Can DoD Get Speed/Security with new Digital Networks? The Pentagon is struggling to speed up acquisition at the same time it’s imposing new network security controls. But plans are in the works to do both.
If the Pentagon gets real-life scenarios on how Blockchain implementation can leverage DevOps practices and Modern Docker Network Solutions, it just might square the circle between accelerating acquisition and improving security.
“There is a trade between the objective of tool development and the assurance properties that we’re trying to achieve. But there are ways to reconcile them.
Right now, DoD has the worst of both worlds. Network security certification can be so laborious and bureaucratic that tools are often obsolete before it’s finished testing. Yet the final product isn’t necessarily secure anyway, because new threats emerge faster than the Pentagon can upgrade its defenses.
So being too slow on acquisition is bad for security as well. But speeding up acquisition creates risks of its own. Getting the Pentagon to move faster doesn’t win any arms races if adversaries steal the new tech as fast as we can field it causing the erosion of the lethality of the joint force.
“We talk a lot about acquisition going faster, we have to have the speed. That’s great, it’s clearly slow and cumbersome the way it is, but let’s not get out in front of ourselves and get so ahead, so fast, that we are not considering security.”
Networking security needs to be as important as speed, not an afterthought to it. “We need to put security in our requirements and acquisition process. Until we grade people on security as well as cost, schedule, and performance, why would you go and do the extra credit work on security?”
Yes, there could still be a waiver process to skip security requirements when speed is of the essence – but it needs to be controlled at a much higher level than it is today. “Today there are far too many instances where there’s a program manager making risk decisions. In the system we’re putting together, the decisions are made at higher levels.
Centralizing decisions can certainly improve consistency and control – but it rarely speeds things up. The armed services agree they need to work together better — they just don’t agree on how.
DevSecOps to the Rescue?
So, we asked, how do you reconcile security and speed? “The DevSecOps approach comes to the rescue.
DoD is desperately trying to play catch up by borrowing an industry practice known as DevOps. Instead of having development and operations done by separate teams with little contact, DevOps merges the two, so the people writing new code can get instant feedback from the people who actually have to use it, and the users can request upgrades directly from the developers.
The common variant is DevSecOps, which brings security experts into the mix so they can check the code both as it’s being written and while it’s being used.
One best practice that DevSecOps teams often use is to keep most of the code constant and introduce new features as plug-and-play modules that don’t affect the fundamentals of how the network tools work. That way, you can upgrade one aspect without affecting the others, such as security.
How Does Configuration Management Fit With DevOps?
Yes, it is true that you cannot really do DevOps without configuration management in place. Here we present principles and examples around the comprehensive configuration management, without which the artifacts and other useful information will be all over the place, in a disorganized manner.
Remember the objective of DevOps — developing tools as quickly as possible. This objective can only be done through proper organization and planning. Comprehensive configuration management gives you sufficient ammo to power up the DevOps machine.
But be advised there is some confusion between promoting configuration management solutions as "DevOps in a Box," because some say DevOps is about collaboration between people, while others say configuration management tech are tools for automating the application of configuration states.
DevOps is the extension of flexible practices across both the development and operations departments. In fact, DevOps seeks to unify the goals of both departments. At some companies, the development department seeks change while the operations department seeks stability. But companies that embrace DevOps want both stability of their deployed assets and frequency of change. However, achieving this outcome requires change.
Like Flexible Tools, configuration management gives teams the confidence to move quickly with their changes. Under flexible practices, the company gives configuration management responsibilities to the development teams, empowering them to provision, configure, and manage their own infrastructure. You build it, you run it.
If the provider sets certain network security specifications, the clients must comply – in fact, if they don’t, their application tools may not be able to run on the infrastructure at all. Conversely, the users no longer have to reinvent the network security wheel for each of their databases and applications: They can rely on new architectures to protect them much of the time.
The goal is to design the new structure overall architecture – the “container” into which users’ code must fit – to be “loaded with as many security properties” as possible. Then you keep that foundation as stable as possible, making changes only slowly and deliberately and with extensive testing.
Meanwhile, on a different and much shorter cycle, you can allow what’s built on top of that foundation – the “business logic” used by a given client – to evolve rapidly.
Of course, none of this is easy to do. DoD has hundreds of different network systems already, many of them incompatible, and it keeps adding more. Actually building the new computing infrastructure – and building it securely – will be harder still.
