惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

S
Secure Thoughts
雷峰网
雷峰网
罗磊的独立博客
T
The Blog of Author Tim Ferriss
阮一峰的网络日志
阮一峰的网络日志
量子位
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
云风的 BLOG
云风的 BLOG
人人都是产品经理
人人都是产品经理
GbyAI
GbyAI
Cisco Talos Blog
Cisco Talos Blog
Engineering at Meta
Engineering at Meta
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
A
About on SuperTechFans
D
Darknet – Hacking Tools, Hacker News & Cyber Security
The Cloudflare Blog
Know Your Adversary
Know Your Adversary
T
Threat Research - Cisco Blogs
Spread Privacy
Spread Privacy
D
DataBreaches.Net
T
The Exploit Database - CXSecurity.com
K
Kaspersky official blog
Cyberwarzone
Cyberwarzone
爱范儿
爱范儿
U
Unit 42
Security Latest
Security Latest
M
MIT News - Artificial intelligence
月光博客
月光博客
Scott Helme
Scott Helme
G
Google Developers Blog
有赞技术团队
有赞技术团队
T
Tor Project blog
宝玉的分享
宝玉的分享
Y
Y Combinator Blog
博客园 - Franky
H
Hackread – Cybersecurity News, Data Breaches, AI and More
aimingoo的专栏
aimingoo的专栏
The GitHub Blog
The GitHub Blog
V
V2EX
B
Blog
Apple Machine Learning Research
Apple Machine Learning Research
S
Securelist
博客园 - 三生石上(FineUI控件)
Blog — PlanetScale
Blog — PlanetScale
TaoSecurity Blog
TaoSecurity Blog
Stack Overflow Blog
Stack Overflow Blog
P
Proofpoint News Feed
腾讯CDC
D
Docker
Google Online Security Blog
Google Online Security Blog

