Commercial Off The Shelf Software Definition

Posted on by
Commercial Off The Shelf Software Definition 5,6/10 8910votes

Commercial off-the-shelf or commercially available off-the-shelf ( COTS) satisfy the needs of the purchasing organization, without the need to commission custom-made, or, solutions. A related term, Mil-COTS, refers to COTS products for use by the U.S. In the context of the, the (FAR) has defined 'COTS' as a formal term for commercial items, including services, available in the commercial marketplace that can be bought and used under government contract. For example, Microsoft is a COTS software provider. Goods and construction materials may qualify as COTS but bulk cargo does not. Services associated with the commercial items may also qualify as COTS, including installation services, training services, and cloud services. COTS purchases are alternatives to or one-off developments – or otherwise.

Although COTS products can be used out of the box, in practice the COTS product must be configured to achieve the needs of the business and integrated to existing organisational systems. Extending the functionality of COTS products via custom development is also an option, however this decision should be carefully considered due to the long term support and maintenance implications. Such customised functionality is not supported by the COTS vendor, so brings its own sets of issues when upgrading the COTS product. The use of COTS has been mandated [ ] across many government and business programs, as such products may offer significant savings in procurement, development, and maintenance. Motivations for using COTS components include hopes for reduction system whole of life costs. In the 1990s many regarded COTS as extremely effective in reducing the time and cost of [ ].

Commercial off-the-shelf software acquisition framework doe/ig-0463 u.s. Department of energy office of inspector general office of audit services.

COTS software came with many not-so-obvious tradeoffs— a reduction in initial over an increase in software component-integration work,, security issues and incompatibilities from future changes. Contents • • • • • • • Software and services [ ] Commercial-off-the-shelf (COTS) software and services are built and delivered usually from a third party vendor. COTS can be purchased, leased or even licensed to the general public. COTS can be obtained and operated at a lower cost over in-house development [ ], and provide increased reliability and quality over custom-built software as these are developed by specialists within the industry and are validated by various independent organisations, often over an extended period of time. Security implications [ ] According to the, software security is a serious risk of using COTS software.

If the COTS software contains severe security vulnerabilities it can introduce significant risk into an organization's software supply chain. The risks are compounded when COTS software is integrated or networked with other software products to create a new composite application or a system of systems. The composite application can inherit risks from its COTS components. The US Department of Homeland Security has sponsored efforts to manage issues related to the use of COTS.

However, software industry observers such as and the indicate that supply chain disruption poses a major threat. Answer Key To Managerial Accounting Teacher Edition. Budidaya Tanaman Sawi Putih Pdf Merge. Gartner predicts that 'enterprise IT supply chains will be targeted and compromised, forcing changes in the structure of the IT marketplace and how IT will be managed moving forward.'

Also, the SANS Institute published a survey of 700 IT and security professionals in December 2012 that found that only 14% of companies perform security reviews on every commercial application brought in house, and over half of other companies do not perform security assessments. Instead companies either rely on vendor reputation (25%) and legal liability agreements (14%) or they have no policies for dealing with COTS at all and therefore have limited visibility into the risks introduced into their software supply chain by COTS. Issues in other industries [ ] In the industry, COTS software can sometimes be identified as SOUP ( or software of unknown provenience), i.e., software that has not been developed with a known or methodology, which precludes its use in medical devices. In this industry, faults in software components could become system failures in the device itself if the steps are not taken to ensure fair and safe standards are complied with. The standard outlines specific practices to ensure that SOUP components support the safety requirements for the device being developed. In the case where the software components are COTS, DHS best practices for COTS software risk review can be applied.

It should be noted, however, that simply being COTS software does not necessarily imply the lack of a fault history or transparent software development process. For well documented COTS software a distinction as clear SOUP is made, meaning that it may be used in medical devices.

Commercial Off The Shelf Software Definition

Obsolescence [ ]. Main article: A striking example of product obsolescence is the, a built out of 1,760 Sony running the Linux operating system. On the PS3 in April 2010, leaving no means to procure functioning Linux.

In general, COTS product obsolescence can require customized support or development of a replacement system. Such problems have led to government-industry partnerships, where various businesses agree to stabilize some product versions for government use and plan some future features, in those product lines, as a joint effort. Hence, some partnerships have led to complaints of favoritism, to avoiding practices, and to claims of the use of agreements where not actually needed. There is also the danger of pre-purchasing a multi-decade supply of (and materials) which would become obsolete within 10 years. All these considerations lead to compare a simple solution (such as 'paper & pencil') to avoid overly complex solutions creating a ' system of, where a simple solution would have sufficed instead.

[ ] Such comparisons also consider whether a group is creating a make-work system to justify extra funding, rather than providing a low-cost system which meets the basic needs, regardless of the use of COTS products. Applying the lessons of processor obsolescence learned during the, the planned for processor upgrades during development, and switched to the more widely supported C++ programming language. They have also moved from ASICs to FPGAs. This moves more of the avionic design from fixed circuits to software that can be applied to future generations of hardware. COTS components are part of upgrades to the of United States Navy submarines. See also [ ] • • • • Notes [ ]. • '2.101 Definitions',, retrieved 2017-02-01 •.

Aegis Power Systems, Inc. Aegis Power Systems, Inc.

Retrieved 21 December 2015. • • McKinney, Dorothy, Presentation to INCOSE Chapters, August 2001. Accessed January 28, 2009. • ^ Ellison, Bob; Woody, Carol (2010-03-15)..

Department of Homeland Security: Build Security In. Retrieved 2012-12-17.

• MacDonald, Neil; Valdes, Ray (2012-10-05).. Retrieved 2012-12-17. • Bird, Jim; Kim, Frank (December 2012). Retrieved 2012-12-17.

• Hobbs, Chris (2012-01-04).. Medical Electronics Design. Retrieved 2012-12-17.

• • • • • Military & Aerospace Electronics, 1 May 2003. • ( January 18, 2011, at the.) References [ ] •.