OSW26BZ02-DV003 — Generative AI for Secure Workflow Automation and Compliance
Award Maximum: $2,000,000 Period of Performance: 12 months Phase Type: Direct-to-Phase-II (D2P2)
OBJECTIVE: To develop and demonstrate a secure, enterprise-grade Generative AI platform to automate and enhance critical administrative, security, and compliance workflows within the Department of War (DoW). This effort seeks to dramatically reduce manual effort, improve the quality and speed of documentation, and ensure rigorous adherence to complex regulatory and security guidelines.
DESCRIPTION: The Department of War currently relies on manual, time-consuming, and resource-intensive processes for creating and managing critical documentation such as Security Classification Guides (SCGs), Program Protection Plans (PPPs), and OPSEC plans. These legacy workflows are prone to human error, leading to inconsistencies, over-classification, and potential security vulnerabilities. This administrative burden directly impacts mission agility and the speed of decision-making.
The emergence of secure, fine-tuned Large Language Models (LLMs) presents a transformative opportunity to modernize these processes. The DoW seeks a mature, AI-driven Software-as-a-Service (SaaS) platform capable of operating in both unclassified and classified environments (up to Top Secret/Sensitive Compartmented Information - TS/SCI). This platform will serve as a foundational toolkit for government personnel, augmenting their ability to generate, review, and manage complex documentation with unprecedented speed and accuracy.
The chosen performer will be expected to deliver a solution that is not just a theoretical model but a demonstrable, scalable, and secure platform ready for rapid prototyping and operational testing.
This solicitation is for a Direct to Phase II (D2P2) award. Offerors are expected to have already achieved significant technical maturity and be prepared to demonstrate existing capabilities upon request.
PHASE I: This topic is accepting Direct to Phase II proposals only. Strong proposals should document prior experience collaborating and working with large defense contractors in many or all the following ways:
Completion of a feasibility study or initial prototype development for an AI-driven tool related to classification, security planning, policy, or compliance.
Demonstrated expertise in fine-tuning LLMs for specialized, high-stakes domains (e.g., legal, finance, cybersecurity, or government).
Evidence of a well-defined technical approach and architecture for deploying AI solutions in secure, air-gapped, or hybrid cloud environments.
Demonstrated Capability: Proven track record in developing and deploying AI-driven solutions.
Classified Experience: Verifiable experience working with the Department of War on classified programs and systems up to the TS/SCI level. Personnel must be eligible for required clearances.
Technological Advantage: A well-articulated and defensible explanation of why their secure LLM technology represents a significant leap beyond the current state of the art.
Government Acumen: A deep and nuanced understanding of government security and administrative processes, essential for building a truly effective solution.
Proposers must provide clear and compelling evidence of this prior work in their proposal.
PHASE II: The primary goal of Phase II is to develop, demonstrate, and deliver a Minimum Viable Product (MVP) of the AI-powered toolkit within an 18-month period of performance. The performer shall:
Work closely with government stakeholders through detailed Q&A sessions and agile development sprints to refine requirements and ensure the solution meets operational needs.
Develop and deliver a functional prototype of an integrated toolkit with priority given to the following applications:
Security Classification Guide (SCG) Builder: Automates the generation of SCGs based on program data and existing directives.
Program Protection Plan (PPP) Builder: Assists in drafting comprehensive PPPs by integrating threat data and security controls.
OPSEC Plan Builder: Streamlines the creation of OPSEC plans.
Policy, Compliance, and Risk Review Tools: Enables rapid analysis of documents against a corpus of policies, regulations, and risk frameworks.
Insider Threat Management Module: Provides tools to assist in identifying and mitigating potential insider threats through the analysis of unstructured data.
Demonstrate a clear and significant advantage in their fine-tuned and secure LLMs, focusing on accuracy, explainability, data privacy, and robustness against adversarial manipulation.
Develop a detailed roadmap for deploying the solution in a classified environment (up to TS/SCI) and integrating it with existing DoW systems.
Deliverables will include the MVP prototype, a final technical report, a demonstration in a relevant environment, and a roadmap for scalability and transition.
PHASE III DUAL USE APPLICATIONS: The successful completion of Phase II is expected to result in technology that is highly sought after across the Department of War and the broader Intelligence Community. The performer will be expected to transition the technology into a sustainable Program of Record or a commercially available service on government contract vehicles. Dual-use applications include deployment in other federal agencies, as well as in highly regulated commercial industries such as finance, healthcare, and critical infrastructure, where compliance and security are paramount.