MeriTalk

Eliminating Silos in IT/OT Cybersecurity Is a Funding Challenge, Not a Technical One The FedRAMP High Supply Crisis Is a Federal Security Problem – Not a Procurement Footnote How More Tightly Focused Software Development Initiatives Will Unlock Innovation Across Government Transforming Federal Cybersecurity Through Private Sector Innovation Evolving Zero Trust and Embedded AI – Federal Government Cybersecurity Predictions for 2026 Unlocking AI’s Potential in High-Assurance Environments Accelerate Agentic AI in the Federal Government: Top Takeaways Why Congress Must Reauthorize the Technology Modernization Fund Make Cybersecurity a Key Ingredient of Modernization How Spectro Cloud’s PaletteAI Secure helps agencies scale AI securely, compliantly, and confidently Fix the Foundation: How Hybrid Cloud and Trusted Data Enable Government AI New Google Workspace Cost-Saving Offer Available for U.S. Federal Government Reinventing FedRAMP in the Age of AI Balancing Security and Efficiency: The Federal IT Dilemma in the AI Era Meeting Evolving State and Local Cyber Threats AI Is the Solution to Stop AI Data Theft Enhancing U.S. Government Operations with AI and Human-Centered Design How FinOps Can Help Agencies Slash Cloud Costs in 5 Steps Will Quantum Computing Weaken or Strengthen Cybersecurity of Federal Systems? Improving Citizen and Federal Employee Experience with Virtual AI Assistants Strategies for Securing the Federal Supply Chain Reframing the U.S. Government’s Approach to Cybersecurity Oversight Three Steps Agencies Can Take to Meet Government’s AI Requirements The Impact of NIST’s PQC Standardization on the Federal Cybersecurity Ecosystem Generative AI is Revolutionizing Federal Government Operations NIST’s new PQC Algorithms and What They Mean for Federal Agencies Addressing the U.S. Quantum Labor Shortage Before It’s Too Late How a Community Vigil Approach and Secure by Design are Critical to Software Cybersecurity Addressing the Talent Shortage: How Digital Government Improves Satisfaction, Retention Here’s What We Can Learn (and Do) About Cybercrime from FBI’s Latest Internet Crime Report Implementing AI Assurance Safeguards Before OMB’s December Deadline The Next AI Wave: Quantum AI CDM’s Evolution to Non-Traditional Technology: Why Now and How Will it Succeed? Customer Expectations Require Agencies to Raise the Bar on Customer Experience, Report Shows Applying for Government Benefits Shouldn’t Be Difficult When It Comes to Identity Verification Four Federal Software Supply Chain Security Trends to Watch FedRAMP Baseline Transition Points to OSCAL-Native Tools What Zero Trust Means for Modern Government: Best Practices for Key Tenets Four Ways to Handle the IT Funding Crunch Agencies Need to Get Creative to Fill the Cyber Workforce Gap Customer Identity trends report shows control trumps convenience Federal Agencies Making Strides Toward Sustainability and Climate Action Executive Order 14028 | Improving the Nation’s Cybersecurity Depends on Data | All Data is Security Data Applying Geospatial Intelligence, AI/ML to Climate Change Challenge My Cup of IT: Angry at Arthritis, Hunting for Cures How the Federal Government Can Help Combat a Fragmented Internet Accelerating Cybersecurity for US Critical Infrastructure Getting in on the Ground Floor of the ‘New Observability’ Comply-to-Connect is Key to Zero Trust for DoD How Will Upcoming Cryptocurrency Regulations Affect Industry? My Cup of IT: Cup Cake for Kushner? Launching a New Era of Government Cloud Security Managing IT Complexity in Federal Agencies Agencies Must Modernize Zero Trust Approaches to Achieve Optimal Protection Five Essential Metrics for Measuring Federal Government CX Unlocking the Benefits of 5G and Beyond The Federal Factory of the Future: How AI is Transforming Manufacturing The Quantum Impact on Cyber How Next-Gen Computers Will Transform What’s Possible for Federal Government Agencies Must Take an Authentic Approach to Synthetic Data Biometrics and Privacy: Finding the Perfect Middle Ground Two-Way Street: Why Officials and Constituents Are Equally Responsible for Securing the Midterms The “Programmable World” Will Bring the Best of the Virtual World Into the Physical One Cyberattacks are a Common Occurrence and the Costs are Higher Than Ever Increasing Equity Through Data and Customer Experience The AI Edge: Why Edge Computing and AI Strategies Must Be Complementary How Metaverses and Web3 can Reshape Government Four Emerging Technology Trends set to Impact Government Most 5G Enables AI at the Edge Plugging Cyber Holes in Federal Acquisition Resilient Critical Infrastructure Starts with Zero Trust The Evolution of Government Tech Procurement Under CMMC 2.0 Zero Trust Requires Continuous, Tested Security for Federal Agencies How Multi-INT Fusion Accelerates Mission Intelligence for Real-Time Decision Advantage Three Things to Consider for Responsible AI in Government Legislation, White House Orders Show Agencies Opportunity for Hybrid Cloud Realizing Upsides for Digital Security in the Hybrid Workplace A Future With AI and ML: The Power of Workforce Education Five Tips to Begin MFA Integration and Embrace Zero Trust The Vital Intersection Between Equity and Digital Transformation Equity as a Platform: Applying a New Mindset to Scale Innovation Harnessing the Right Data for Evidence-Based Equity From EO to Action: Human Factors of Enabling a Cyber Safety Review Board For Equity in Government Services, It’s Time to Change the Paradigm Critical Questions to Ask When Considering Explainable AI (XAI) for Your Federal Agency The Telework Model for Government: COVID Lessons for Building an Effective Workforce DevSecOps: 4 Steps for Mitigating the Next Cyber Attack in Your Federal IT Environment Better Cyber Hygiene Helps, but Federal Security Needs SASE Lift DoD, Feds Plot Top Cyber, Cloud Priorities for 2022 Cloud-Native Government: How to Transform With Intention DoD and VA Health Networks Face Growing Threat From Medical-Device Vulnerabilities New Federal Cybersecurity Requirements: How Agencies Should Implement a Zero Trust Architecture Protecting Our Nation Through Big Data Analytics Three Ways COVID-19 Altered Federal, State IT Budget Allocations Ransomware is More Than a Cybersecurity Issue From Me to We: Take the Mission Further With Multiparty Systems Anywhere, Everywhere: Integrating Your Virtual Workplace ‘I, Technologist’: Empowering Innovators in the Federal Workforce Mirrored World: Digital Twins Report for Duty Across Government Stack Strategically: Rearchitecting Government for What’s Next
Creating an Effective Framework for DoD’s Software Factories
Ki Lee · 2022-03-11 · via MeriTalk

