Michigan Department of Technology, Management and Budget’s Post

“After industry pushback on the US Army’s newest solicitation under its software directive policy, Army acquisition officials say they are revising their plan.” Here’s a way to accelerate modernization while putting the brakes on disruption and complexity. As Carley Welch and Sydney Freedberg recently reported in Breaking Defense, while the Army is modifying its new software directive, “officials want industry to come to grips with a reality: that the final proposal request is not going to satisfy everyone.” “’We got a lot of feedback, most of it quite positive…a relatively small number thought otherwise,’ said Douglas B. (Bush), Assistant Secretary of the Army for Acquisition, Logistics and Technology. “’It’s not a simple world of cost-plus versus fixed price there. Those are ends of a spectrum. In between those things lie a vast array of hybrid approaches,’ Bush added…’There will be times when a cost type contract of some flavor is the appropriate thing to use to protect the government’s interest...This is the American people’s money. Our contracting approaches are gaged to both achieve the capability, but also make sure funding is not wasted.’” Jennifer Swanson, chief systems engineer for the Army’s acquisition office, added that the Army is experimenting with ways of modernizing software development contracts to optimize the pricing model. “’The reason we’re doing that is so that we are able to consider all solutions that are out there. There may be a commercial solution we’re not aware of, and so this would allow a company to bring that forward with a, say, firm fixed price contract type that would make sense for a commercial solution, as opposed to what we traditionally do…This would just allow us to get more competition and more insight on what’s out there.’” A Digital Experience Platform (DXP) approach could help by enabling custom solution development without modifying commercial software code or developing from scratch. By separating the front-end user experience from back-end IT infrastructure complexity, a DXP enables rapid, agile, iterative development. And by reducing both time to modernization and commercial software licensing costs, it increases value to the Army and stretches funding. It’s a tested and proven approach. Over the past decade, we’ve implemented solutions for the Army JLTV, EITaaS, CHS, and National Guard as well as the Missile Defense Agency, the Defense Information Systems Agency, the Defense Innovation Unit (DIU) and others. #Army #DoD #modernization #digitaltransformation #DevSecOps

In the landscape of software modernization within the DoD, the Army's recent shift in approach underscores a fundamental reimagining of sustainment and development practices. By challenging entrenched processes and embracing a continuous integration/continuous delivery (CI/CD) model, the Army is poised to revolutionize its software acquisition paradigm. The decision to keep programs under research, development, test, and evaluation (RDT&E) funding, rather than transitioning to sustainment, represents a pivotal milestone in enabling true development over the long term. This innovative roadmap not only affords program managers greater flexibility in resource allocation but also fosters a culture of agility and adaptability essential for navigating the complexities of modern warfare. As the Army embarks on this transformative journey, collaboration with industry partners becomes imperative to harness cutting-edge technologies and methodologies. Together, we can surmount the challenges, accelerate progress, and chart a course towards a future where software solutions drive mission success and enhance national security. Invitation to Industry: CRG’s expertise in software & hardware solutions, coupled with our deep understanding of DoD requirements, positions us as a trusted partner in navigating the evolving landscape of defense acquisition. CRG’s seasoned SMEs and dedicated teams excel in providing comprehensive pre- and post-award support, from BD/Capture to program execution and beyond. With innovative solutions tailored to meet the evolving needs of the defense sector, we are here to guide you every step of the way. Visit https://crgroupinc.com/ or reach out to us at [email protected] to learn more about how CRG can empower your organization to make a meaningful impact in advancing national interests. Certainly, here are dozens of hashtags tailored to attract US Military (USMIL)/Department of Defense (DoD), federal agencies, industry, and Government Contractors (GovCons) solutions providers: #USMilitary #DoD #DefenseTech #FederalAgencies #GovTech #DoD #DIB #IndustrySolutions #GovCon #DefenseIndustry #MilitaryInnovation #IndustryCollaboration #DefenseContracts #FederalTech #DefenseAcquisition #MilitaryModernization #USGovContracts #DefenseTechnology #FederalInnovation #IndustryInnovation #MilitaryTech #DoDTech #GovTechServices #IndustryInsights #USGovInnovation #FederalProcurement #DefenseIntegration #GovernmentContracts #IndustryCollaboration #DefenseConsulting #FederalContracts #MilitarySolutions #DoDInnovation #DefenseSupport #MilitaryDevelopment #MilitaryProcurement #DoDConsulting #USGovContracts #DefenseCollaboration #FederalInnovation #MilitarySupport #DoDInnovation #DefenseSolutions #FederalTechSupport #MilitaryTechnology #DefenseExperts #FederalTechInnovation #GovConGrowth

