Software's role in homeland security

One way to advance the country's goals in homeland security is by taking full advantage of U.S. national defense software assets via a standardized development infrastructure

Nov 1st, 2002

by Tony Stayner

Military and defense agencies need to be aware that their software assets can be some of their greatest and most valuable weapons in winning the war against terrorism," says Victor Comras, a top homeland security consultant who led the State Department's Trade Control and Sanctions program for nearly a decade.

To this end, senior officials, buyers, and information technology personnel working in all branches of the military and defense-related agencies would do well to take the time now to learn more about how enterprise change management (ECM) solutions can be put to the task of achieving just that.

What is ECM?

The discipline of ECM provides the infrastructure defense agencies need to manage, from a single point of control, code and web content changes produced on mainframe, distributed systems, and web-based platforms.

This discipline allows developers to perform source-code management, change approvals, build and release management, and distribution. One of the most important aspects of ECM is its ability to help users automate processes, and continuously improve processes, which are necessary to comply with the Software Engineering Institute Capability Maturity Model (CMM).

This capability helps military and defense-related agencies manage the huge volume of daily changes to maintain existing software and to build new homeland security applications.

ECM is not new. Today, many defense organizations operate off-the-shelf tools to manage their changes at the project level. The inability of these tools to talk to one another hinders the ability of development environments inside a defense organization to collaborate effectively, to use common development processes, and to re-use code, objects, and components across projects.

The reason: while these different tools permit developers to implement software development tasks such as source management, build and release management, distribution, and process management, they enforce different processes at the project level. So, it becomes a real challenge for teams working across projects, and with different tools, to develop enterprise-wide software in a consistent manner.

This lack of consistency — when it is coupled with the lack of automation in the development environment — fosters many hardships for the development teams. The results of these inconsistencies include redundant tasks, inability to cooperate effectively on building libraries of software for re-use, more hardware needed on each project, and greater need for training developers when they move to different projects operating under different tools.

Despite these inconsistencies, many defense organizations are reluctant to do away with the investment they have already made in ECM or change management tools.

So, it is no wonder that many defense organizations face a common dilemma of what to do with the many change management tools they already have in place, and how to promote consistency in software development across the board to minimize risks and achieve a high return on investment.

It is important to promote consistency in software development to achieve homeland security goals.

For instance, a defense organization must have consistent and common processes to grant authorized access to software assets. Without such guidelines in place, it is difficult for the defense organization to operate coherent development environments and to enforce common rules for granting approvals for software changes.

Hence, there are advantages for the defense organization to implement a common ECM solution across teams and projects.

Using a common ECM solution allows the defense organization to promote standardization in software development across the board in several ways. First, it allows users to consolidate hardware for ECM purpose, leading to huge savings. Then ECM reduces the need for training as software engineers already know the ECM tool in use across projects of the defense organization. Next, ECM promotes common processes and increases the security associated with safeguarding software assets. And finally, ECM empowers the defense organization to establish a library of software re-use. As a result, developers do not have to re-invent the wheel each time they develop software. This factor alone can produce savings for the in the millions of dollars over time.

Along these lines, a recent report produced by the Yankee Group shows how a particular advanced ECM solution is now helping many organizations to realize a 28 percent reduction in application downtime, a 23 percent improvement in time to market, and an 18 percent reduction in hard development costs. Thus, defense organizations can potentially reap similar benefits by adopting an enterprise-wide focus to implementing ECM.

It is possible to achieve these savings because today's advanced ECM tools greatly speed the development efforts in many important ways. For example, such technology can help software engineers implement concurrent file checkout. This capability helps resolve conflicts and discrepancies when two or more developers are collaborating on the same project.

These ECM tools also can help developers compare and merge their files, which can prevent the kinds of costly code over-writes that happen when developers are unaware that they are overwriting each other's code. While performing development tasks on the same projects, developers also are able to review how their code changes would influence the other areas of the application. This makes it possible for users to anticipate and avert crises.

ECM technology also enables users to track their software assets, which can help provide important information to software auditors.

Moreover, advanced ECM technology minimizes risk of mishap because it enables users to extend their mainframe, distributed, and web-based applications to the Internet through one point of control by linking the changes developed concurrently and in parallel on multiple platforms in an integrated way. This ensures the production of complete software and Web content releases, thereby promoting high quality across the board.

Defense organizations can learn more about ECM by conducting Internet searches on the words "enterprise change management," "Change Management," "Software Change Management," and "Configuration Management."

Next defense agencies may want to conduct a tools evaluation against their changing criteria and new homeland security goals. In talking with vendors, users must examine what path these vendors provide for ECM tools integration. This strategic approach will enable users to leverage and optimize their current investments in ECM technology.

The next steps will be to conduct a pilot project and to analyze the aspects of tools integration. After taking these steps, the defense organization will be ready to implement a rollout on a project-basis with an enterprise-wide focus.

It will be important to keep track of the metrics along the way to document continuous process improvements and comply with the Software Institute Engineering Capability Maturity Model levels.

During deployment it will be crucial to explain to the software engineering groups the importance of a standardized ECM infrastructure. Doing so will greatly facilitate the adoption of this common approach across teams and projects.

Tony Stayner is Vice President of SERENA Software Inc., which supports 84 percent of the Fortune 50 with enterprise change management solutions. For more information contact Stayner by e-mail at, or on the World Wide Web at

More in Home