With just weeks until the Department of Defense plans to begin building its controversial enterprise cloud, one top DoD IT official laid out how the cloud will serve as a platform for another modernization effort: software.
“I really think that this cloud portion of the modernization strategy ought to be focused on software modernization, or, more specifically, software agility,” said Peter Ranks, the DoD’s deputy chief information officer for information enterprise, speaking Jan. 23 at MeriTalk’s Smart 2020 event.
In a scenario in which the United States is fighting a near-peer competitor, the Pentagon needs the ability to send capabilities out to the war fighter and subsequently send updates without interrupting operations.
“Nothing in the Department of Defense, in any of our processes, prepares us to be able to move with that type of agility in software,” Ranks said. “The whole concept that you’re going to field something before it’s complete and fix the bugs in production" is foreign to the DoD.
In his speech, Ranks detailed several efforts underway at the DoD to increase update speed. To start, Ranks said, the DoD CIO’s office is changing policy to allow for more iterative processes in acquisition, a departure from the current process where requirements are laid out years before technology is delivered. To complete that goal, Ranks said the DoD needs the enterprise capability to provide the tools necessary to create a more iterative process.
Ranks said he is also working to create a continuous authorization to operate, similar to the one used through the Air Force’s Kessel Run program, which would allow the DoD to send out software patches in real time without having to go the laborious process to get the update approved, allowing the DoD to move faster.
Changes could also be coming to acquisition language in 2020, Ranks said. He said there’s been “good progress” on working to reduce large milestone-based deliverables in favor of a policy that “encourages a bias in the delivery of software toward delivery of small amounts of capability.”
The Pentagon plans to work with industry to revise the policy to make it more effective.
“The question we have is how do we develop the right guidelines so industry knows how to do this stuff,” Ranks said.
However, there are two open questions DoD IT officials are still struggling to answer, Ranks said. He pointed to software updates during operations, like how to update an F-22 in flight without creating safety issues. Another challenge Ranks’ office is grappling with is how to establish cloud connectivity in disconnected areas around the globe.
“The realities of military operations challenge some of these activities,” Ranks said.
The cloud piece
The Joint Enterprise Defense Infrastructure (JEDI) cloud is a key platform for pushing the sort of updates Ranks discussed. Through JEDI the DoD will have a single platform accessible to DoD components crossing all levels of classification.
“The thing that I want out of cloud, the thing that I want out of software is speed,” said Ranks. “I want better software in the hands of the war fighter faster. I want better software coming out of the pipeline without sacrificing cybersecurity or resilience. Cloud is absolutely a piece of that. It’s a big part of the foundation of being able to do that work.”
But the DoD just needs to get the JEDI cloud stood up after protests and controversy delayed the award for months. Even now, the JEDI cloud faces another potential delay. In a sealed document filed Jan. 22, Amazon asked a federal judge for an injunction preventing the DoD and Microsoft from beginning work on the unclassified section of the JEDI cloud, set to begin Feb. 11.
“It is common practice to stay contract performance while a protest is pending and it’s important that the numerous evaluation errors and blatant political interference that impacted the JEDI award decision be reviewed,” an AWS spokesperson said in a statement. “AWS is absolutely committed to supporting the DoD’s modernization efforts and to an expeditious legal process that resolves this matter as quickly as possible.”
Andrew Eversden covers all things defense technology for C4ISRNET. He previously reported on federal IT and cybersecurity for Federal Times and Fifth Domain, and worked as a congressional reporting fellow for the Texas Tribune. He was also a Washington intern for the Durango Herald. Andrew is a graduate of American University.