MITRE | The Edge Perspectives | COTS "Solutions": Opportunities and Obstacles

March 2001
Volume 2
Number 1

COTS Commercial Off-the-Shelf

COTS "Solutions": Opportunities and Obstacles

Commercial Off-the-Shelf Software—Benefits and Burdens

Understanding Risks Alleviates COTS-based Systems Woes

Using COTS Means Business Not as Usual for the Government

COTS Software Licensing Accompanied by Trepidation

MITRE Roundtable
Is a COTS Solution Right for Me?

Assuring the Safety and Security of COTS Software Products

Selecting COTS Products or Services

Universal COTS Interfaces

Home > News & Events > MITRE Publications > The Edge >

COTS "Solutions": Opportunities and Obstacles

In 1994, Secretary of Defense William Perry mandated the use of commercial products and practices. In the 1997 Report of the Quadrennial Defense Review, Secretary of Defense William Cohen stated that "Over the past decade, the American commercial sector has reorganized, restructured, and adopted revolutionary new business and management practices in order to ensure its competitive edge in the rapidly changing global marketplace. Now the Department of Defense must adopt and adapt the lessons of the private sector if America's armed forces are to maintain their competitive edge in the rapidly changing global security arena."

To support this goal, military systems must be more flexible, scalable, and configurable so that they can satisfy these changing needs. Part of the solution is the use of commercial off-the-shelf (COTS) tools, technologies, and business practices. However, this has represented a major operational and business paradigm shift from a customized, proprietary model to a commercial, open market model.

In the more than six years since Secretary Perry mandated the use of COTS, hundreds of studies have addressed this topic. Time and again we have seen the benefits of COTS touted: cheaper, faster, better, no systems engineering, and no testing. Conversely, we have seen an increasing number of risks identified: authentication, authorization, and privacy risks; legacy system risks because the selected COTS product or service is someone else's; and risks associated with lack of control over schedule of upgrades, capabilities, reliability, response time, resource use, and user interface. And, with all of this information, disasters still abound, and questions persist:

What planning should I do and when? How do I budget for technology refresh? How do I judge which product is right for my environment? What are my major risk areas? How do I mitigate these risks?

The purpose of this edition of The Edge Perspectives is to cast the spotlight on some of the many challenges brought about by the use of COTS, including licensing, product assessment, risk management, security, and business practices. We do not presume to provide solutions. However, we do identify some high-risk areas and provide guidance based on a compendium of lessons learned over the years.

For more information, please contact guest editors Judy Clapp or Anita King or Audrey Taub using the employee directory.

	Solutions That Make a Difference.® Copyright © 1997-2013, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.
	Privacy Policy \| Contact Us