Transforming defense software development with Agile and DevOps
With the rapid pace of technological change, the U.S. Department of Defense is looking for the aerospace and defense industry to deliver performance at the speed of relevance. Nowhere is this being felt more acutely than in the development of the software that drives so many critical defense technologies.
Our industry is long known for producing game-changing hardware and platforms – aircraft carriers, tanks and fighter jets, for example. However, as Under Secretary of Defense Ellen Lord recently noted, “Defense technological advantage today is enabled by hardware, but its capability is defined by software.”
This is a sea change for industry. Development of defense software traditionally employed the waterfall process, where development programs moved sequentially via a series of steps and hand offs, starting with defining user needs and resulting in the delivery of a final product. This legacy process lends itself to long development and deployment cycles for delivery of any new capabilities.
That’s no longer good enough. Our customers are looking for rapid, iterative product development to keep pace with changes in technology and global competition. As a result, companies like mine are moving away from the traditional waterfall approach and adopting commercial software best practices such as the Agile and DevOps methodologies that are lean, iterative and incremental.
Agile is based on short bursts of software development with updates released for continuous improvement in order to provide delivery of incremental value to the end user.
The Minimum Viable Product (MVP) has been defined by Techopedia as a development technique where a new product is developed with sufficient features to satisfy initial users so that they can provide feedback to improve the next iteration. The next set of features is only designed and developed after considering feedback from the initial users.
DevOps expands beyond development (Dev) to include operations (Ops) and sustainment, all jointly focused on incremental feature delivery. It is a culture of collaborative relationships between functions and disciplines focused on continuous integration, testing, deployment and monitoring, from the beginning to the end of the product lifecycle. It includes constant communication, especially with users and customers, creating a feedback loop for adjustments. DevOps allows program teams to build, test and deploy software rapidly, frequently and more reliability. Teams can react quickly to both external and internal changes so that customers can immediately consume updates at a higher rate of quality.
A Continuous Integration (CI) and Continuous Delivery (CD) pipeline is an essential component for DevOps. CI/CD pipelines are where software changes are continuously integrated and where automated build, tests and deployments are orchestrated under a highly agile and automated workflow. The CI/CD pipeline includes an integrated set of tools that execute a workflow allowing code changes to make their way from the development environment into production. Baked into the CI/CD pipeline are automated deployment scripts that implement the installation and configuration of all components of a system, from hardware configuration to custom software installation.
A critical requirement for defense software is ensuring it is secure. This is accomplished with automated scripts and by including information assurance (IA) and/or cyber protection as part of the configuration of hardware and software components. Automation and integration of security into the pipeline is referred to as DevSecOps. To adopt DevOps and DevSecOps principles and methods, companies need to make sure the tools and computing and storage infrastructure chosen to support the automation loops for the CI/CD pipeline are agnostic of the development environment (i.e., hybrid cloud in classified and unclassified environments).
The CI/CD pipeline in conjunction with the infrastructure and people to enable the production of software applications or components according to end-user requirements through an iterative process, make up a modern Software Factory. Example benefits of instantiating a Software Factory are captured through faster initial fielding with incremental evolution, shorter review cycles, higher first-pass success rates and reducing cost. They also include improving quality through incremental and automated test and verification throughout development and automated security.
This transformation is just beginning. And it’s more than just adopting commercial methodologies. To best increase industry’s velocity requires a holistic approach. As such, the importance of culture, processes, tools and technologies for speeding software development and deployment was identified in recent reports and studies by the Defense Innovation Board and Defense Science Board. Only then will we be able to meet what Under Secretary Lord describes as, “an undeniable urgency to develop and deploy software faster, faster than our adversaries, in order to maintain strategic and tactical advantage.”