# 2026-0099 NCDF Expert and Test Tool Designer / Implementer (NS) - MON 27 Jul

**Company:** [EMW, Inc.](http://jobs.workable.com/companies/rxTcVwBJTwXzUuxD5bzFUW.md)
**Location:** The Hague, Netherlands
**Workplace:** hybrid
**Employment type:** Contract
**Department:** AAS

[Apply for this job](http://jobs.workable.com/view/d73adbb2-65eb-4f32-abbb-f77d724f5ae9)

## Description

**BIDDING INSTRUCTIONS**

-   Suppliers shall submit a technical proposal describing the proposed workplan and resource allocation, together with a CV for each resource included in the proposed team.

**Deadline Date:** Monday 27 July 2026

**Requirement:** NCDF Expert and Test Tool Designer/Implementer

**Location:** Offsite, collaborating with team members from NCI Agency, The Hague, Netherlands, with TDY to various locations throughout NATO. (See Section 10 Terms)

**Period of Performance:** 1 August 2026 to 31 December 2026

**Required Security Clearance:** NATO SECRET

**1\. OVERALL SCOPE**

The NATO Information and Communication Agency (NCI Agency) is engaged in the development, implementation, and testing of NATO standards that form part of the Command and Control (C2) information exchange specifications for NATO. NCI Agency is also engaged in the support to standardization bodies to provide the technical expertise.

In support of these activities, the Command-and-Control Centre requires the provision of one or more resources experienced in NCDF (STANAG 5659 and STANAG 5653) and NIRIS TITO framework with strong experience in standard definition and SW implementation and test (hereafter referred to as the "Contractor") to deliver defined technical outputs and associated documentation in accordance with the agreed scope, quality standards, and timelines.

Specifically, the Contractor shall be integrated within the project teams responsible for the design, documentation, development, and testing of NATO Core Data Framework (NCDF) and CESMO and their associated software implementations.

Under the overall supervision of the Project Managers (PMs) and the technical direction of the Project's Technical Leaders, the Contractor shall contribute to the development, refinement, and maintenance of the designated NATO standards and associated tools. The Contractor shall also support the planning, preparation, execution, and assessment of validation and interoperability events.

The Contractor's responsibilities shall include, but not be limited to:

-   Implement the standards within NATO Tools.
-   Editing, reviewing, and contributing to relevant sections of selected NATO standards (e.g. NCDF and CESMO) related information definition and exchange and verification and validation.
-   Participating in technical and coordination meetings as required by the PM and Technical Leader.
-   Maintaining and updating the development backlog, including progress reporting, comments, risk identification, and issue tracking.
-   Producing agreed technical deliverables in accordance with defined acceptance criteria, quality standards, and timelines.
-   Ensuring structured knowledge transfer to NCIA personnel and designated stakeholders throughout the contract execution, including preparation of technical documentation, architectural explanations, code walkthroughs, and operational guidance.
-   Supporting formal knowledge handover sessions prior to contract completion to ensure continuity, maintainability, and long-term sustainability of the delivered solutions.
-   All source code, scripts, configuration items, and documentation produced under this contract shall be stored and maintained under configuration management within the NATO Software Factory environment.
-   Coordination and development activities shall be performed remotely through secure access to NCIA systems using an unclassified computer.

The Contractor shall operate as part of a multidisciplinary development team following the SCRUM methodology. The scope, content, and acceptance criteria of each deliverable shall be defined by the Technical Leader and formally approved by the Project Manager. Completion and acceptance of deliverables shall include verification that adequate documentation and knowledge transfer activities have been performed.

**2\. DELIVERABLES**

This contract is deliverable-based. Payment shall be linked exclusively to the satisfactory completion and formal acceptance of defined deliverables or percentage of them in accordance with agreed scope, quality standards, timelines, and acceptance criteria.

**2.1 Delivery and Acceptance Process**

For each deliverable, the Contractor shall submit a completed Delivery Acceptance Sheet (DAS) to the Purchaser using the template provided in Annex B.

Each DAS shall clearly reference the associated deliverable identifier; describe the content delivered; confirm compliance with agreed acceptance criteria; reference supporting artefacts (code repository location, documentation, test results, validation evidence); and declare completion of associated knowledge transfer activities where applicable.