The Department of Defense (DoD) last month released its Software Modernization Strategy, an important step to unifying existing technology and directing a more joint approach to systems of the future. It notes that our competitive posture is “reliant on strategic insight, proactive innovation, and effective technology integration enabled through software capabilities.” Further, it asks DoD entities that are driving software development to address management and governance of the 29 software factories spread across the services.

The promise of software factories is significant. The construct has quickly demonstrated agile development of critical capabilities, while also delivering the speed and flexibility that DoD requires. This has been achieved with commitment to automation, modular and open architecture, and continuous authority to operate (cATO). Given how much progress has been achieved, software factories will undoubtedly play an important role in modernizing DoD technology, through a common framework which will drive efficiencies and provide oversight, best practices, and baseline software for reuse.

Industry’s Role  

The industry can offer lessons learned and best practices from supporting software factories over the past five years, and the Software Modernization Strategy makes several mentions of the role of industry within the acquisition process. Booz Allen has worked in partnership with the DoD to rapidly develop, integrate and field cutting edge mission capabilities. We know what works, and what it will take to mature the software factory ecosystem to bring more efficient, innovative software to the DoD.

The software factory ecosystem cannot be a one-size-fits-all approach. Given different mission requirements (i.e., from IT to OT), acquisition strategy and program maturity (i.e., inception to sustainment), bringing all of these software factories into a single factory or even entity will likely be both inefficient and ineffective.

DoD leaders would benefit from establishing an ecosystem that streamlines across today’s software factories and those that will exist in the future. We would offer that the DoD Chief Information Office should consider the following as a construct aligning software factories within a framework for governance:

Mission Purpose. Each software factory was purposefully designed to cover a broad spectrum of mission requirements. Some entities support complex combat requirements and require deep hardware integration for use on the battlefield driving additional layers of policy, cyber, security and technical specifications. Others focus on IT system development that requires less hardware integration, but instead requires standards for open architecture and system interoperability. Aligning against a core set of mission categories will help streamline baseline software and regulations.

Developmental Maturity of System. DoD must also consider the maturity of the software that’s being developed in applying governance to the software factories. For instance, a software factory for a system as mature as the F-35 program has very different needs (e.g., cyber regulations) than an entity that is incubating new software for prototyping and testing capabilities with more pipeline requirements (e.g., Navy’s Rapid Autonomy Integration Lab (RAIL) software factory).

Operations Model. Finally, the framework should address the variety of different models of ownership and accountability. Depending on how the DoD and industry partner together, the risks and benefits can vary significantly. In our experience, there are three broad models for operations that work effectively for managing cost, risk, and innovation: Government-Owned, Government-Operated (GoGo); Government-Owned, Contractor-Operated (GoCo); and Contractor-Owned, Contractor-Operated (CoCo). We have supported all of these models across the federal government and have lessons learned from each, including retaining government data rights, ensuring accountability and driving a culture of collaboration.

As the DoD works on the implementation plan for the Software Modernization Strategy and creates a framework for how to manage and govern its software factory ecosystem, aligning and categorizing its existing resources will be critical for delivering agile, mission critical software to current and future weapons systems.

Further, it is incumbent on the industry to continue to streamline and drive efficiencies in its software development. Across the Defense Industrial Base, we must commit to building open, reusable baseline software that can be extended and augmented across multiple use cases. Whether we are developing software on corporate research and development budgets or on government use cases, creating software that can be refined to meet mission needs is absolutely critical. From our own experience, we are committed to taking our investments and integrating them to build for custom mission solutions. Our AI/ ML software factories and cyber software factories are built consistently from a horizontal perspective so that they can be leveraged and reapplied for more vertical mission sets.

Through both a more consistent government framework for software factories built on real use cases and industry commitment to re-baselining, executing this new strategy will be critical for continuing to modernize technology to support today and tomorrow’s warfighter.