Action Kit: Blue UAS Select List & Drone Dominance Program

Event Type: Policy Change

Severity: HIGH

Affected Contractors: Drone manufacturers, ISR service providers, aerospace integrators, and defense technology firms

---

Immediate Actions (This Week)

• [ ] Verify your current drone inventory against the Blue List UAS catalog — Cross-reference all commercial drones in your product portfolio or supply chain with the 54 approved models (prioritize the 29 with 'select' status). Document any non-compliant systems immediately.
• [ ] Audit supply chain for foreign components from prohibited countries — Review NDAA (National Defense Authorization Act) Section 848 restricted entities (China, Russia, Iran, North Korea) across your drone hardware, software, and component suppliers. Flag any exposure to covered telecommunications equipment or services.
• [ ] Assess current proposals and contracts for Blue UAS alignment — Identify any active bids or delivery orders that specify drone/UAS capabilities. Determine if your proposed solution uses Blue List-approved systems or requires immediate substitution.
• [ ] Notify BD and capture teams of new procurement pathway — Brief business development on the streamlined Blue UAS acquisition process through DCMA's catalog. Update capture strategies for Army, DOD, and other defense agency opportunities.
• [ ] Download the complete Blue List UAS catalog from DCMA — Obtain the official list of approved vendors and models. Create an internal reference document mapping your capabilities to approved systems.

---

Short-Term Actions (30 Days)

• [ ] Conduct gap analysis for Blue UAS certification — If you manufacture drones or integrate UAS systems, map your current compliance posture against NDAA Section 848, DFARS (Defense Federal Acquisition Regulation Supplement) 252.225-7049 (foreign components restrictions), and supply chain risk management requirements. Identify certification pathways for your products.
• [ ] Update capability statements and past performance narratives — Revise marketing collateral to highlight Blue UAS-compliant systems, Fort Benning testing participation (if applicable), or partnerships with approved vendors. Emphasize supply chain transparency and domestic sourcing.
• [ ] Establish relationships with Blue List vendors — If you're a systems integrator or service provider (not a manufacturer), formalize teaming agreements or reseller partnerships with the 29 'select' status vendors. Document these relationships for proposal use.
• ] **Review CMMC (Cybersecurity Maturity Model Certification) and NIST 800-171 (NIST Special Publication 800-171) controls for UAS data handling** — Drone operations often involve CUI (Controlled Unclassified Information) (mission plans, ISR data, geolocation). Ensure your [CMMC Compliance Guide (/insights/cmmc-compliance-guide) protocols extend to UAS data storage, transmission, and processing. Update your System Security Plan (SSP) if drones access or generate CUI.
• [ ] Train technical staff on Blue UAS procurement requirements — Conduct internal workshops on the new DCMA catalog, approved models, and how to specify compliant systems in technical proposals. Ensure engineers understand foreign component restrictions.
• [ ] Monitor Fort Benning Drone Dominance Program results — Track announcements from the testing phase for insights into DOD performance priorities (endurance, payload capacity, cybersecurity features). Adjust product development or teaming strategies accordingly.

---

Long-Term Actions (90+ Days)

• [ ] Pursue Blue UAS certification for proprietary drone systems — If you manufacture UAS platforms, initiate the formal evaluation process with DCMA and Defense Innovation Unit (DIU). Budget 12-18 months for testing, supply chain validation, and approval. Engage legal counsel familiar with NDAA compliance.
• ] **Develop Blue UAS-specific capture plans for target agencies** — Build dedicated pipelines for Army, Air Force, Navy, and DHS (Department of Homeland Security) opportunities requiring compliant drones. Use the [Secure Operations Guide (/insights/secure-operations-guide) to structure your capture approach around supply chain transparency and operational security.
• [ ] Invest in domestic supply chain partnerships — Reduce reliance on foreign components by qualifying U.S.-based suppliers for critical drone subsystems (sensors, batteries, flight controllers). Document these relationships for source approval requests and proposal narratives.
• [ ] Expand past performance portfolio with Blue UAS contracts — Prioritize opportunities that allow you to demonstrate successful delivery of compliant systems. These references will be critical as the Blue List becomes the de facto standard for DOD drone procurement.
• ] **Integrate Blue UAS compliance into your CUI handling infrastructure** — Ensure your [CUI-Safe CRM Guide (/insights/cui-safe-crm-guide) protocols cover drone-related controlled information (flight logs, mission data, maintenance records). Implement access controls and audit trails for UAS operations data.

