Defense tech leaders illuminated their plans for integrating military department cloud efforts — such as the Army Enterprise Cloud Management Agency’s (ECMA) cArmy, the Navy’s Neptune project and the Air Force’s Cloud One —with the Joint Warfighting Cloud Capability (JWCC) this week at TechNet Cyber 2023 in Baltimore.
This work is critical given the global shift toward a combination of kinetic and information warfare.
“The fight now is not just in person, it is an information and cyber domain fight,” said Lily Zeleke, deputy CIO for information enterprise at the Defense Department and one of the JWCC leads, during a panel Tuesday.
“Everyone needs to continue to migrate to the cloud, that's our objective, and to do the great things that we were talking about like DevSecOps and increasing our use of modern software practice to be able to bring to bear the futuristic capabilities that we need to do digital warfare,” she added in an on-site podcast interview with GovCIO Media & Research.
JWCC fills critical mission gaps
Cloud and software heads within the DOD Office of the Chief Information Officer (OCIO) said they expect JWCC to build upon the military departments’ ongoing cloud modernization initiatives, which launched during court battles over the award of JWCC’s failed predecessor, JEDI.
“JEDI was the right move at the right time,” DOD CIO John Sherman said during the opening keynote of the conference Wednesday. “The reason we pivoted to multi-cloud, multi-vendor approach is because it was the right time to do it. JWCC is not just a cloud contract, it’s an enterprise approach for how we’re going to do cloud at all three classification levels, from CONUS to the tactical edge. What’s unique about JWCC is we’re working directly with the cloud service providers (CSPs) and getting these capabilities online. What JWCC brings to the fight is an enterprise cloud capability we have not had that we need for many mission outcomes.”
The initial JEDI award greenlit cloud modernization for the military departments. The Departments of the Army, Air Force and Navy are continuing to build out their own cloud capabilities in-house and through various CSPs, but only for data and applications at the unclassified level.
JWCC will fill two important gaps for the military departments: cloud capabilities at the secret and top-secret classification levels, and cloud capabilities at the tactical edge. DOD cloud leaders also expect JWCC to provide structure and guidance for ongoing and future cloud initiatives for the military services and Fourth Estate.
“Cloud as a platform is a critical capability we need to optimize,” said Jane Rathbun, acting CIO for the Department of the Navy, during a panel at the conference Tuesday. “The Navy Information Superiority Vision mantra is the right information securely moved anywhere for the right reason. We need to think about the architecture of moving data, data first, at the speed of relevance to the need to optimize for the warfighter at the tactical edge.”
The military departments’ current cloud offerings also serve as a sandbox for how to securely build out new capabilities at higher classification levels.
“If we’re really focused on protecting data, how do I do the best job of protecting data with the best tools? That is the debate we’re having internal to the Navy. We’re doing some piloting in this arena demonstrating we can protect data in commercial environments and lower-level [classification] environments in the same way we would at a higher level,” Rathbun said.
Zeleke said the military departments “have a very solid, development cloud environment.”
“We’ve learned so much from what the military departments are doing with cloud,” she said during a panel Tuesday. “This is not our first initial cloud contract, so we’ve taken all the best practices and the gaps we have like tactical edge and we put it together to bring some goodness for the rest of the department. The workforce, that’s the biggest challenge in my view. It’s a cultural shift but we need to equip them to use cloud.”
Rob Vietmeyer, DOD’s chief software officer, said extending cloud to the tactical edge requires edge computing, which is one of his software development priorities for the cloud.
“How do we how do we extend and what today is primarily a CONUS-based cloud infrastructure with a few edge nodes that the military departments have been bringing out themselves, and how do we move the enterprise out to the edge out to the battle space to provide a more resilient infrastructure, more responsive infrastructure, and give us data processing and AI capabilities directly within theater?” he said during an on-site podcast interview with GovCIO Media & Research. “That's that a big step that we're working on.”
How software factories play a role
Software factories will play a significant role in building out JWCC. Vietmeyer described them as “next-generation systems” providing a “quick feedback loop” between development and operations to move software applications to a cloud environment enabled with zero trust and artificial intelligence (AI).
The Cloud One software factory has migrated 100 applications to the cloud and is ready to migrate another 200 this year, Venice Goodwine, director of enterprise IT for the DAF, said during a Tuesday panel.
“We've typically have built and funded systems by themselves and now that we're finding we can build common platforms that can support multiple applications and the platform or factory can become a product in and of itself,” Vietmeyer said. “The speed of application delivery is giving us a model for delivering everything from AI to zero trust. If I had to [apply] zero trust [to] every system in the department today, that's an impossible task, but if we can have infrastructure platforms that we can [have] zero trust enabled in all of the applications that reside on top of them and inherit all of those controls… this is now giving us a viable approach to how do we actually move the department forward.”
The applications aren’t just widgets to improve workflows — software factories are breathing new life into older weapons systems, such as the B-52 bomber and the F-15 and F-16 tactical fighter aircraft.
“They're incorporating model-based system engineering approaches, digital twins, and so you can start to see these pipelines become more and more tailored to the particular weapon system and, and that's only accelerating their ability to continuously update those platforms to get new life out of platforms that quite frankly many of them older than I am, that are still operating and they're continuing to now drive continuous new capabilities,” Vietmeyer said.
Vietmeyer and Zeleke hope to see more software factories launch across the DOD ecosystem, per the department’s software modernization strategy. Vietmeyer said DOD doesn’t have enough software factories yet but that the department is entering an “expansionary” phase.
“I always say how many software factories? As many as you need to do the mission,” Zeleke added.
Because the software factories have been so successful deploying new applications for the DOD cloud environment, some are beginning to become overloaded, which slows product delivery timelines and defeats the point of the software factory. This is why DOD needs more, Zeleke said.
Sherman signaled support for software factories and highlighted their work as critical to the future of defense IT in his keynote Wednesday.
“We need to be clearing the obstacles that have held back a very, very forward leaning workforce that have had the vision on what we need to do on DevSecOps, agile software development, with the many software factories we have across military services and elsewhere,” he said. “How do we rationalize this and how to lead from our CIO and seek clarity, set the standards, make sure we have an environment where software agile development can really happen at scale. And that's what this is really about, setting standards on things like containerization, looking at how we're going to leverage our enterprise cloud capability, working with the software factories, and making sure we have the right mix.”