The Purchaser shall review the deliverable within the agreed review period and formally confirm acceptance by signing the Delivery Acceptance Sheet.

Where deficiencies are identified, the Purchaser shall provide consolidated feedback. The Contractor shall address the comments and resubmit the deliverable for acceptance.

No delivery shall be considered complete until formally accepted in writing by the Purchaser.

**2.2 Kick-Off and Planning**

The Contractor shall participate in a kick-off meeting within one (1) working week following contract signature. The meeting may be conducted virtually via electronic conference capabilities.

During the kick-off meeting, the Contractor shall be assigned to one or more C2C projects, and the scope, priorities, dependencies, and initial backlog shall be reviewed.

Within one (1) working day the Contractor shall present a preliminary execution plan outlining the proposed approach, deliverable breakdown, milestones, assumptions and dependencies, and identified risks and mitigation proposals.

The execution plan shall be reviewed and, where necessary, amended in agreement with the Purchaser. The agreed plan shall serve as the baseline for performance monitoring.

The Contractor shall issue meeting minutes via email within two (2) working days, capturing at minimum key decisions, assigned actions, updated risks, and agreed next steps.

**2.3 Status Reporting and Governance**

The Contractor shall participate in regular status meetings, either in person (where feasible) or via electronic conference means. The frequency of such meetings shall be defined during the kick-off meeting.

The Contractor shall initiate the recurring meetings; provide structured status updates covering progress against deliverables; report on risks, issues, and mitigation actions; update the development backlog and planning artefacts; and highlight deviations from scope, schedule, or quality baselines.

Minutes shall be distributed within two (2) working days and shall include decisions taken and action items with assigned responsibilities and due dates.

Performance shall be measured against agreed deliverables and milestones, not against level of effort.

**2.4 Technical Deliverables**

The Contractor shall support and contribute to the development of the TITO API software code; the development of the TITO API software documentation, test evidence, configuration artefacts, and validation reports; the validation of such standards through structured testing and interoperability events; the design and implementation of concept demonstrators; development of the STANAG 5659 test tools; and the preparation and execution of on-site and off-site validation activities, including interoperability exercises.

All deliverables shall be traceable to defined requirements; include appropriate technical documentation; be stored under configuration management within the NATO Software Factory; include evidence of validation and testing; and incorporate structured knowledge transfer to ensure sustainability and continuity.

**2.5 Intellectual Property, Configuration, and Continuity**

All code, scripts, documentation, configurations, and artefacts developed under this contract shall be stored within the designated NATO configuration management environment; fully documented to enable maintainability; and delivered with sufficient technical detail to allow independent continuation by NCIA personnel.

Completion of deliverables shall include verification that documentation, repository updates, and knowledge transfer obligations have been fulfilled.

**3\. DELIVERABLES**

All of the defined deliverables can be addressed as briefings, reports, designs (proof of concept demonstrators) or specifications using a well-defined NCI Agency-specified format, or where required Jira.

All deliverables are to be peer reviewed within the deliverable cycle. Input and guidance will be provided by NCI Agency in written form or/and during the targeted review meetings.

The deliverables described above will be provided, within the quarter of performance, in an incremental manner.

The tables below provide, for each deliverable, a quarterly breakdown of the key material and immaterial components planned for execution in 2026, along with the related acceptance criteria and Key Performance Indicators (KPIs), consolidated into a dedicated table per deliverable.

**3.1 D01 - Implement Messages of CESMO AEDP-13 / AEDP-13.3.1 Ed. B in TITO API**

**Q3 - Capture the AEDP-13 Edition B in XML based on the TITO Schemas**

**Acceptance Criteria:** XML representation of AEDP-13 Edition B is produced and aligned with the applicable TITO schemas; the structure is complete for the agreed scope; artefacts are reviewed and accepted by NCIA SMEs.

**KPI:** 100% of agreed AEDP-13 Edition B message structures captured in XML; 0 critical schema validation errors; review completed and accepted.

