By Michael Johnson, Performance Business Leader
Development and Operations (DevOps) is designed to improve the efficiency and effectiveness of development teams by changing the way that development is accomplished. Traditional development strategies like Waterfall were designed in the fifties and have received limited updates and modifications since that time. The rigid structure of these design methodologies leaves little room for adaptation or improvisation and requires a long time for development.
DevOps development strategies are designed to produce high-quality products while decreasing development time and increasing flexibility. These strategies are composed of many quick iterations, breaking down a problem into manageable parts. Technology and processes like continuous integration and testing ensure the correctness of the product at all stages of development.
In the defense and aerospace industries, reliability and correctness are the top priorities. The increased flexibility associated with DevOps makes adoption difficult in these industries despite the potential for large payoffs. However, several major organizations working in this space have embraced DevOps and achieved promising results.
Raytheon: DevOps for Cyber
Raytheon is a major United States defense contractor that has wholeheartedly embraced DevOps. The main attraction of DevOps to Raytheon is the ability to quickly design, develop, and release products to the consumer.
This ability is vitally important in the field of cybersecurity since the threat landscape is constantly in motion. By adopting DevOps methodologies and technologies, Raytheon is able to develop the Persistent Cyber Training Environment (PCTE), a cyber “range” designed to provide realistic training on cyber threats and operations to servicemembers from across the U.S. military.
In order for this training to be effective, it needs to reflect the most recent threats present in the industry. According to Raytheon, traditional design methodologies may require days or weeks to provide training content for new threats. By employing DevOps methodologies, this is cut to hours, ensuring both the relevancy and scalability of the PCTE. The use of DevOps technology is critical to this effort since it ensures that rapid modifications made to the simulations do not negatively impact the integrity and realism of the existing components.
Lockheed Martin: Cloud Foundry
Lockheed Martin is another U.S. defense contractor that is openly embracing DevOps methodologies as a way to ensure that they can efficiently and effectively develop products and meet deadlines.
At the 2015 Cloud Foundry Summit, Lockheed Martin’s Mission Systems and Training team presented on how they are using Cloud Foundry, an open-source cloud application, to improve their ability to deliver products and meet the security requirements of a U.S. defense contractor.
By using this Platform as a Service (PaaS) to abstract away details during development, Lockheed Martin realized massive decreases in production time while meeting necessary security standards. An example success story was the development of a mobile app for internal use in 10 weeks rather than 9 months (decreasing time to release more than threefold).
NSA: Improving Security Through DevOps
The use of DevOps to improve development methodologies isn’t constrained to the private sector; even the U.S. government is getting involved. The National Security Agency (NSA), one of the most secretive and detail-oriented organizations in the world, has openly adopted DevOps practices.
In fact, they’ve even released tools for other organizations to improve the security of their work. Puppet is an open-source tool for configuration management that allows users to write rules in its own programming language that govern how systems under its control are configured. The NSA publicly released the System Integrity Management Platform (SIMP), a set of tools designed to automatically enforce compliance with security standards by automatically managing built-in tools like SSH and iptables, in June 2015.
These modules were obviously developed for use in-house, indicating that the NSA is likely using Puppet and other DevOps tools as part of their own processes. The value of the data collected and stored by the NSA and the huge target on their backs means that if they can safely employ DevOps technologies for their security, there are very few organizations that can’t.
DevOps in Conservative Industries
Raytheon, Lockheed Martin, and the NSA all operate in industries where correctness is more important than speed in development, so many organizations are reluctant to change from “traditional” development methodologies like Waterfall to less structured, agile ones. However, many players in the industry have made the leap and demonstrated that when done properly, DevOps development strategies do not sacrifice correctness for speed. The successes achieved by these organizations demonstrate the power and utility of DevOps even in conservative industries like defense and aerospace.
If you want to explore how DevOps can positively impact your development project, contact the Performance team today.