DHS awards $28.97M to MITRE for cybersecurity R&D, citing sole-source procurement

Contract Overview

Contract Amount: $28,967,283 ($29.0M)

Contractor: THE Mitre Corporation

Awarding Agency: Department of Homeland Security

Start Date: 2023-04-17

End Date: 2024-04-16

Contract Duration: 365 days

Daily Burn Rate: $79.4K/day

Competition Type: NOT COMPETED

Pricing Type: COST PLUS FIXED FEE

Sector: R&D

Official Description: CAPABILITY DELIVERY (CD) AND COMMON VULNERABILITIES AND EXPOSURES (CVE), COMMON WEAKNESS ENUMERATION (CWE) PROGRAM

Place of Performance

Location: MCLEAN, FAIRFAX County, VIRGINIA, 22102

State: Virginia Government Spending

Plain-Language Summary

Department of Homeland Security obligated $29.0 million to THE MITRE CORPORATION for work described as: CAPABILITY DELIVERY (CD) AND COMMON VULNERABILITIES AND EXPOSURES (CVE), COMMON WEAKNESS ENUMERATION (CWE) PROGRAM Key points: 1. MITRE Corporation, a non-profit, is the sole awardee for this cybersecurity R&D contract. 2. The contract focuses on Capability Delivery (CD) and Common Vulnerabilities and Exposures (CVE) programs. 3. The procurement method is 'NOT COMPETED', raising questions about price discovery and potential alternatives. 4. The R&D sector is critical for national security, but the lack of competition warrants scrutiny.

Value Assessment

Rating: questionable

The contract's Cost Plus Fixed Fee (CPFF) structure can lead to cost overruns if not managed tightly. Benchmarking is difficult without competitive data, but the $28.97M value for a one-year R&D effort appears substantial.

Cost Per Unit: N/A

Competition Analysis

Competition Level: sole-source

This contract was not competed, meaning only one source, The MITRE Corporation, was solicited. This limits price discovery and may prevent the government from obtaining the best value or innovative solutions available from other qualified entities.

Taxpayer Impact: The lack of competition could result in taxpayers paying more than necessary for the services provided, as there was no market pressure to drive down costs.

Public Impact

Enhances national cybersecurity posture through R&D in vulnerability identification and mitigation. Supports critical infrastructure protection by addressing software weaknesses. Potential for advanced threat intelligence and defensive capabilities development.

Waste & Efficiency Indicators

Waste Risk Score: 50 / 10

Warning Flags

• Sole-source procurement limits competition.
• Cost Plus Fixed Fee contract type requires careful oversight.
• Lack of clear performance metrics for R&D outcomes.

Positive Signals

• Addresses critical cybersecurity needs.
• Leverages MITRE's established expertise in the field.
• Contract duration aligns with R&D project timelines.

Sector Analysis

This contract falls under Research and Development in Physical, Engineering, and Life Sciences. Cybersecurity R&D is a high-priority area for government spending, with significant investment aimed at staying ahead of evolving threats.

Small Business Impact

The contract was awarded to The MITRE Corporation, a large, non-profit organization. There is no indication that small businesses were involved as subcontractors or partners in this specific award.

Oversight & Accountability

Given the sole-source nature, robust oversight is crucial to ensure MITRE delivers on its objectives and manages costs effectively. The Office of Procurement Operations should monitor progress closely and validate the necessity of continued sole-source awards.

Related Government Programs

• Research and Development in the Physical, Engineering, and Life Sciences (except Nanotechnology and Biotechnology)
• Department of Homeland Security Contracting
• Office of Procurement Operations Programs

Risk Flags

• Lack of competitive bidding.
• Potential for cost overruns with CPFF.
• Limited transparency in sole-source justification.
• Difficulty in measuring R&D effectiveness.

Tags

research-and-development-in-the-physical, department-of-homeland-security, va, delivery-order, 10m-plus

Frequently Asked Questions

What is this federal contract paying for?

Department of Homeland Security awarded $29.0 million to THE MITRE CORPORATION. CAPABILITY DELIVERY (CD) AND COMMON VULNERABILITIES AND EXPOSURES (CVE), COMMON WEAKNESS ENUMERATION (CWE) PROGRAM

Who is the contractor on this award?

The obligated recipient is THE MITRE CORPORATION.

Which agency awarded this contract?

Awarding agency: Department of Homeland Security (Office of Procurement Operations).

What is the total obligated amount?

The obligated amount is $29.0 million.

What is the period of performance?

Start: 2023-04-17. End: 2024-04-16.

What is the justification for the sole-source award to The MITRE Corporation for this critical cybersecurity R&D?