**Q3 - Capture the AEDP-13.3.1 in XML based on the TITO Schemas**

**Acceptance Criteria:** XML representation of AEDP-13.3.1 is produced and aligned with the applicable TITO schemas; the structure is complete for the agreed scope; artefacts are reviewed and accepted by NCIA SMEs.

**KPI:** 100% of agreed AEDP-13.3.1 message structures captured in XML; 0 critical schema validation errors; review completed and accepted.

**Q3 - Produce Code for the Scanner, Parser and Decoder Based on the TITO API Framework**

**Acceptance Criteria:** Code is implemented for the agreed scanner, parser, and decoder functions; the code builds and runs in the target environment; functionality is demonstrated against agreed XML inputs; no critical defects remain open.

**KPI:** 100% of agreed functions implemented; successful build and execution; 0 critical defects; at least 90% of planned unit tests passed.

**Q3 - Produce Core for the Composer and Sequencer Based on the TITO API Framework**

**Acceptance Criteria:** Core functionality for the composer and sequencer is implemented in line with the agreed design; the code integrates with the TITO API framework; outputs are generated correctly for agreed scenarios; no critical defects remain open.

**KPI:** 100% of agreed core functions implemented; successful integration with the TITO API; 0 critical defects; at least 90% of planned unit tests passed.

**Q3 - Test the Produced Code and Overall API**

**Acceptance Criteria:** Test activities are completed for the implemented components and the overall API; test results are recorded; defects are tracked and resolved or formally accepted; test evidence is provided to NCIA.

**KPI:** 100% of planned test cases executed; 0 critical defects open at acceptance; test report delivered; at least 95% pass rate for agreed functional tests.

**Q3 - Document the Produced Code (e.g. in-Code, API, SID, Code-Level Test)**

**Acceptance Criteria:** Documentation is complete, consistent, and sufficient to support maintenance and reuse; code comments, API description, SID content, and code-level test evidence are delivered and reviewed by NCIA SMEs.

**KPI:** 100% of agreed documentation delivered; documentation review completed; 0 major documentation gaps identified at acceptance.

**Q3 - Transfer Knowledge to NCIA SMEs**

**Acceptance Criteria:** Knowledge transfer sessions are conducted; relevant technical material is shared; NCIA SMEs are briefed on design, implementation, testing, and usage aspects; handover is completed and acknowledged.

**KPI:** At least 1 formal knowledge transfer session delivered; handover material shared; attendance by identified NCIA SMEs; handover completion confirmed by NCIA.

Note: This deliverable requires one travel to the NCI Agency in The Hague.

**3.2 D02 - Implement STANAG 5659 Test Tool**

**Q3 - Improve the NCDF API Test Tool**

Scope includes: implementing tests for missing Business Rules (NCDF-362); further implementing the client tester with sufficient reporting (NCDF-356); designing and implementing a web GUI to run the tests, fully encapsulated in a Docker container (NCDF-363); extending coverage to include NCDF Security Architecture (NCDF-354); and resolving the issues and improvements identified at CWIX26.

**Acceptance Criteria:** The agreed improvements are implemented in the NCDF API Test Tool; the new and updated test capabilities operate as intended; the web GUI is functional and supports execution of tests within a Docker-based deployment; the identified CWIX26 issues are addressed or formally dispositioned; and the updated tool is reviewed and accepted by NCIA SMEs.

**KPI:** 100% of agreed NCDF-362, NCDF-356, NCDF-363, and NCDF-354 tasks completed; 0 critical defects open at acceptance; all identified CWIX26 issues addressed or dispositioned; successful execution of agreed tests in Docker environment.

**Q3 - Update Development User Manual**

**Acceptance Criteria:** The development user manual is updated to reflect the latest NCDF API Test Tool capabilities, configuration, execution steps, and reporting features; the manual is complete, consistent, and suitable for developer and tester use.

**KPI:** 100% of agreed updates incorporated; manual delivered by end of Q3; documentation reviewed and accepted by NCIA SMEs; 0 major documentation gaps identified.

**Q3 - Install the NCDF API Test Tool in NSF**

**Acceptance Criteria:** The NCDF API Test Tool is successfully installed in the NATO Software Factory (NSF); the installation is repeatable; the environment is configured correctly; and the deployed tool is ready for execution of agreed tests.

