Officials work to provide a new cloud approach across the service as well as the Defense Department.
U.S. Army officials estimate that by the end of the fiscal year, they will go into production on a new cloud computing solution that could potentially be made available across the Defense Department and could eventually be used to expand cloud capabilities on the battlefield. The platform-as-a-service product incorporates enhanced automation, less expensive software licensing and built-in information assurance.
During the past year, officials with the Army’s Communications-Electronics Command (CECOM) Software Engineering Center (SEC), Aberdeen Proving Ground, Maryland, have been working on a cloud computing approach known as Cloud.mil. A four-person team took about four months to deliver the first increment, which is now in the pre-production phase and is being touted to Army leaders, as well as to Defense Department and Defense Information Systems Agency (DISA) officials, as a possible Army-wide and Defense-wide solution.
When the SEC team briefed Maj. Gen. Robert Ferrell, USA, CECOM commanding general, he suggested it should be implemented across the Defense Department. Gen. Ferrell invited Rear Adm. David Simpson, USN, DISA vice director, to visit Aberdeen, and the team briefed Adm. Simpson in August. “He asked us to work with his counterparts at the Defense Department and with his DISA team to figure out how he can get this capability into his portfolio as a service to provide to customers,” says Mark Hosson, SEC acting deputy director. “It started out as Cloud.Army.mil, but after we briefed the commanding general, he asked us to change it to Cloud.mil, and we are working with the Defense Department and with DISA to get it implemented into the DISA Enterprise Computing Center environment.” The DISA Enterprise Computing Center is where joint applications are hosted, he adds. While DISA has a cloud platform-as-a-service capability today, the cloud.mil solution provides a more extensive list of capabilities at the platform level, Army officials claim. The SEC team intends to present its approach to Mike Krieger, Army deputy chief information officer.
Cloud.mil provides an array of advantages, but SEC officials say the degree of automation is what really sets their solution apart from others. In fact, virtually any task that would normally require a telephone call to the cloud provider and manual labor on the part of provider personnel is automated under Cloud.mil. “The Defense Department as a whole has been talking about cloud, cloud, cloud. We are not yet in cloud. What’s missing is a lot of the self-service capabilities, the automation that deals with hosting tasks. We’re not quite there yet,” says Farry Philippe-Auguste, chief architect for the SEC’s Architectural Services Division and deputy director of the Enterprise Solutions Competency Center at the SEC. “To me, that is what cloud is about. It’s not just centralization. It’s about a one-stop shop to anything and everything that you want done there.”
Being a self-service solution also means that customers can use a simple point-and-click method for uploading and deploying applications. And once the application is running, basic functions, such as backup and recovery, log monitoring and performance metrics are automated. Cloud.mil also offers a dashboard capability geared toward network managers for such tasks as monitoring the number of applications within an organization or categorizing those applications.
SEC officials estimate that for about $3 million they could put in place a cloud solution running between 50 and 100 applications, depending on the complexity. That, they say, is a fraction of the cost of other solutions. And with the degree of automation offered by Cloud.mil comes potential staff reductions and additional cost savings. “Today, you’ve got these large IT system administrator staffs that manage systems. With Cloud.mil, you can significantly reduce that staff. So, if you have 15 people, you can probably reduce that down to three to five people because a lot of the work is automated,” explains David Garrett, director of the Enterprise Solutions Competency Center and chief of the Architecture Services Division within SEC. “Farry has been told by vendors that what he is doing is at least two years ahead of what industry is doing.”
One reason SEC may be leading industry on the cloud automation front is that industry lacks incentive to automate hosting tasks that they can otherwise charge labor costs for, Hosson says. “It’s just the nature of building something in-house. We’re not out there to make money.”
Additionally, Cloud.mil consolidates middleware, saving money on software licensing agreements. “The operating systems licenses are relatively cheap. Where we spend our money right now is on middleware licenses, and if we don’t consolidate that layer, efficiencies are very hard to gain,” says Phillipe-Auguste.
Hosson adds, “If 10 different applications are needed for Oracle, for example, instead of buying 10 different Oracle licenses, you can buy one and share. That’s what our solution provides.”
Cloud.mil also offers built-in information assurance features. Applications cannot be uploaded to, or shared through, the cloud environment if they do not meet Defense Department information assurance requirements. “You have to make sure that information assurance is embedded within your [application] code, so you can’t have any vulnerabilities. If you do, the cloud environment prevents you from releasing it. If you are trying to provide a capability that is vulnerable, Cloud.mil won’t let it run. It forces developers to go back and code it properly,” Hosson explains.
With two-factor authentication, customers can use a personal laptop with the proper hardware and software. A government computer is not necessary to connect to the cloud.
Furthermore, Cloud.mil is available on common mobile devices, regardless of operating system. “We can develop a business app, and at the same time we can develop that app for a mobile platform so that it can ride on an Apple device; it can ride on a BlackBerry; it can ride on an Android system,” Hosson says. Philippe-Auguste adds that users also can decide whether to make their apps available through a cloud-mobile marketplace.
SEC officials say they also took an innovative approach to developing Cloud.mil, which is how they were able to build the first increment in such a short time with a small team. Some software developers use an incremental development, or features-driven approach. Others use a scrum development approach, which is designed to increase speed and flexibility. The SEC team used both. “We created an environment where we could do agile development at one-third the time and one-third the cost of what it normally took for a development effort,” Garrett reports. “It’s a hybrid methodology where we’ve taken the best of both features-driven development and the scrum process, and we’ve combined them into our own hybrid approach to be able to crank out software very quickly.”
Initially, Cloud.mil is being used for business applications, such as financial disclosure management, but someday it could potentially be used on the battlefield. “The next step down the road—now I’m talking far down the road—is how to work this into the tactical environment,” Hossom reveals. Several things need to happen first, including deployment of the Army’s Warfighter Information Network-Tactical, as well as implementation of the service’s common operating environment, which is expected to begin in fiscal year 2014. Also, Army officials will have to figure out how to integrate Cloud.mil into a mobile pod capable of maneuvering around the battlefield. Hosson estimates it will be the fiscal year 2016 when the Army begins seriously exploring a tactical option.
For now, SEC officials are focused on convincing others within the Army and Defense Department to adopt Cloud.mil. “We hear all the time that the Defense Department is trying to do more with less. Here’s the opportunity. It’s a proven solution. It works. All they have to do is take advantage of it,” Garrett declares.