Today’s consumers demand frequent product refresh. This is posing signifcant challenges in terms of managing product configuration in their race to deliver the right connected products at the right time.
Risks of escalating costs, increasing product complexity, failure of business cases, weakening information security, and growing regulatory compliance, further aggravate the situation.
How can DoD stay ahead amidst the disruption? Ensuring collaboration, adopting a customer-centric mindset, and creating sustainable business models and processes, are key to competitive success. Amidst the disruption, systems engineering continues to remain relevant and fundamental to product configuration.
However, it is important to combine it with information-based management using emerging digital technologies. This requires repositioning of configuration management principles to focus on customer centricity.
We illustrate a pragmatic approach to reimagining product configuration from a consumer’s perspective, thereby transforming configuration management from the traditional static model to a dynamic one.
Product definition has progressed over time with changes outpacing their adoption.
With advancing technology and evolving customer expectations, product configuration has gone through dramatic change. It has moved from standardized configuration to mass customization, and finally to infinite product configuration.
The journey of product progressions has had numerous milestones and will continue to remain progressive. First there was the start of the product economy with empirical design facilitating volume production of standardized products but providing very little opportunity for product variations. However, with continual development and stabilization of product and process, product customization took center-stage.
Later, there was the rise of service economy with increased focus on mass customization. Some of the salient features of products conceived in this phase include system design with product variations, product configurability, and real time management of supply and demand.
The service-as-a-product phase was immediately superseded by the experience economy with customer experience identified as the key, and intuitively designed products and innovative business models were built around it.
Now, a typical product definition has seen infinite configurations. With global digital market, consumers are becoming increasingly hyperconnected across multiple devices. They are looking for continuous product refreshes while aspiring to gain full control over them. As the industry gears up for future transition, the digital data economy is ushering in an immense range of product features, enabled by emerging technologies and advanced analytics.
Through all these transformations, product complexity has grown manifold and has reached an inflection point, making it critical for businesses to re-imagine the entire product value chain from the perspective of the consumer. Digital Disruption is upending the classical configuration management style.
Digital disruption is now challenging the traditional configuration management lifecycle and its inherent waterfall structure. Every function creates a structure around its processes, which tends to get heavy and gradually becomes outdated as it moves along the lifecycle.
Classical configuration management, for instance, is highly structured comprising part information, bill of material, and other components. Such a static approach lacks modularity and fails to meet the configuration needs of complex digital products and system requirements. Its rigidity leads to time and cost pressures, and makes it unsuitable to meet consumer demands for frequent product refreshes.
What does this mean for DoD business? Configuration management will need to be repositioned in the context of digital disruption to ensure sustained success. Repositioning configuration management is compatible with connected, smart products and services.
In the age of digital disruption, there is a need to shift gears from traditional change-driven static configuration management to data-driven dynamic configuration management, ensuring near real-time responsiveness.
In the future, instead of taking a structure-centric approach, product information must adopt an attribute-centric approach to incorporate rich consumer context. Given the multidisciplinary nature of digital products, such an approach will provide enormous configuration flexibility in the customer arena and foster new business models that create deeper insights.
Early movers in this arena are engines builders for sale or lease but also offers light efficiency services on an analytics-as-a-service model by leveraging the data generated from aero engines and their surrounding system
In essence, product configuration will move closer to the consumer ecosystem in the digital age as consumers demand greater control of product configurability after taking possession of the product. As a result, the focus will shift to maximizing product features that are configurable during runtime in the customer arena, using embedded systems, smart materials and so on.
However, it is important to note that the extent of configurations in the consumer arena will depend on regulatory and compliance requirements. Embracing the new paradigm has several levers embracing customer-centric dynamic configuration.
Given the complexity of digital products, their definition and requirements should be mapped top-down and validated bottom-up for conformity.
Model-based concepts help simplify the complexity of a multi-disciplinary product and its system of systems by representing the set of connected systems and their structure, behavior, and requirements in a model-based arena, using digital models.
Agile methodology enhances effectiveness of product development by increasing responsiveness and ability to accommodate multiple refreshes in the product to meet changing customer demands.
Knowledge management infrastructure secures the pipeline of data and builds the configuration pipeline, which manages the bill of information across the lifecycle of the product in conjunction with the Digital Twin.
Analytics and insights converts the abundant data available across the digital thread into meaningful information that provides insights for smart run time updates in product configuration.