**KPI:** Successful installation completed in NSF; installation guide or instructions provided; deployment verified in target environment; 0 critical installation issues open.

**Q3 - Test the NCDF API Test Tool**

**Acceptance Criteria:** The NCDF API Test Tool is tested against the agreed functional and technical scope; test results are recorded; defects are tracked and resolved or formally accepted; and evidence of successful testing is provided to NCIA.

**KPI:** 100% of planned test cases executed; at least 95% pass rate for agreed tests; 0 critical defects open at acceptance; test report delivered.

**Q3 - Document the Produced Code (e.g. in-Code, API, SID, Code-Level Test)**

**Acceptance Criteria:** Documentation is complete, consistent, and sufficient to support maintenance, reuse, and further development; in-code comments, API documentation, SID content, and code-level test evidence are delivered and reviewed by NCIA SMEs.

**KPI:** 100% of agreed documentation delivered; documentation review completed; 0 major documentation gaps identified at acceptance.

**Q3 - Transfer Knowledge to NCIA SMEs**

**Acceptance Criteria:** Knowledge transfer sessions are conducted; relevant technical and operational material is shared; NCIA SMEs are briefed on architecture, implementation, installation, testing, and use of the NCDF API Test Tool; and handover is completed and acknowledged.

**KPI:** At least 1 formal knowledge transfer session delivered; handover material shared; attendance by identified NCIA SMEs; handover completion confirmed by NCIA.

Note: This deliverable requires one travel to the NCI Agency in The Hague.

**3.3 D03 - CESMO Generator**

**Q4 - System Requirements Specification (SRS)**

Functional and non-functional requirements derived from AEDP-13 / 13.3.1 Ed. B, including performance, interoperability, and compliance criteria.

**Acceptance Criteria:** The SRS is delivered and covers the agreed functional and non-functional requirements; requirements are clear, consistent, and traceable to AEDP-13 / AEDP-13.3.1 Ed. B; and the document is reviewed and accepted by NCIA SMEs.

**KPI:** SRS delivered by end of Q4; 100% of agreed requirement areas covered; requirements traceable to source clauses; 0 major review comments open at acceptance.

**Q4 - Standards Compliance & Traceability Matrix**

Mapping of AEDP-13 clauses to implemented features, including message structures, behaviour, and timing requirements.

**Acceptance Criteria:** The matrix maps the agreed AEDP-13 / AEDP-13.3.1 requirements to implemented features and test evidence; traceability is complete for the agreed scope; and the matrix is reviewed and accepted by NCIA SMEs.

**KPI:** 100% of agreed clauses mapped; traceability matrix delivered by end of Q4; 0 critical traceability gaps identified at acceptance.

**Q4 - High-Level Architecture Document (HLD)**

Overall system design, modules (traffic engine, message builder, protocol handler), interfaces, and deployment topology.

**Acceptance Criteria:** The HLD describes the agreed system architecture, including the traffic engine, message builder, protocol handler, interfaces, and deployment view; the architecture is technically coherent and aligned with the agreed scope; and the document is reviewed and accepted by NCIA SMEs.

**KPI:** HLD delivered by end of Q4; 100% of agreed architectural elements covered; 0 major architecture review comments open at acceptance.

**Q4 - Low-Level Design Document (LLD)**

Detailed component logic, state machines, message sequencing, configuration parameters, and data handling.

**Acceptance Criteria:** The LLD provides sufficient design detail to support implementation, maintenance, and verification; detailed logic and interfaces are documented for the agreed scope; and the document is reviewed and accepted by NCIA SMEs.

**KPI:** LLD delivered by end of Q4; 100% of agreed detailed design elements covered; 0 major design gaps identified at acceptance.

**Q4 - Development and Delivery of an Active Traffic Generator Compliant with CESMO AEDP-13 / AEDP-13.3.1 Ed. B**

**Acceptance Criteria:** The Active Traffic Generator is implemented and delivered; it generates traffic in line with the agreed CESMO AEDP-13 / AEDP-13.3.1 Ed. B scope; functionality is demonstrated in the agreed environment; and no critical defects remain open at acceptance.