The justification for a sole-source award typically involves unique capabilities, specialized knowledge, or urgent needs that only a specific entity can fulfill. For MITRE, this often relates to their role as a federally funded research and development center (FFRDC) with deep expertise in cybersecurity and government systems. A detailed justification document should outline why competition was not feasible or advantageous in this instance.

How will the Cost Plus Fixed Fee (CPFF) contract structure be managed to mitigate cost overrun risks in this R&D effort?

Effective management of a CPFF contract for R&D requires stringent oversight of direct costs, labor hours, and indirect expenses. The government contracting officer and technical team must closely monitor project progress against milestones, scrutinize all incurred costs, and ensure that the fixed fee remains appropriate for the work performed. Regular audits and performance reviews are essential to identify and address potential cost escalations proactively.

What are the measurable outcomes and performance metrics for this cybersecurity R&D contract to ensure effectiveness and value for taxpayers?

Measuring the effectiveness of R&D can be challenging, but key performance indicators (KPIs) should be established. These might include the successful development of new vulnerability detection tools, the creation of improved cybersecurity frameworks, the number of significant security flaws identified and mitigated, or the successful integration of new defensive technologies. Clear, quantifiable metrics are vital for assessing the contract's value and ensuring taxpayer funds are used efficiently.

Industry Classification

NAICS: Professional, Scientific, and Technical Services › Scientific Research and Development Services › Research and Development in the Physical, Engineering, and Life Sciences (except Nanotechnology and Biotechnology)

Product/Service Code: RESEARCH AND DEVELOPMENT › General Science and Technology R&D Services

Competition & Pricing

Extent Competed: NOT COMPETED

Solicitation Procedures: ONLY ONE SOURCE

Pricing Type: COST PLUS FIXED FEE (U)

Evaluated Preference: NONE

Contractor Details

Address: 7515 COLSHIRE DR, MC LEAN, VA, 22102

Business Categories: Category Business, Corporate Entity Tax Exempt, Nonprofit Organization, Not Designated a Small Business, Special Designations, U.S.-Owned Business

Financial Breakdown

Contract Ceiling: $44,309,193

Exercised Options: $44,309,193

Current Obligation: $28,967,283

Actual Outlays: $28,967,283

Contract Characteristics

Commercial Item: COMMERCIAL PRODUCTS/SERVICES PROCEDURES NOT USED

Cost or Pricing Data: YES

Parent Contract

Parent Award PIID: 70RSAT20D00000001

IDV Type: IDC

Timeline

Start Date: 2023-04-17

Current End Date: 2024-04-16

Potential End Date: 2024-04-16 00:00:00

Last Modified: 2025-09-25

More Contracts from THE Mitre Corporation

• Center for Advanced Aviation Development (caasd) Ffrdc Mitre — $1.7B (Department of Transportation)
• FY25 Task Order 7 - to Provide Systems Engineering Research and Development Services for the Department of Defense (DOD) and Other Federal Government Agencies — $753.9M (Department of Defense)
• FY24 Task Order 6 - Initial Funding and Updating PWS & DD254 — $735.3M (Department of Defense)
• Caasd Must Provide Essential Engineering, Research, and Analysis Capabilities to Support the FAA in the Performance of ITS Mission Through a Systems Approach That Addresses ALL Dimensions (E.G. Political, Operational, Economic, Technical) Required to — $700.5M (Department of Transportation)
• Initial Modification on Task Order 5 Nsec, Ffrdc to Incrementally Fund, Update PWS & DD254 — $687.3M (Department of Defense)

View all THE Mitre Corporation federal contracts →

Other Department of Homeland Security Contracts

• THE United States Coast Guard HAS a Requirement to Procure UP to Twenty-Six (26) Fast Response Cutters (frcs) on a Firm Fixed Price (FFP) Basis With an Economic Price Adjustment (EPA). Phase II of the FRC Program Will Complete the Fleet for a Total of 58 Cutters — $2.1B (Bollinger Shipyards Lockport, L.L.C.)
• Design and Construct NEW Vertical Barrier and Power Distribution, Lighting, Cameras, Equipment Shelters and Linear Ground Detection System (lgds) in Hildago County, NM — $1.8B (Fisher Sand & Gravel CO)
• Production&delivery of National Security Cutter (NSC) 6 — $1.7B (Huntington Ingalls Incorporated)
• YUM-2 Vertical Border and Waterborne Barrier Construction — $1.7B (Fisher Sand & Gravel CO)
• Construct Vertical Border Barrier — $1.6B (Fisher Sand & Gravel CO)

View all Department of Homeland Security contracts →

Explore Related Government Spending