The levers enable the transformation of multiple versions of systems engineering across the value chain into a single model representing the end-consumer arena that comprises infrastructure, mission space, and product-to-product consumer behavior, supported by the data backbone of the Digital Twin, enabled by forward engineering and reverse correlation capabilities. Emerging technologies provide the flexibility required to achieve this.
At the same time, emerging business architecture allows enterprises to expand the boundary of their core system with end-to-end management of data pipeline, creating a connected enterprise.
Ensuring data coherence and building a dynamic configuration pipeline to manage the bill of information across the product lifecycle in conjunction with Digital Twin, is the first step towards customer-centric configuration management. Dynamic configuration management drives competitive differentiation.
Dynamic configuration management propelled by data is fundamental to postponing configuration to the customer arena - a key competitive differentiator in today’s digital world
In achieving this transformation, organizations need to mitigate digital waste and network threats through robust data governance, and build a culture of innovation by demonstrating credibility of technology and systems.
In addition, it is important to identify relevant data specific to consumer context and integrate configuration rules with a knowledge management framework that can be leveraged by product teams for continuous innovation. The key to success of product configuration lies in the ability of organizations to develop well-defined business models aligned with their goals and transition trajectory.
The digital configuration management program consists in analyzing and transforming product configuration processes with digital technologies, to accelerate the response to customer requests, standardize product offerings, reduce costs and delivery times and increase quality.
The combined use of digital catalogs, to increase productivity with the management of technical information, costs, research and inventory through the digitization of parts catalogs, and digital configurators can be the right tools to:
1. Guide the user during the selection of the product in the design phase
2. Standardise the products used with certain costs and specific delivery times
3. Provide the supply department with the tools to negotiate with suppliers
4. Reduce deviation from the standard
5. Map the products in stock with a series of unique parameters and search them later, greatly reducing the creation of new parts
6. Accelerate and reduce waste of time in a simple, standard and defined workflow process
7. Give traceability and guide the user through a non-standardised workflow
8. Connect the functions of offer, engineering, procurement, production, warehouse
9. Enable continuous and real-time communication with Enterprise Resource Platform and product life cycle management system to build a unique and integrated architecture
10. Leverage product configuration management to handle more options with less
If the Pentagon gets real-life scenarios on how Blockchain implementation can leverage DevOps practices and Modern Docker Network Solutions, it just might square the circle between accelerating acquisition and improving security.
“There is a trade between the objective of tool development and the assurance properties that we’re trying to achieve. But there are ways to reconcile them.
Right now, DoD has the worst of both worlds. Network security certification can be so laborious and bureaucratic that tools are often obsolete before it’s finished testing. Yet the final product isn’t necessarily secure anyway, because new threats emerge faster than the Pentagon can upgrade its defenses.
So being too slow on acquisition is bad for security as well. But speeding up acquisition creates risks of its own. Getting the Pentagon to move faster doesn’t win any arms races if adversaries steal the new tech as fast as we can field it causing the erosion of the lethality of the joint force.
“We talk a lot about acquisition going faster, we have to have the speed. That’s great, it’s clearly slow and cumbersome the way it is, but let’s not get out in front of ourselves and get so ahead, so fast, that we are not considering security.”
Networking security needs to be as important as speed, not an afterthought to it. “We need to put security in our requirements and acquisition process. Until we grade people on security as well as cost, schedule, and performance, why would you go and do the extra credit work on security?”
Yes, there could still be a waiver process to skip security requirements when speed is of the essence – but it needs to be controlled at a much higher level than it is today. “Today there are far too many instances where there’s a program manager making risk decisions. In the system we’re putting together, the decisions are made at higher levels.
Centralizing decisions can certainly improve consistency and control – but it rarely speeds things up. The armed services agree they need to work together better — they just don’t agree on how.
DevSecOps to the Rescue?
So, we asked, how do you reconcile security and speed? “The DevSecOps approach comes to the rescue.
DoD is desperately trying to play catch up by borrowing an industry practice known as DevOps. Instead of having development and operations done by separate teams with little contact, DevOps merges the two, so the people writing new code can get instant feedback from the people who actually have to use it, and the users can request upgrades directly from the developers.
The common variant is DevSecOps, which brings security experts into the mix so they can check the code both as it’s being written and while it’s being used.
