DOD wants to overhaul its software development by 2025

The Defense Department wants virtually all of its new software initiatives to use modern software development methodologies by 2025—but it has to untangle decades of legacy processes first.

"Nearly all of our processes push back on the idea of rapid delivery of small amounts of capability and production," said Peter Ranks, DOD's deputy CIO for information enterprise, during FCW's Cloud Summit June 17.

That's why DOD wants to build a "services ecosystem" that mimics commercial industry's software practices, said Ranks, who has been leading an effort to develop a security-focused DevSecOps reference plan this year.

"Commercially, if you're building software to put dots on a map, you call a service to access the map data, you call another service to get users to authenticate your application, you call another service to collect and aggregate data about user interactions with your platform," Ranks said.

"There are a lot of structural reasons why that kind of ecosystem doesn't blossom naturally inside a government agency where it is hard to get a budget for people to build boring back-office platforms," he said.

To help break that cycle, and eventually modernize 95% of software initiatives, Ranks said DOD is looking to reduce bureaucracy that may hinder technical capability, such as with the security accreditation process where a compliance-based approach is often used.

That also requires policy changes so teams focus on demonstrating agility through lease cycles, testing, and defect rates rather than the "meta work" of building software factories and platforms.