Software modernization is about delivering better software at a much greater speed to the warfighters, the Defense Department’s acting deputy chief information officer for the information enterprise.
Danielle Metz provided a keynote address today from the Pentagon via remote video to Federal Computer Week’s Cloud Security and Services Workshop.
The goal, she said, is to increase technological capabilities across the department and strengthen overall adoption of enterprise systems to expand the competitive space in the cyber domain, as outlined in the Digital Modernization Strategy, which is a cornerstone of the National Defense Strategy.
That is achieved through innovation, resilient cybersecurity and cultivation of talent, she added.
Metz spoke about the great power competition with Russia and China and how it relates to cyberspace and other domains: “We can’t always count on having the newest capability or the greatest capacity in our forces. We must identify new advantages of our near-peer adversaries, and how we operate as a cohesive, integrated joint force. The Digital Modernization Strategy is the pursuit of new sources of advantage in future conflicts.
“Lots of the traditional advantages that DOD has enjoyed are being eroded and will continue to erode over the next 10 years, we need to look for new sources of advantage,” Metz continued.
The way the department develops and deploys software production systems is a source of new advantage, she said. This source is the bedrock of the department’s software modernization strategy.
The challenge, according to a recent DOD report, is recruiting, retaining, managing and developing a robust software workforce.
“There are two major institutional and cultural challenges that we are tackling: the rapid delivery of small amounts of capability into production, and transforming the processes to focus on software delivery, instead of hardware platforms,” she said.
The first cultural challenge is the rapid delivery of small amounts of capability into production. This is now common practice in the commercial software development industry. Current industry wisdom is to adopt a dev ops [development of information technology operations], or dev sec ops [referring to cybersecurity] model, delivering a minimum viable product, she said.
Dev ops, or development of information technology operations, has to do with the goal of increasing the speed of software delivery by enabling continuous collaboration, communication, automation and integration. Dev sec ops is a shortcut for dev ops, with the added “sec” referring to cybersecurity.
The second cultural challenge is that nearly all of the processes in the department push back on the idea of rapid delivery of small amounts of capability into production, she said. These processes have been refined throughout the decades of building big hardware-intensive weapons platforms.
However, not everything that a department delivers is an aircraft carrier or a bomber or satellite constellation, Metz said.
The way the department budgets, does acquisitions and build requirements, all need to be transformed in order to deliver more agility, she said.
“We are actively improving those business processes and changing the conversation [about] how we deliver software. There is good work going on in every area,” Metz said.