DCO-Space

The Defensive Cyberspace Operations Space (DCO-S) program is a key initiative within the United States Space Force (USSF), funded under Program Element 1203040SF. Its primary goal is to develop, test, and deploy defensive cyber capabilities that protect USSF mission systems, including their associated computer systems, software applications, and sensitive operational information. The program is focused on countering unauthorized intrusion, corruption, and destruction, with an emphasis on proactive defense, cyber threat recognition, damage assessment, recovery, and active response methodologies. These objectives are realized through research, development, testing, and acquisition activities aimed at enhancing the resilience of space mission systems against evolving cyber threats.

DCO-Suite Development is a major line item that supports the creation and enhancement of the DCO-S toolsets. This effort implements a combined Development/Security/Operations (DEVSECOPS) framework using the Software Acquisition Pathway (SWP) Adaptive Acquisition Framework. The suite is divided into two primary product lines: Manticore (Detect & Identify) and Kraken (Protect & Respond). These product lines utilize open-source and commercial tools, customized to address space-unique requirements such as protocol analytics. Development activities include expanding deployment, tuning, and rapid prototyping capabilities, with the goal of fielding these tools to multiple mission area locations based on operational priorities.

Product Line Integration focuses on integrating the Manticore and Kraken toolsets into the broader USSF enterprise ground portfolio. The objective is to identify shared platform, infrastructure, and data layer solutions to support open frameworks and architectures. Integration activities also include upgrading databases, supporting existing codebases, and ensuring seamless data stream integration with newly onboarded mission systems. This line item supports the transition from planning to execution phases, independent verification of minimum viable products, and operational acceptance of new capabilities.

Systems Engineering and Accreditation provides critical support for the security hardening and risk assessment of DCO-S software. This includes developing technical documentation, performing integration activities, tuning support, and preparing accreditation plans for security features and countermeasures. The program leverages lessons learned from other agencies and incorporates industry best practices to ensure optimum security features are in place when systems are operationally tested. Systems engineering efforts also facilitate the onboarding of complex classified mission systems and new data types, keeping pace with the evolving cyber threat landscape.

Cloud Hosting is an emerging component of the DCO-S program, aimed at developing and operationally accepting cloud environments to support the Joint Cyber Warfare Architecture (JCWA). This enables broader deployment of cyber defense capabilities and supports continuous integration and deployment (CI/CD) workflows. The cloud hosting initiative is designed to bring advanced threat detection, automated incident response, and enhanced network security monitoring to a wider set of users, improving the overall agility and scalability of USSF cyber defense operations.

Management Services, including Federally Funded Research and Development Centers (FFRDCs) and Advisory and Assistance Services (A&AS), provide mission assurance, technical analysis, and training support. These services help identify tactics, techniques, and procedures (TTPs), future-proof systems with the latest technology, and ensure the program remains aligned with government efficiency initiatives. The program also funds efforts to allow independent security researchers to report vulnerabilities, increasing the likelihood that bugs are identified and addressed before malicious exploitation occurs.

The DCO-S program is structured to rapidly respond to threats, implement system resiliency, and maintain situational awareness necessary to operate in the contested space domain. Activities include program office support, technical studies, experimentation, prototyping, and leveraging commercial, government, and international partnerships. The acquisition strategy emphasizes modular contracting and agile development, with continuous testing and integration scheduled through at least FY 2030. The program's objectives are to ensure USSF mission systems are protected against advanced persistent cyber threats, support operational needs, and maintain the security and integrity of critical space operations.