Project Brings Open-Source Methods to Defense Realm

February 2009
By Rita Boland

 
The current approach to military software development is stovepiped. The U.S. Defense Information Systems Agency wants a more collaborative approach to provide capabilities  to warfighters.
Defense Information Systems Agency effort will enhance cooperation among certain information technology personnel.

As the military world continues its march toward network centricity, software developers are making strides toward better collaboration as well. A project expected to roll out in the next few months will connect disparate researchers, allowing them to share ideas and products. This open-source idea swapping takes practices already in place in the private sector and moves them into the defense arena with the aim of accelerating production time while reducing costs. The purpose is to enable the rapid development and certification of products for the Global Information Grid.

The U.S. Defense Information Systems Agency (DISA) is attempting to bring a network-centric environment to military software developers through its Forge.mil project. The effort, originally called the Federated Development and Certification Environment (FDCE), began almost two years ago as an outgrowth of the agency’s Net-Enabled Command Capability (NECC) program. The NECC uses modern information technology, workflow and portal tools to exchange information among multiple organizations developing components of the program. Personnel employing the capability exchange requests for development and use the same infrastructure to exchange artifacts about the progress of development specifications.

DISA leadership decided to examine the possibility of generalizing the concept and applying it more broadly to software development in the agency and across the U.S. Defense Department. The team members assigned to the work examined how to improve the speed of dependable products and services to the warfighter and onto the Global Information Grid (GIG). What they noticed, according to Rob Vietmeyer, project manager for Forge.mil, was that while network-centricity and collaboration have been the focus of information technology improvements in the Defense Department, especially in providing capabilities to warfighters, the development processes used in the department have not moved as quickly. “Unfortunately, our approach to get there was following the same siloed software development approach we’ve been using in the past,” Vietmeyer explains. Forge.mil will bring network-centric and collaborative tools to military developers.

What DISA really needed to do was enable information sharing, collaboration, shared situational awareness and self-synchronization within the information technology development community. The team began determining what tools and services it could provide to offer a collaborative sharing environment for the information technology development community. That effort led to the initial offering of the FDCE, which has now been branded Forge.mil.

Forge.mil eventually will offer three services. The first one will be Software Forge, which provides software life-cycle management and software version control services for Defense Department open-source and community-source software development efforts. It also provides a software repository for personnel looking for reusable software components. Software Forge is scheduled to become available by the end of March.

Project Forge, the second service, also is scheduled to roll out in the same time frame and will be provided on a fee-for-service basis. This service offers an on-demand software life- cycle management capability to meet the needs of military software development project and programs. With Project Forge, developers can turn on life-cycle management tools within 24 hours for their own use.

The third service is Certification Forge, which will be delivered in the summer. It provides tools and services to speed the testing, certification and acceptance of software being delivered for Defense Department use.

To proceed in the most efficient manner with the Forge.mil project, DISA looked at similar efforts already underway in industry. Dave Mihelcic, DISA’s chief technology officer, says the agency found examples of communities of developers who use modern information technology tools to enable joint development of pieces of a project, centrally store artifacts and bring together all the pieces to build the software, then test and use it. One capability they found is Droupal, a concept management tool used in another DISA project. In Droupal, people from around the globe volunteer to build different segments of the content management system, independently check results and place the finished code into a central repository that can be built for a large distribution.

The model DISA has selected for its Forge.mil development is a Web site called SourceForge.net, which offers project hosting for open-source development projects as well as distribution. Anyone looking for an open-source product can visit the site and search various developers, then download what they need. Vietmeyer says, “The models we’ve been working with are looking to enable a SourceForge.net environment for the DOD.” The military wants software version control, project management services and tools for the software development community such as bug tracking, issue tracking, document repository, and wiki and community tools that support various distributed developers. Vietmeyer explains the military wants those tools not for siloed projects but as an enterprisewide service.

Forge.mil personnel want to have a large, decentralized system to give developers collaborative tools so they can share information as they work. That, according to Mihelcic, enables DISA to leverage its resources more efficiently and, as a result, make products more quickly for the Defense Department. DISA wants to enable the same level of collaboration in the department’s software development community that it sees in the open-source world. The created capabilities will enable enterprisewide access and shared visibility that leads to common processes and procedures. The military then can automate various components of the software delivery life cycle to ensure all stakeholders are engaged during the entire life cycle. Vietmeyer states that these actions will accelerate acceptance and ensure that the functionality warfighters need is actually delivered.

Adapting private-sector technologies for military use comes with a set of challenges, including classifications. The initial rollout of Forge.mil will be unclassified but protected on the nonsecure Internet protocol router network (NIPRNET). Personnel with the program are trying to obtain additional funding to accelerate the rollout to the secret Internet protocol router network (SIPRNET). DISA also is in conversation with representatives from the Office of the Director of National Intelligence to see how the same approach could be leveraged to provide a similar development infrastructure on more classified networks such as the Joint Worldwide Intelligence Communications System. DISA is working with other Defense Department agencies as well to pull the community together, and officials say that the network centricity in Forge.mil is the right approach to bring open-source and community-source software development into the military domain.

