The applications pathway shall provide for the use of rapid development and implementation of applications and other software or software improvements operated by the Department of Defense, which may include applications and associated procurement of covered hardware (including modifications of a type not customarily available in the commercial marketplace to meet Department requirements), commercially available cloud computing platforms, and other nondevelopmental items.

The embedded systems pathway shall provide for the rapid development and insertion of upgrades and improvements for software and covered hardware embedded in weapon systems and other hardware systems unique to the Department of Defense.

initiate the engineering of new software capabilities quickly and, if applicable, the integration of such capabilities into covered hardware;

demonstrate the viability and effectiveness of such capabilities for operational use not later than one year after the date on which funds are first obligated to acquire or develop software; and

allow for the continuous updating and delivery of new capabilities not less frequently than annually to iteratively meet a requirement.

iterative development of requirements for software and covered hardware to be acquired or developed under the authority of this section through engagement with the user community and through user feedback, in order to continuously define and update priorities for such requirements;

early identification of the warfighter or user needs including the rationale for how software and covered hardware to be acquired or developed under the authority of this section will be tailored to address such needs;

initial contract requirements and format, including the use of summary-level lists of problems in existing software and desired features or capabilities of new or upgraded software;

continuous refinement and prioritization of contract requirements, informed by continuous engagement with users throughout the period of development and implementation of software and covered hardware to be acquired or developed under this section;

continuous consideration of issues related to lifecycle costs, technical data rights, and systems interoperability;

planning for support of capabilities of software to be acquired or developed under this section if the software developer stops supporting the software;

rapid contracting procedures, including expedited timeframes for making awards, selecting contract types, defining teaming arrangements, and defining options;

program execution processes, including supporting development and test infrastructure, automation and tools, digital engineering, data collection and sharing with Department of Defense stakeholders and with Congress, the role of developmental and operational testing activities, key decision-making and oversight events, and supporting processes and activities (such as independent costing activity, operational demonstration, and performance metrics);

assurances that cybersecurity metrics of the software to be acquired or developed, such as metrics relating to the density of vulnerabilities within the code of such software, the time from vulnerability identification to patch availability, the existence of common weaknesses within such code, and other cybersecurity metrics based on widely-recognized standards and industry best practices, are generated and made available to the Department of Defense and the congressional defense committees;

administrative procedures, including procedures relating to who may initiate and approve an acquisition under this authority, the roles and responsibilities of persons implementing or supporting the use of authority under this section, team selection and staffing process, governance and oversight roles and responsibilities, and appropriate independent technology assessments, testing, and cost estimation (including relevant thresholds or designation criteria);

mechanisms and waivers designed to ensure flexibility in the implementation of a pathway under this section, including the use of other transaction authority, broad agency announcements, and other procedures; and

mechanisms the Secretary will use for appropriate reporting to Congress on the use of the authority under this section, including notice of initiation of the use of a pathway and data regarding individual programs or acquisition activities, how acquisition activities are reflected in budget justification materials or requests to reprogram appropriated funds, and compliance with other reporting requirements.

The term “nondevelopmental item” has the meaning given in section 110 of title 41.