One best practice that DevSecOps teams often use is to keep most of the code constant and introduce new features as plug-and-play modules that don’t affect the fundamentals of how the network tools work. That way, you can upgrade one aspect without affecting the others, such as security.
How Does Configuration Management Fit With DevOps?
Yes, it is true that you cannot really do DevOps without configuration management in place. Here we present principles and examples around the comprehensive configuration management, without which the artifacts and other useful information will be all over the place, in a disorganized manner.
Remember the objective of DevOps — developing tools as quickly as possible. This objective can only be done through proper organization and planning. Comprehensive configuration management gives you sufficient ammo to power up the DevOps machine.
But be advised there is some confusion between promoting configuration management solutions as "DevOps in a Box," because some say DevOps is about collaboration between people, while others say configuration management tech are tools for automating the application of configuration states.
DevOps is the extension of flexible practices across both the development and operations departments. In fact, DevOps seeks to unify the goals of both departments. At some companies, the development department seeks change while the operations department seeks stability. But companies that embrace DevOps want both stability of their deployed assets and frequency of change. However, achieving this outcome requires change.
Like Flexible Tools, configuration management gives teams the confidence to move quickly with their changes. Under flexible practices, the company gives configuration management responsibilities to the development teams, empowering them to provision, configure, and manage their own infrastructure. You build it, you run it.
If the provider sets certain network security specifications, the clients must comply – in fact, if they don’t, their application tools may not be able to run on the infrastructure at all. Conversely, the users no longer have to reinvent the network security wheel for each of their databases and applications: They can rely on new architectures to protect them much of the time.
The goal is to design the new structure overall architecture – the “container” into which users’ code must fit – to be “loaded with as many security properties” as possible. Then you keep that foundation as stable as possible, making changes only slowly and deliberately and with extensive testing.
Meanwhile, on a different and much shorter cycle, you can allow what’s built on top of that foundation – the “business logic” used by a given client – to evolve rapidly.
Of course, none of this is easy to do. DoD has hundreds of different network systems already, many of them incompatible, and it keeps adding more. Actually building the new computing infrastructure – and building it securely – will be harder still.
Today’s consumers demand frequent product refresh. This is posing signifcant challenges in terms of managing product configuration in their race to deliver the right connected products at the right time.
Risks of escalating costs, increasing product complexity, failure of business cases, weakening information security, and growing regulatory compliance, further aggravate the situation.
How can DoD stay ahead amidst the disruption? Ensuring collaboration, adopting a customer-centric mindset, and creating sustainable business models and processes, are key to competitive success. Amidst the disruption, systems engineering continues to remain relevant and fundamental to product configuration.
However, it is important to combine it with information-based management using emerging digital technologies. This requires repositioning of configuration management principles to focus on customer centricity.
We illustrate a pragmatic approach to reimagining product configuration from a consumer’s perspective, thereby transforming configuration management from the traditional static model to a dynamic one.
Product definition has progressed over time with changes outpacing their adoption.
With advancing technology and evolving customer expectations, product configuration has gone through dramatic change. It has moved from standardized configuration to mass customization, and finally to infinite product configuration.
The journey of product progressions has had numerous milestones and will continue to remain progressive. First there was the start of the product economy with empirical design facilitating volume production of standardized products but providing very little opportunity for product variations. However, with continual development and stabilization of product and process, product customization took center-stage.
Later, there was the rise of service economy with increased focus on mass customization. Some of the salient features of products conceived in this phase include system design with product variations, product configurability, and real time management of supply and demand.
The service-as-a-product phase was immediately superseded by the experience economy with customer experience identified as the key, and intuitively designed products and innovative business models were built around it.
Now, a typical product definition has seen infinite configurations. With global digital market, consumers are becoming increasingly hyperconnected across multiple devices. They are looking for continuous product refreshes while aspiring to gain full control over them. As the industry gears up for future transition, the digital data economy is ushering in an immense range of product features, enabled by emerging technologies and advanced analytics.
Through all these transformations, product complexity has grown manifold and has reached an inflection point, making it critical for businesses to re-imagine the entire product value chain from the perspective of the consumer. Digital Disruption is upending the classical configuration management style.
Digital disruption is now challenging the traditional configuration management lifecycle and its inherent waterfall structure. Every function creates a structure around its processes, which tends to get heavy and gradually becomes outdated as it moves along the lifecycle.