**KPI:** Active Traffic Generator delivered by end of Q4; 100% of agreed core functions implemented; successful demonstration completed; 0 critical defects open at acceptance.

**Q4 - Implementation & Configuration Guide**

Installation instructions, runtime configuration (traffic patterns, load profiles, endpoints), and operational parameters.

**Acceptance Criteria:** The guide provides clear instructions for installation, configuration, and operation of the Active Traffic Generator; runtime parameters are documented for the agreed scope; and the document is reviewed and accepted by NCIA SMEs.

**KPI:** Guide delivered by end of Q4; 100% of agreed installation and configuration topics covered; 0 major documentation gaps identified at acceptance.

**Q4 - Unit & Integration Test Specification**

Test cases covering message generation, protocol compliance, timing behaviour, error handling, and boundary conditions.

**Acceptance Criteria:** The test specification defines the agreed unit and integration test cases for the Active Traffic Generator; test cases are complete, consistent, and traceable to requirements; and the document is reviewed and accepted by NCIA SMEs.

**KPI:** Test specification delivered by end of Q4; 100% of agreed test areas covered; full traceability to requirements established; 0 major review comments open at acceptance.

**Q4 - Performance & Load Test Report**

Validation of throughput, latency, scalability, and stability under defined traffic scenarios and stress conditions.

**Acceptance Criteria:** Performance and load tests are executed for the agreed scenarios; results are recorded and analysed; the report provides evidence of throughput, latency, scalability, and stability; and the report is reviewed and accepted by NCIA SMEs.

**KPI:** 100% of agreed performance and load test scenarios executed; report delivered by end of Q4; 0 critical performance test issues left undocumented.

**Q4 - Test Summary & Compliance Report**

Consolidated evidence package demonstrating compliance, including traceability matrix updates, defect resolution status, and certification readiness.

**Acceptance Criteria:** The report consolidates the agreed test and compliance evidence; it includes updated traceability information, defect status, and readiness assessment; and it is reviewed and accepted by NCIA SMEs.

**KPI:** Report delivered by end of Q4; 100% of agreed evidence package included; defect status documented; certification readiness assessment completed.

**Q4 - Transfer Knowledge to NCIA SMEs**

**Acceptance Criteria:** Knowledge transfer sessions are conducted; relevant technical, architectural, design, testing, and operational material is shared; NCIA SMEs are briefed on the delivered Active Traffic Generator and associated artefacts; and the handover is completed and acknowledged.

**KPI:** At least 1 formal knowledge transfer session delivered; handover material shared; attendance by identified NCIA SMEs; handover completion confirmed by NCIA.

Note: This deliverable requires one travel to the NCI Agency in The Hague.

**4\. COSTS**

The Cost breakdown below provides the contractual value allocated to each deliverable and specifies the corresponding project against which the cost shall be charged. For each deliverable, the agreed fixed amount is payable upon formal acceptance through the signed Delivery Acceptance Sheet (DAS).

**D01 (Project 16-21541 - NHQ IS (AIS) - CESMO Test and Verification):**

**D02 (Project 16-21600 - ACT IOS 2026):**

**D03 (Project 16-21541 - NHQ IS (AIS) - CESMO Test and Verification):**

**5\. SCHEDULE**

The Schedule of Deliverables below defines the planned timeline and sequencing of all contractual outputs. For each deliverable, the expected percentage of completion per quarter is indicated, providing visibility on progressive maturity, interim milestones, and staged performance measurement. These quarterly completion percentages serve as planning and monitoring references and do not replace the formal acceptance process, which remains subject to the submission and approval of the corresponding Delivery Acceptance Sheet (DAS).

**D01:** 100% by Q3 2026.

**D02:** 100% by Q3 2026.

**D03:** 100% by Q4 2026.

**6\. DELIVERABLE AND PAYMENT MILESTONES**

This requirement is for the delivery of the Deliverable Products, associated with the mandatory projects and activities identified in Section 2 above, which will be determined and agreed at the kick-off meeting.

