Contact:
Object Management Group
+1-781-444 0404
[email protected]
Object Management Group Issues Request for Proposals for a DevSecOps Reference Architecture
A platform-independent description of DevSecOps
BOSTON, MA – JULY 15, 2025 – Object Management Group® (OMG®) issued a request for proposal (RFP) for a DevSecOps Reference Architecture. The proposal seeks a reference architecture (RA) platform-independent model (PIM) expressed in OMG architecture languages such as UAF or SysML.
DevSecOps is a software and systems development approach that integrates security practices throughout the entire product lifecycle. While a broadly understood concept, there are multiple definitions across the industry. This RA seeks to provide a consensus-based standard definition of capabilities, utilization patterns, and means to describe, assess, and improve the maturity, reliability, integrity, and security of DevSecOps implementations. It will enable organizations to securely, safely, and sustainably evaluate, implement, or acquire DevSecOps capabilities, principles, practices, processes, services, and tools.
"For organizations seeking to implement DevSecOps, the number of potential definitions, practices, and tools can be overwhelming," said Matt Wilson, Vice President at SimVentions and co-chair of the C4I Defense and Military Domain Task Force at OMG. "What is missing from the discussion is a common vocabulary and blueprint for implementing DevSecOps and assessing the resulting practices, processes, and tools. To develop a joint specification, we seek input from organizations that utilize, deliver, and understand DevSecOps."
The Letter of Intent deadline is November 1, 2025, and the initial submission deadline is November 10, 2025. The DevSecOps-RA should address the needs of a wide range of systems that pass through a DevSecOps pipeline. There are many requirements in the RFP, across a wide range of areas. If a company is unable to address all of the requirements outlined they are encouraged to still provide an initial submission and join our collaborative effort to reach consensus. Companies must be Domain or Contributing members of OMG by the initial submission deadline to submit their proposal.
Download the RFP for the DevSecOps Reference Architecture. You may respond to this RFP at [email protected].
About OMG
The Object Management Group® (OMG®) is an international, open membership, not-for-profit technology standards consortium with representation from government, industry and academia. OMG Task Forces develop enterprise integration standards for a wide range of technologies and an even wider range of industries. OMG's modeling standards enable powerful visual design, execution and maintenance of software and other processes. Visit www.omg.org for more information.
###
Note to editors: Object Management Group and OMG are registered trademarks of the Object Management Group. For a listing of all OMG trademarks, visit https://www.omg.org/legal/tm_list.htm. All other trademarks are the property of their respective owners.