9.104-6, non-federal entities (NFEs) are required to disclose in FAPIIS any information about criminal, civil, and administrative proceedings, and/or affirm that there is no new information to provide. This applies to NFEs that receive federal awards (currently active grants, cooperative agreements, and procurement contracts) greater than $10,000,000 for any period of time during the period of performance of an award/project.
   7. NOTICE: The following provisions* apply:
   
7. FAR 52.204-24, Representation Regarding Certain Telecommunications and Video Surveillance Services or Equipment (OCT 2020)
8. FAR 52.209-11, Representation by Corporations Regarding Delinquent Tax Liability or a Felony Conviction under any Federal Law
9. DFARS 252.239-7017, Notice of Supply Chain Risk
10. DFARS 252.204-7008, Compliance with Safeguarding Covered Defense Information Controls
11. DFARS 252.215-7013, Supplies and Services Provided by Nontraditional Defense Contractors
12. DFARS 252.204-7017, Prohibition on the Acquisition of Covered Defense Telecommunications Equipment or Services-Representation
13. DFARS 252.225-7973, Prohibition on the Procurement of Foreign-Made Unmanned Aircraft Systems-Representation (DEVIATION 2020-O0015) (MAY 2020)
    * Please note that the current versions or deviations of the related clauses will be included in any resulting contract.
    8. GRANT AWARDS ONLY: For efforts proposed as grant awards, offerors must provide an abstract in their proposal (not to exceed one page) that is publically releasable and that describes - in terms the public may understand - the project or program supported by the grant. If the proposal is selected for award, the DoD will publically post the abstract to comply with Section 8123 of the Department of Defense Appropriations Act, 2015 (Pub. L. 113-235).
    VII. AGENCY CONTACTS:
    All white paper and proposal submissions and any questions of a technical nature shall be directed to the cognizant TPOC as specified below (unless otherwise specified in the technical area):
    Walter Karas
    AFRL/RIGA
    525 Brooks Rd
    Rome, NY 13441-4505
    Telephone: (315)330-2625
    Email: afrl.riga.baa@us.af.mil
    Questions of a contractual/business nature shall be directed to the cognizant contracting officer, as specified below:
    Amber Buckley
    Email: Amber.Buckley@us.af.mil
    Emails must reference the solicitation (BAA) number and title of the acquisition.
    In accordance with AFFARS 5301.91, an Ombudsman has been appointed to hear and facilitate the resolution of concerns from offerors, potential offerors, and others for this acquisition announcement. Before consulting with an ombudsman, interested parties must first address their concerns, issues, disagreements, and/or recommendations to the contracting officer for resolution. AFFARS Clause 5352.201-9101 Ombudsman (Oct 2019) will be incorporated into all contracts awarded under this BAA.
    The AFRL Ombudsman and AFRL Alternate Ombudsman are as follows:
    Ms. Rosalind Harper (Primary)
    Mr. Steven Ewers (Alternate)
    1864 4th Street
    WPAFB OH 45433
    Phone: (937) 904-9700
    FAX: (937) 656-7321
    afrl.pk.workflow@us.af.mil
    

Background
The Department of the Air Force, Air Force Materiel Command, AFRL - Rome Research Site, AFRL/Information Directorate has issued a Broad Agency Announcement (BAA) titled 'Capabilities for Cyber Advancement.' The BAA is open and effective until 01 Dec 2025. The announcement seeks innovative, next-generation technologies to achieve cyber superiority and integrate them into warfighting capabilities. It is a follow-on to FA8750-18-S-7002. The total funding for this BAA is approximately $975M, with multiple awards anticipated. The type of instruments that may be awarded includes procurement contracts, grants, cooperative agreements, or other transactions (OT) depending upon the nature of the work proposed.

Work Details
The BAA seeks white papers summarizing proposed approaches/solutions for achieving cyber superiority and integrating next-generation technologies into warfighting capabilities. The white paper should include a title, period of performance, estimated cost, name/address of the company, technical and contracting points of contact (phone and email), task objective, and technical summary with proposed deliverables. White papers should be double-spaced with a font no smaller than 12 point. Offerors are encouraged to engage in dialogue with Government representatives to resolve technical and contracting questions. The white papers will be evaluated based on the degree of innovation, understanding of the technical and operational approach, potential contribution to Department of the Air Force objectives, relevant technology and domain knowledge demonstrated, and reasonableness and realism of proposed costs and fees.

Period of Performance
The BAA is open until 01 Dec 2025. Individual awards will not normally exceed 60 months with dollar amounts ranging from $100K to $99M.

Place of Performance
The contract will be performed at the AFRL/RIGA located at 525 Brooks Rd, Rome, NY 13441-4505.