Relevant links are available at the bottom of this post.
- By Sean Lyngaas
- Oct 06, 2015
Defense acquisition officials see agile development as a possible lifeline in the Pentagon’s struggle with the monumental challenge of refreshing the software in its weapon systems.
“There’s a lot of promise in agile; I think a lot of us are excited about it,” said William LaPlante, assistant secretary of the Air Force for acquisition. “The question is going to be how agile is our acquisition system to take advantage of it.”
LaPlante spoke Oct. 6 at conference of acquisition officials hosted by Defense One.
Agile is a collaborative approach to software development that involves frequent testing, rapid delivery, and adapting to changing requirements. While agile development may be gaining traction among defense officials, it is up against a formidable obstacle in the millions of lines of code that are said to be in complex weapon systems like the F-35 joint strike fighter jet.
Frank Kendall, the Pentagon’s top acquisition official, praised agile development’s potential to loosen the “more rigid, structured process” for software development in the defense industry. At a recent dinner with industry executives attended by Defense Secretary Ash Carter, Kendall said he heard two executives discussing the difficulties of managing software development. He made the point to emphasize that it is not just DOD technicians who struggle with software, but the entire defense industrial base.
“I think software generation tools are getting better, but I think it’s an area in which there’s a lot of room for improvement still, and a lot of uncertainty about outcomes, unfortunately,” said Kendall, the undersecretary of Defense for acquisition, technology and logistics.
Neither the Pentagon nor the defense industry has good metrics for estimating the cost, productivity and risk of software development, according to Assistant Secretary of the Navy Sean Stackley.
“We find ourselves in a position where until you bring that software to bear against the systems that you’re integrating, you don’t really have a good sense for the quality and completeness of the software,” he said, adding, “and then you get into a test and fix mode.” The adoption of agile methods could mean less uncertainty throughout the lifecycle of software development, Stackley said.
Cyber is unmeasurable
The acquisition officials’ remarks came a day after Kendall released his annual Performance of the Defense Acquisition System report, which includes a measurement of the time to it takes DOD to deploy Major Automated Information Systems (MAIS).
The median cycle time such systems has dropped from five years in the years before 2009 to 3.2 years in years since, the report noted.
Yet this does not necessarily mean that,”we are faster at acquiring systems — all other things equal,” the assessment said. The changes may reflect how much work is included in a MAIS. The cycle time begins when program is launched or has money obligated for it, and ends with the decision to fully deploy.
Kendall has made cybersecurity central to Better Buying Power 3.0, the latest round of DOD-wide guidance intended to make the acquisition system nimbler. And yet the word “cyber” does not appear once on the 200-odd pages of the annual performance review. Why not?
“Cyber is hard to report on because it’s largely about embedded security measures in our programs and in the weapons systems themselves,” Kendall told reporters. “So what I’m trying to do there is make sure our program managers in particular are paying adequate attention to the entire life cycle and all the cyber threats that they have to worry about from the conception of a program until it’s retired.”
The fiscal 2016 National Defense Authorization Act, which President Barack Obama has threatened to veto, would give Cyber Command authority to acquire cyber tools it deems critical to its mission. The Senate was set to hold an Oct. 6 procedural vote on the bill, which would pave the way for a final vote on the legislation.
When asked about the bill’s Cyber Command provision, Kendall said he did not object to it, adding that DOD has a Cyber Investment Management Board that oversees cybersecurity investments. The board was borne of a need to bypass the traditional acquisition system to more rapidly deploy capabilities, he added.