A computer with wings
Software modernization keeps systems current against new threats
When it comes to advancements in military technology, the old adage “early is on time, and on time is late” takes on new meaning.
Consider the smartphone. Every year, new phones are released with better cameras, faster processors and increased memory. Older devices can still stay relevant because their systems are built to enable software changes and enhancements to their operating systems and applications. It’s this spirit of rapid modernization that’s leading the way for DevSecOps at Raytheon Intelligence & Space, a Raytheon Technologies business.
“We’re in a time crunch, where new software updates come out even before the latest update is installed,” said David Appel, vice president for Defense & Civil Solutions at RI&S. “To take advantage of the rapid software advancements, hardware platforms must be able to be quickly reconfigured and recalibrated.”
By standardizing certain aspects of hardware development, the Department of Defense can rapidly evolve the software inside, for instance, in the avionics suites or targeting systems for fighter jets. Traditionally, mechanical upgrades came from sustainment – the support and maintenance work to prolong the life of military hardware. But today, RI&S is achieving the same modernization end state through a sustainment approach for software enabled by DevSecOps.
“There isn’t a one-size-fits-all approach, so we meet the customer where they want to be,” said Michael Lewis, technical director for Defense & Civil Solutions at RI&S. “Whether you want highly skilled engineers, commercial off-the-shelf products, or a brand new start, we adapt to how our customer wants to employ DevSecOps.”
DevSecOps enables rapid development cycles typically seen in the commercial industry. RI&S’ Future Operationally Resilient Ground Evolution Mission Data Processing Application Framework is a good example of the success achievable through adopting a DevSecOps approach to viable and continuous software development.
Specifically, DevSecOps provides the ability to quickly stand up a software development environment enabling coding, the building of capability, and then immediate testing and deployment of these while simultaneously and rapidly iterating updates with the users. It’s a much more rapid pace of innovation and progression than what’s obtainable through a waterfall approach.
“Think of waterfall in terms of starting a program where you review and decompose requirements, generate a design and then have the design reviewed – all before you write any code,” said Lewis. “That initial process can take years, and can make the program outdated or obsolete by the time you’re ready to field it.”
There are even greater implications for a fighter jet carrying a human pilot faster than the speed of sound. In the past, a fighter jet might take a decade or longer to go from concept to reality. Using that methodology in the future could render an expensive piece of equipment obsolete before it ever sees a combat mission.
“Because of dated software built and delivered through legacy methods and timelines, we’ve seen program failure rates of upward of 40 percent or more on new programs,” said Ian Mitchell, program director for Defense & Civil Solutions at RI&S. “Now through digital innovation, we can deploy multiple new security features and patches per day.”
By breaking the software into smaller, integrated pieces, the systems controlling the maneuverability and safety of the aircraft are managed separately from the various sensors, weapons and other components the pilot uses. The aircraft shell is the same, but the technology is swapped out.
“It’s not really an aircraft anymore,” said Mitchell. “It’s a computer with wings.”
The idea is catching on, Mitchell said, with services building their own commercial software strategies to deliver rapid software enhancements and upgrades to both existing and future hardware systems.
“All of these software initiatives are revolutionary,” said Appel. “The threat model is changing. Spend more time on the software and the threats, and you can react more quickly.”