Adopting software strategies is part of homeland security

There is a lot of talk around Washington about how the military and aerospace sector will choose to spend its increased budget allocations for homeland security

Jul 1st, 2002

by Tony Stayner

"There is a lot of talk around Washington about how the military and aerospace sector will choose to spend its increased budget allocations for homeland security," says Victor Comras, a top homeland security adviser who led the U.S. State Department's Trade Control and Sanctions program for nearly a decade.

"From all accounts, defense agencies are gearing themselves toward making increased use of their existing resources and combining them with new, leading-edge technological acquisitions in view of protecting the country against the threat of terrorism."

The challenge at hand
This move — albeit the right one — creates a serious technological challenge for defense agencies and commercial organizations serving the military and aerospace sector.

The reason: such an approach requires these organizations to create inside their walls a smooth-running heterogeneous development environment where relatively old — or "legacy" — applications housed on mainframes extend to the client-server environments and even to the World Wide Web. Furthermore, existing client-server applications must now co-habit with new software developed concurrently on a wide range of platforms.

Exacerbating this challenge are the millions of lines of software code in new and old client-server applications that change daily across an entire enterprise. Development processes for these applications vary not only from project to project, but also from team to team.

Government and aerospace leaders must now juggle software revisions on an unprecedented scale. Organizations must also prepare to work with several different agencies and initiatives under the auspices of homeland security, interacting with related applications that must be developed, tested, and deployed in support of the war against terrorism.

Managing the sheer frequency of change has become mission critical because of the strain on existing resources, unprecedented complexity, and the increased risk of failure that the complexity itself creates. Analysts at the Gartner Group, an industry researcher in Stamford, Conn., note, "The immediate response to pressures will create a more complicated environment. Ignoring this problem understates the impact of more-complex software layers on increasing failures."

Today, producing homeland security-related solutions requires software developers to use a variety of authoring tools and integrate applications over a dispersed network of computer platforms, operating systems, database formats, and geographic locations.

The co-habitation of an increasing number of tools, platforms, and formats serves an organization well in many respects by expanding functionality to the users.

The downside, however, is a significant increase in the risk of inconsistencies, which can multiply implementation errors. If project leaders manage software poorly, changes can lead to inadvertent outage, pose inherent network drain and security risks, and impede success.

While a software crisis in the commercial sector can sometimes jeopardize sales and result in product recalls, a software glitch in the military and aerospace sector could potentially cost lives and abort missions.

Key solutions
This requires leaders of these organizations to rethink the way they approach configuration management and the practices anchored in their development environments.

Such re-thinking is not unique to military and aerospace projects, but these organizations' reliance on technology elevates the importance of improving the technology infrastructure.

In the past, many military and aerospace organizations approached configuration management by initiating pockets of activities. They then sustained development projects by managing changes within the limited parameters of each project. In some cases, experts managed these changes with paper-based systems. Even when they made a focused effort to capture the processes surrounding each project, they had no common enterprise change management (ECM) tools to ensure process improvement.

Today, change-management practices at the project level are no longer sufficient for military and aerospace organizations. Such implementations cannot grapple with the complexity of proliferating mission-critical applications and the exponential growth of changes associated with these applications.

Experts at the Meta Group, an information business consultancy in Stamford, Conn., echo the need for continuous improvement. Meta analysts assert that "availability-centric heterogeneous shops will have no choice but to extend [Software Change Management] to all platforms and applications," moving beyond project- or platform-specific solutions with limited scope.

There is an increasing need to shift the focus from the development project per se to the whole meaning the collection of development projects across an enterprise or an agency.

To accommodate this need, military and aerospace organizations ought to consider integrating the discipline of ECM into their best practices. ECM can provide an infrastructure robust enough to enforce common processes and consistent management of changes across the agency or enterprise.

The enterprise perspective is essential given that military and aerospace development and deployment spans all major operating platforms including Windows, UNIX, AS/400, LINUX, MPE/iX, and OS/390.

Tools of the trade
There are perhaps some advantages to having various ECM tools inside an organization. This approach would appear to be viable in that it decreases reliance on one particular vendor and encourages a healthy competition.

Having a common ECM solution in place can establish a consistent infrastructure for managing changes and increasing speed while protecting software assets and simplifying the challenge of collaboratively developing solutions that improve homeland security.

The reason lies in how such a common denominator can accelerate ways of working across the agency or the enterprise. Development teams can train on and use a single ECM solution, and resources can be deployed across several different projects with less 'ramp-up' time. Software assets are always protected, and an enterprise perspective means more development teams can access a broad range of source code components without increasing management complexity.

This allows software developers to move knowledge from project to project, thereby accelerating the speed at which they can deploy mission-critical applications to the battlefield and in other applications related to homeland security.

Portable knowledge goes hand in hand with increased productivity, which is what many military and aerospace organizations seek to make the best use of their resources and leverage their existing investments in their development infrastructure. Automating the process simplifies the knowledge transfer.

While ECM tools accelerate development and increase application protection, they also work behind the scenes to provide managers with a complete audit trail of all changes made to applications. A robust ECM solution should provide cross-platform documentation of why software engineers made changes, which engineers made the changes, and how long the engineers took to implement the changes. Having such information at their fingertips enables managers to re-evaluate processes and tweak them as necessary to remove obstacles to successful development.

Protecting homeland security
ECM increases data security by preventing unknown, 'rogue' changes to production applications.

ECM solutions prevent unauthorized access to software applications, thereby safeguarding software assets against unwanted changes from inadvertent or intentional action of insiders. ECM solutions that provide immediate change back out capabilities can restore applications and help keep downtime to a minimum.

In addition, ECM solutions help with disaster recovery. In fact, Meta Group analysts recently stated, "effective change control is the critical success factor in disaster recovery." ECM solutions answer critical questions like 'what changed?' in an outage situation, and ensure that recovery teams can work with the configurations they expect.

An advanced ECM solution also can help military and aerospace organizations automate the entire software lifecycle consistently across all platforms. ECM provides cross-platform data access and impact analysis - an essential consideration given that changes in a UNIX environment can now affect applications in mainframe environments, and vice versa. ECM also ensures that engineers can programmatically enforce and maintain links between applications built with dependencies across multiple platforms, such as user-facing front-ends built on NT or UNIX accessing mainframe data.

Furthermore, the enterprise level reporting available in an ECM solution enhances efficiency by enabling managers to analyze the results and performance everywhere in their development environments. Plus, it provides the means to senior defense officials and other top executives review the status of their enterprise software assets and to more easily adapt organizational strategies to the changing landscape of the war against terrorism.

Tony Stayner is Vice President of Serena Software, a global software and services company dedicated to providing customers in 84 percent of the Fortune 50 with quality Enterprise Change Management solutions. TStayner@serena.com, http://www.serena.com

More in Home