Classical configuration management, for instance, is highly structured comprising part information, bill of material, and other components. Such a static approach lacks modularity and fails to meet the configuration needs of complex digital products and system requirements. Its rigidity leads to time and cost pressures, and makes it unsuitable to meet consumer demands for frequent product refreshes.
What does this mean for DoD business? Configuration management will need to be repositioned in the context of digital disruption to ensure sustained success. Repositioning configuration management is compatible with connected, smart products and services.
In the age of digital disruption, there is a need to shift gears from traditional change-driven static configuration management to data-driven dynamic configuration management, ensuring near real-time responsiveness.
In the future, instead of taking a structure-centric approach, product information must adopt an attribute-centric approach to incorporate rich consumer context. Given the multidisciplinary nature of digital products, such an approach will provide enormous configuration flexibility in the customer arena and foster new business models that create deeper insights.
Early movers in this arena are engines builders for sale or lease but also offers light efficiency services on an analytics-as-a-service model by leveraging the data generated from aero engines and their surrounding system
In essence, product configuration will move closer to the consumer ecosystem in the digital age as consumers demand greater control of product configurability after taking possession of the product. As a result, the focus will shift to maximizing product features that are configurable during runtime in the customer arena, using embedded systems, smart materials and so on.
However, it is important to note that the extent of configurations in the consumer arena will depend on regulatory and compliance requirements. Embracing the new paradigm has several levers embracing customer-centric dynamic configuration.
Given the complexity of digital products, their definition and requirements should be mapped top-down and validated bottom-up for conformity.
Model-based concepts help simplify the complexity of a multi-disciplinary product and its system of systems by representing the set of connected systems and their structure, behavior, and requirements in a model-based arena, using digital models.
Agile methodology enhances effectiveness of product development by increasing responsiveness and ability to accommodate multiple refreshes in the product to meet changing customer demands.
Knowledge management infrastructure secures the pipeline of data and builds the configuration pipeline, which manages the bill of information across the lifecycle of the product in conjunction with the Digital Twin.
Analytics and insights converts the abundant data available across the digital thread into meaningful information that provides insights for smart run time updates in product configuration.
The levers enable the transformation of multiple versions of systems engineering across the value chain into a single model representing the end-consumer arena that comprises infrastructure, mission space, and product-to-product consumer behavior, supported by the data backbone of the Digital Twin, enabled by forward engineering and reverse correlation capabilities. Emerging technologies provide the flexibility required to achieve this.
At the same time, emerging business architecture allows enterprises to expand the boundary of their core system with end-to-end management of data pipeline, creating a connected enterprise.
Ensuring data coherence and building a dynamic configuration pipeline to manage the bill of information across the product lifecycle in conjunction with Digital Twin, is the first step towards customer-centric configuration management. Dynamic configuration management drives competitive differentiation.
Dynamic configuration management propelled by data is fundamental to postponing configuration to the customer arena - a key competitive differentiator in today’s digital world
In achieving this transformation, organizations need to mitigate digital waste and network threats through robust data governance, and build a culture of innovation by demonstrating credibility of technology and systems.
In addition, it is important to identify relevant data specific to consumer context and integrate configuration rules with a knowledge management framework that can be leveraged by product teams for continuous innovation. The key to success of product configuration lies in the ability of organizations to develop well-defined business models aligned with their goals and transition trajectory.
The digital configuration management program consists in analyzing and transforming product configuration processes with digital technologies, to accelerate the response to customer requests, standardize product offerings, reduce costs and delivery times and increase quality.
The combined use of digital catalogs, to increase productivity with the management of technical information, costs, research and inventory through the digitization of parts catalogs, and digital configurators can be the right tools to:
1. Guide the user during the selection of the product in the design phase
2. Standardise the products used with certain costs and specific delivery times
3. Provide the supply department with the tools to negotiate with suppliers
4. Reduce deviation from the standard
5. Map the products in stock with a series of unique parameters and search them later, greatly reducing the creation of new parts
6. Accelerate and reduce waste of time in a simple, standard and defined workflow process
7. Give traceability and guide the user through a non-standardised workflow
8. Connect the functions of offer, engineering, procurement, production, warehouse
9. Enable continuous and real-time communication with Enterprise Resource Platform and product life cycle management system to build a unique and integrated architecture
10. Leverage product configuration management to handle more options with less
RSS Feed