Over time, DISA plans to add more capabilities such as automation to Forge.mil. Before anyone can turn on a system operationally in the military now, they have to certify that it meets certain security and interoperability standards. The agency wants to use the same open-source infrastructure being developed for the software community to exchange all the artifacts generated as a byproduct of testing and evaluation that goes into developing certifications. The effort would accelerate certification processes.

Another important addition DISA wants to make to Forge.mil that is absent from open-source collaboration offerings found on the Internet is the ability to provide testing resources on demand. The Forge.mil team has partnered with the agency’s computing services division to create the Rapid Access Computing Environment (RACE). “Our goal is to basically couple RACE with Forge.mil so when developers in DOD need additional service to either do the software development or build the software baseline, we’ll then have a large number of machines live so they can test it,” Mihelcic says.

Instead of having to buy software, developers can activate the processing they require on demand through RACE. The environment is operational already in a defense enterprise computing center. When linked with Forge.mil, the result will be a turnkey environment on the NIPRNET that Defense Department developers can use to develop, build and test software without buying large amounts of hardware. Forge.mil is expected to dramatically reduce the barriers to entry in the department’s software development, eliminating the months-long and sometimes years-long process of purchasing hardware, selecting tools and obtaining accreditation for operations.

Beyond increasing collaboration among software developers, DISA hopes that moving Forge.mil forward will promote software reuse with the department. In the past, attempts at reuse have been unsuccessful, but one of the goals of this project is to encourage reuse through the same methods employed in the open-source community. Developers can post their repositories and make them searchable so other developers can locate the appropriate software and use it in their projects. No new policy will drive the reuse, but the project will enable software reuse through the open sharing of artifacts.

As the project prepares to roll out in the next few months, personnel are working on the initial configuration and ensuring that products meet the information assurance (IA) needs of the Defense Department, not only in terms of software being delivered, but in the environment itself. Vietmeyer says, “We’re going through and making sure we can provide a dependable, assured, secure environment.” The delivery process mirrors the goal of the program because DISA is using a collaborative approach for that as well. Instead of having the agency deliver everything, other programs may have projects that they can plug in. “We’re sort of taking a platform strategy with this,” Vietmeyer explains. “If we can provide the core platform that allows others to plug in various tools and make them available across the enterprise, that’s our goal and objective.” He adds that, “We’re trying to take a fully open approach to deliver what we anticipate to be a continually evolving capability.”

Forge.mil will be hosted on a .mil domain accessible through a secure Web interface. Access will require a public key infrastructure or external certificate, so members of the military software development community and others who support them can participate. Project personnel are working with those they believe will be the initial customers, so a handful of efforts already are on the domain. Vietmeyer expects it to grow quickly once the capability is fully available because people have interest in contributing software they developed that they believe would be useful for other projects. “I think there will be rapid uptake within the information technology development community,” he states.

A key piece of the strategy behind Forge.mil is engaging software developers and users as early as possible. The goal is to reduce the amount of time between the decision to initiate a software project and actually delivering capabilities to the warfighter. One of the benefits of the smaller, decentralized development effort is support for folks on the ground in Iraq and Afghanistan who have small, boutique software requirements. Often these troops are creating what they need alone, but with Forge.mil they should be able to reach out to a more robust base. Forge.mil also moves the military toward Web 3.0, in which the future Internet will be populated with small pieces of functionality connected together to perform bigger functions. Mihelcic says DISA wants to see the Defense Department positioned to do the same thing.

Engaging users early in the process improves dependability and functionality. DISA hopes that by involving warfighters, they will improve projects through their perspectives. Forge.mil also should speed development and acceptance times by establishing and in some cases automating common processes while improving security. Returning to the idea of reuse, Forge.mil will promote reuse of IA testing and certification.

Though the project began about two years ago, DISA only received the impetus and, more importantly, the funding to provide something material in September 2008. Rear Adm. Elizabeth Hight, USN, then-acting director of DISA, served as a major proponent of the Forge.mil project and secured $4.6 million of funds that would have expired at the end of fiscal year 2008 to finance the effort. Without the admiral’s proactive approach, Forge.mil would have remained unfunded until 2010 because of DISA’s five-year budget cycles. The money moved the status from a visionary program to a real project. Funding should continue through fiscal year 2010 and beyond, because the project is included in DISA’s Program Objective Memorandum for fiscal years 2010-2015.

DISA awarded contracts for Forge.mil work after receiving the money. CollabNet is providing a key piece of the infrastructure. The agency also is teaming with Space and Naval Warfare Systems Command Systems Center Charleston on engineering. In addition, DISA is looking for others within industry and government who have pieces that can plug into the project.

Web Resources
Rapid Access Computing Environment:
www.disa.mil/race
SourceForge.Net: http://sourceforge.net
Net-Enabled Command Capability: www.disa.mil/necc
CollabNet: www.collab.net

 

Enjoyed this article? SUBSCRIBE NOW to keep the content flowing.