The Contractor will provide a consolidated quarterly report, in the form of a completed Delivery Acceptance Sheet (DAS), annotating with precision the deliverables produced for the projects and activities supported.

Payment will be issued for each deliverable in line with the percentages specified at Section 5 of this document, following the presentation and signing of the DAS.

**7\. OPTIONAL SCOPE OF WORK AND ASSOCIATED DELIVERABLES AND PAYMENT MILESTONE**

Contract optional extensions may be awarded at the discretion of the NCI Agency.

At award of any option, the Deliverable Products, associated with the projects and activities identified in Section 2 with the indication of "optional", will be determined and agreed at the kick-off meeting.

The Contractor will provide a consolidated monthly report, in the form of a completed Delivery Acceptance Sheet (DAS), annotating with precision the deliverables produced for the projects and activities supported.

Payment will be provided at the end of each quarterly option.

**8\. PERIOD OF PERFORMANCE**

The services are to be provided from 1 August 2026 through 31 December 2026.

**9\. SECURITY CLEARANCE**

Staff employed by the Contractor on this contract require a valid NATO SECRET security clearance.

The expected classification level of the deliverables is NATO UNCLASSIFIED. However, in some particular circumstances it might be decided that a part of the deliverables will be classified as NATO RESTRICTED.

The execution of duties requires the Contractor to access classified information up to NATO SECRET.

**10\. TERMS**

The execution of this contract will be coordinated by the NCIA C2C PMs leading the required deliverables. The level of the required services and its specifics are volatile and hardly predictable up front, however based on track records and historic data, it is estimated that at least a team of 1 (one) full time contractor would be required for all the periods.

Work on the contract will be performed at the contractor's premises, with 4 weeks on-site at office and lab space at the NCI Agency in The Hague: 2 weeks no later than 2 weeks after the kick-off meeting, and 2 weeks at the beginning of December 2026 to execute the handover activities.

This Task Order may require scheduled travel. The travel costs are included in the offer and cannot be billed separately to the purchaser.

A NCIA computer will be provided by NCI Agency-NL for the duration of this contract.

NATO will retain the intellectual property rights for all products developed in relation to this project.

**11\. SPECIFIC EXPERTISE REQUIREMENTS**

\[See Requirements\]

## Requirements

**9\. SECURITY CLEARANCE**

-   Staff employed by the Contractor on this contract require a valid NATO SECRET security clearance.

**11\. SPECIFIC EXPERTISE REQUIREMENTS**

The following expertise and knowledge is considered essential for this contract:

**Required:**

-   Proven experience in the redaction of NATO standards.
-   Proven experience in the test of the ADatP-36 and the STANAG 5659 standards.
-   Proven knowledge of, and practical experience in, the operational or technical use of NCDF microservices supported by NCI Agency.
-   Proven knowledge of, and practical experience in, modern test engineering and test management methods and paradigms.
-   Proven up-to-date knowledge of computer system architectures, systems security, client/server, LAN/WAN and network concepts, test techniques, Database Management Systems (DBMS) and data management concepts.
-   Proven recent experience in planning and execution of validation activities within large-scale C2 exercises.
-   2 years of programming experience in one or more of JAVA, JavaScript, Angular, Python, C#.
-   Recent experience with XML and JSON technologies.
-   Recent experience with the Robot Framework test engine.
-   Staff provided by the Contractor must have the nationality of one of the NATO nations.
-   Staff provided by the Contractor must have an excellent command of spoken and written English.

**Desirable:**

-   Bachelor's degree in Computer Science, Information Technology or a closely related engineering field would be considered an advantage.
-   Experience in the test of the CESMO AEDP-13 / AEDP-13.3.1 Ed. B would be considered an advantage.
-   Experience working in the NATO Software Factory (NSF) would be considered an advantage.
-   Experience supporting a recent NATO Interoperability exercise would be considered an advantage.
-   Experience interpreting and/or capturing business and user requirements through use cases and developing test cases accordingly would be considered an advantage.
-   Experience working with STANAGs 4774 and 4778 would be considered an advantage.
-   Knowledge of NATO FFT, COT, JDSS, NCDF and other military or civilian interoperability standards for messaging and data exchange would be considered an advantage.
