DevSecOps prompts personnel to get Agile
By Patty Welsh, 66th Air Base Group Public Affairs
/ Published December 16, 2019
HANSCOM AIR FORCE BASE, Mass. – Personnel from Hanscom’s Command, Control, Communications, Intelligence and Networks Directorate hosted a DevSecOps enablement session Dec. 11-12 focused on Agile-enabled culture change coming to the Air Force.
Held at the Hanscom Collaboration and Innovation Center, or HCIC, the session consisted of a general presentation on Agile acquisition by Jennifer Gould, program support advisor from Hanscom’s Acquisition Center of Excellence. The software giant RedHat, which is currently performing work for the Air Force, also conducted a demonstration as to how DevSecOps could work for a program manager.
Gould said senior leaders are telling program managers they need to do Agile, and PMs are asking what that means.
“Agile is not a process or a template,” she said. “It’s a mindset. It’s a new way of thinking, but it’s a big shift, especially for the military.”
Gould said Agile is a way to provide functionality for the warfighter as quickly as possible. It may not be the finished product, but a minimum viable product that can initially be used and then improved upon. It also allows program managers to have complete and timely visibility into their programs.
However, she cautioned that the PMs must get buy-in from all stakeholders, from their senior leaders to the contractors and especially the end users. Leaders must also be willing to empower their teams to make decisions at the lowest level possible.
“Not every program is set up for Agile,” Gould said. “Will the users accept small, more frequent, iterative deliveries and are they willing to engage?”
She added that some programs that use a traditional acquisition approach are able to transition to Agile later in the process, such as during sustainment.
Gould’s session also offered information on best practices, such as having daily stand-up meetings, establishing due dates and having users help with testing.
“We’re doing business in a completely different way,” she said. “It’s hard but exciting. You are able to make real decisions using common sense to get to what users need. Before you were told to just do, where now you’re using critical thinking skills. You’re owning your program.”
Following Gould’s presentation, personnel from RedHat demonstrated how a software factory could be automatically deployed to the environment of a program’s choosing, allowing programs managers access to more aggressive acquisition strategies and opportunities for increased software baseline ownership.
They reiterated that the process is designed to be as repeatable as possible so program personnel can focus on their mission and not on deploying tools and infrastructure.
This event followed closely after Air Force Chief Software Officer Nic Chaillan’s Ask Me Anything session that was held Dec. 6 via the Zoom platform. In that, Chaillan shared that Platform One by LevelUp will provide DevSecOps as a managed service using DoD-hardened containers already covered by a DoD-wide continuous Authority to Operate, effectively delivering turnkey software factories with complete software as code to deploy into any environment, including Cloud One and contractor infrastructure.
Additional information on Agile, DevSecOps initiatives and other key topics are available at https://software.af.mil, including a memo on “Contracting Considerations for Agile Solutions: Key Agile Concepts and Sample Work Statement Language” put out by the office of the Under Secretary of Defense for Acquisition and Sustainment in November. Personnel can also contact Gould at Hanscom’s ACE office at 781-225-4172.