Software Define Tactics- Another call for the DoD to overhaul its approach to software 💻 🚀 👨🚀 https://lnkd.in/g9dB9xGg Halsey Burks shared this with me a few months ago. The paper is long, but two main points jump out. “Software is made by people and for people, so digital talent matters.” This is drawn from the 2018 NDAA, and similar verbiage continues in subsequent NDAAs. The DoD and Congress recognize the need to build organic digital talent. The world has shifted and is now dominated by rapidly evolving capabilities through software. Having a tech-oriented military is the only way to keep pace with the evolution of 21st-century warfare. Whether it's natively developed applications, internal modifications to software across the force, or being able to interface at a working level with the engineers on contract, the US military is in a vast talent hole. Second, software delivery needs to be faster. When a warfighter needs something changed in the cockpit, ship, or tank, it needs to happen at the speed of relevancy. “Speed and Cycle time are the most important metrics for managing software.” Currently, the DoD measures cycle time in years for almost every system we have. Years. Fast, modern companies deploy updates to code many times per day. The military is far from that but shows signs of changing the paradigm. Those instances, unfortunately, are the rare exception and not the rule. The DoD has a long way to go. The stakes could not be higher. Ryan Moore Bala Selvam Sam Amedia Cathleen Rush, PMP #DoD #digitaltransformation #militaryinnovation

My issue with the process is not the process but with the manning due to the budget for IT/Cybersec in the DOD space; that’s what’s holding up the process. They really need to invest in their people as much as their acquisitions . Turnover in cybersec in the fed space is like McDonalds … nobody cares about the customer when you can easily find better pay elsewhere and for less work, so you get uncommitted workers with hangry customers. All of my hold-ups on every single ATO were literally due to lack of manning/filled positions for MONTHS. I have spent more time fixing than maintaining and next to 0 on innovating. But the problem solver in me continues to get its fix by finding work arounds so I continue to hit up my “dealer”.

Great news! You cannot do modern day CI/CD in a 1990s JCIDS world (even though CI/CD dates back to the early 90s). Army changing the color of money used to modernize software By Federal News Network; 14 May 2024 Margaret Boatner is the deputy assistant secretary of the Army for strategy and acquisition reform, said one of the main tenets of the policy signed by Army Secretary Christine Wormuth in March is to reform several legacy processes that is keeping the service from adopting modern software development approaches. “We are targeting a couple of really key processes like our test and evaluation processes, and importantly, our cybersecurity processes. We really are trying to modernize and streamline those as well as changing the way we think about sustainment because software is really never done. We really have to retrain ourselves to think about and to acknowledge the fact that software really needs to stay in development all the time,” Boatner said in an exclusive interview with Federal News Network. https://lnkd.in/eND_yday

A summary and comparison of ACME and SPIFFE: "Pre-assigned Identifiers: ACME assumes that the identifier (like a domain name) is pre-assigned and focuses on validating control over this identifier." "Attestation: Unlike ACME, attestation is a core component in SPIFFE, enabling robust multi-factor authentication (MFA) for workloads based on what is running and where it is running." "While both ACME and SPIFFE are used for certificate management, they cater to different scenarios and can complement each other effectively. ACME is ideal for static environments where identifiers are pre-allocated, focusing on certificate lifecycle management for issuing, renewing, and revoking certificates. It excels in managing the lifecycle of certificates for web servers and other relatively static resources. On the other hand, SPIFFE excels in dynamic, high-scale environments, emphasizing credential lifecycle management with flexible and robust authentication and authorization through dynamic identifiers and attestation. SPIFFE is designed for modern, cloud-native architectures where workloads are ephemeral, and identifiers need to be dynamically issued and managed. " https://lnkd.in/gRvhyf8x by Ryan Hurst

5XX vs 4XX In the context of building resilient APIs, the decision to return either 5xx or 4xx status codes depends on the nature of the error encountered during the processing of a client's request. Here's a general guideline:- 01. 5xx Server Errors:   - These errors indicate that the server encountered an unexpected condition that prevented it from fulfilling the request.   - Examples include:     - 500 Internal Server Error: This is a generic error message, usually returned when an unexpected condition was encountered and no more specific message is suitable.     - 502 Bad Gateway: This is often returned by reverse proxies and indicates that the server, while acting as a gateway or proxy, received an invalid response from an inbound server it accessed while attempting to fulfill the request.     - 503 Service Unavailable: This indicates that the server is currently unable to handle the request due to temporary overloading or maintenance of the server. 02. 4xx Client Errors:   - These errors occur when the client seems to have made a mistake with the request.   - Examples include:     - 400 Bad Request: This indicates that the server could not understand the request due to invalid syntax.     - 401 Unauthorized: This indicates that the request has not been applied because it lacks valid authentication credentials for the target resource.     - 404 Not Found: This indicates that the server has not found anything matching the Request-URI (Uniform Resource Identifier). Conclusion is, return a 5xx error when the server encounters an issue beyond the client's control, and return a 4xx error when the client's request is incorrect or cannot be fulfilled due to client-side issues. It's essential to provide meaningful error messages along with these status codes to help clients understand and resolve the issues they encounter. #apidevelopment #performance #restapi #applicationprogramminginterfaces

Check out what's new in #OpenText LoadRunner Enterprise. #DevOps #SmarterWithOpenText

Check out what's new in #OpenText LoadRunner Enterprise. #DevOps #SmarterWithOpenText

🚨 Legacy Software: Upgrade or Get Left Behind ⏳ Is your outdated software slowing down your business and exposing you to security risks? It’s time to modernize! Stay competitive and secure with updated systems. Learn how CloudLions can help you upgrade and streamline your legacy software. ⚙️ 👉 Read more: https://lnkd.in/e4k-bHs4