---

Compliance Checklist

This event triggers multiple regulatory and contractual compliance requirements:

• [ ] NDAA Section 848 (FY2020) — Prohibition on procurement of drones and components from covered foreign entities (China, Russia, Iran, North Korea, etc.). Verify no covered telecommunications equipment or services in your UAS supply chain.
• [ ] DFARS 252.225-7049 — Restriction on Acquisition of Certain Articles Containing Specialty Metals. Ensure drone airframes and components meet domestic melting/production requirements if delivering to DOD.
• [ ] Blue List UAS Catalog Compliance — Only the 54 approved models (29 with 'select' status) are authorized for DOD operational use. Proposals must specify catalog-listed systems or justify deviations with compelling mission need.
• [ ] Supply Chain Risk Management (SCRM) Documentation — Maintain traceability for all drone components, software, and firmware. Be prepared to provide supplier declarations, country-of-origin certificates, and cybersecurity assessments.
• ] **CMMC Level 2 (minimum)** — UAS operations involving CUI require CMMC certification. Ensure your [CMMC Compliance Guide (/insights/cmmc-compliance-guide) covers drone data handling, secure communications, and incident response for UAS-related breaches.
• [ ] NIST 800-171 Controls (CUI Protection) — Implement access control (AC), identification and authentication (IA), and system and communications protection (SC) families for any systems processing drone mission data or flight telemetry.
• [ ] GSA (General Services Administration) Schedule Compliance (if applicable) — If selling drones through GSA Schedule 84 (Security, Fire, Law Enforcement) or Schedule 70 (IT), update your catalog to reflect Blue List status and NDAA compliance.
• [ ] Cybersecurity Maturity for UAS Platforms — Address firmware integrity, encrypted communications, anti-spoofing/anti-jamming capabilities, and secure boot processes. DOD increasingly scrutinizes UAS cyber vulnerabilities.

---

Resources

• Blue List UAS Official Catalog — Defense Contract Management Agency Blue UAS Website (https://www.dcma.mil/) (search for "Blue UAS" on DCMA.mil)
• NDAA Section 848 Text — FY2020 National Defense Authorization Act, Section 848 (https://www.congress.gov/bill/116th-congress/house-bill/2500/text) (Prohibition on Certain Procurements from Covered Foreign Entities)
• DFARS 252.225-7049 — Restriction on Acquisition of Certain Articles Containing Specialty Metals (https://www.acquisition.gov/dfars/252.225-7049-restriction-acquisition-certain-articles-containing-specialty-metals.)
• DIU Blue UAS Resources — Defense Innovation Unit Blue UAS Program (https://www.diu.mil/) (search for "Blue sUAS" on DIU.mil)
• CMMC Compliance for UAS Contractors — CMMC Compliance Guide (/insights/cmmc-compliance-guide)
• CUI Handling for Drone Operations — CUI-Safe CRM Guide (/insights/cui-safe-crm-guide)
• Supply Chain Risk Management Framework — NIST SP 800-161 Rev. 1 (https://csrc.nist.gov/publications/detail/sp/800-161/rev-1/final)
• Secure Operations for Defense Contractors — Secure Operations Guide (/insights/secure-operations-guide)

---

How Cabrillo Club Automates This

Cabrillo Signals War Room has already detected this Blue UAS policy shift and delivered this briefing within minutes of the DCMA catalog launch. The War Room continuously monitors DOD policy updates, NDAA implementation guidance, and contract vehicle changes across defense agencies—so you never miss critical developments like the Drone Dominance Program expansion. Your team receives prioritized alerts when new models are added to the Blue List or when testing results from Fort Benning influence procurement priorities.

Cabrillo Signals Match Engine automatically rescored your opportunity pipeline the moment this event was detected. If you're tracking solicitations tagged with NAICS 336411 (Aircraft Manufacturing), 334511 (Search/Navigation Equipment), or keywords like "UAS," "ISR," or "unmanned systems," your match scores updated in real time to reflect the new Blue UAS compliance requirement. Opportunities from Army, DCMA, and other DOD agencies now factor in whether your proposed solution aligns with the approved catalog—giving you an immediate competitive intelligence advantage.

Cabrillo Signals Intelligence Hub tracks the 54 approved drone models, the 29 vendors with 'select' status, and related contract vehicles (GSA Schedule 84, Army IDIQ (Indefinite Delivery/Indefinite Quantity) vehicles). Use the saved search feature to configure alerts for follow-on solicitations matching "Blue UAS," "NDAA Section 848 compliant," or specific approved manufacturers. The Intelligence Hub also monitors Fort Benning test results and DCMA catalog updates, so you're notified when new models achieve certification or when procurement pathways change.

Proposal Studio (Proposal OS) generates compliance matrices that automatically cross-reference your drone specifications against the Blue List catalog and NDAA Section 848 requirements. When you're responding to an Army UAS RFP, Proposal OS pulls your past performance with compliant systems, drafts technical approaches emphasizing supply chain transparency, and populates win themes around domestic sourcing and cybersecurity maturity. The AI understands that Blue UAS compliance is now a discriminator and weights your narrative accordingly.

Proposal Studio Workflow Tracker triggers a 9-gate capture workflow the moment a Blue UAS-related opportunity enters your pipeline. It automatically routes supply chain compliance reviews to your contracts team, flags CMMC/NIST 800-171 requirements for your security officer, and generates audit-ready documentation packages proving your drone components meet DFARS restrictions. If you're teaming with a Blue List vendor, the Workflow Tracker manages supplier certifications, country-of-origin declarations, and cybersecurity assessments—ensuring nothing falls through the cracks during proposal development.

Ready to automate your Blue UAS compliance and capture strategy? Explore these features in your Cabrillo Club dashboard, or contact your account manager to configure custom alerts for drone-related opportunities across your target agencies.

---