Keeping software development afloat at the U.S. Navy has its own set of challenges, but Black Pearl is the service's newest ship working to take that modernization to the next level.
The Defense Department has dozens of software factories that are playing large roles in implementing DevSecOps culture across the enterprise. But as Black Pearl says, it's more than that — calling itself a "software practice." This means the team is building the workforce from platform to development to move the Naval enterprise’s technology forward.
In the beginning there were procedural and technical obstacles when coming to a consensus of how Black Pearl wanted to approach DevSecOps software modernization for a large enterprise like the Navy including tooling choices, getting things built to deploy the cloud and trying to build a truly secure platform, Black Pearl Chief Engineer Manuel Gauto told GovCIO Media & Research.
“We had to work through some of the compliance and accreditation concerns that come with working in the DOD, which is where we spend most of our efforts over the initial parts of Black Pearl," Gauto said of Black Pearl's founding only a year ago. “Getting the contract in place, getting accredited and working through some of the procedural issues of offering a solution that will work for the [Department of the Navy] quickly.”
False starts are one of the biggest software development challenges the Navy is facing right now.
According to Gauto, the main thesis behind Black Pearl was how to commoditize all of the things that need to happen at the beginning like spinning up a development environment and putting together integrations between different tools to enable CI/CD pipelines.
“We’re hoping to commoditize all of that tooling, and that way people can skip that step and focus on what DevSecOps and modern software development look like in the context of my program — whether that’s undersea, surface or airborne,”Gauto said. “We’re really trying to make sure people can focus directly on their mission rather than having to solve a more general problem that’s outside of their expertise.”
Black Pearl has enabled the Navy to improve sharing data securely thanks to one key partnership.
“GitLab provides source code management, artifact management and collaboration pieces. We’re bringing in real-time chat functionality to enable chat across both contracting community and the government because flank speed isn’t available as readily in the DOD," Gauto said.
Gauto also talked about bulk data management for things like artificial intelligence and machine learning, and building data lakes and connecting sensor networks together.
“What we’re tackling now is, how do we take what we’ve built so far and the tool kit we have and enable mission data to be shared more readily between the operators and people who are more shoreside trying to figure out how to operate more effectively?” Gauto said.
Black Pearl is also assisting the Navy in transforming those business processes to ensure agility is baked into every step of software procurement.
Gauto said Black Pearl has been working to come up with a common language to enable contracting officials to effectively procure the services they need to modernize their programs.
“We’re still trying to figure out how do we acquire these services and how does the government effectively manage them to make sure they’re applied in a way that will lead to the results that everyone wants,” Gauto said. “We’ve been trying to use Black Pearl itself as an example of how to rapidly stand up an organization, how you can procure services, how you can promulgate it through the community and how you can maintain something like that in the long term.”
Meanwhile, Kessel Run’s chaos engineering practices have also played a role in how Black Pearl is boosting software development within the department.
“We’ve used the work that Kessel Run has done both in terms of their playbooks and the technology they’ve had, and we’re packaging it up into tooling and approaches that are tailored to the department and more refined for the DOD as a whole, and then turning around and offering it to the community so they can readily consume it and apply it to their specific program,” Gauto said.
There’s a much larger community that will try and take advantage of lessons learned at Kessel Run, noted GitLab Public Sector Vice President Bob Stevens. The Armed Services Committee has recommended that the General Services Administration (GSA) evaluate what Kessel Run has done for use across all civilian agencies — so much broader than the DOD.
“In regard to Black Pearl, everything they’re doing is very forward leaning, and it’s fun to be a part of it because we’re seeing them do things that other organizations haven’t been able to accomplish within DOD," Stevens said.
Gauto thinks the key to success for things like Black Pearl and Kessel Run is collaboration both within traditional DOD and bringing in external expertise.
“Another thing we’re trying to show with Black Pearl is how closely government can work with contractors and vendors to build something that really does help and really can change the way things are done,” Gauto said. “It can be daunting sometimes to look at the challenges that DOD faces, and it’s easy to lose hope so it’s important to realize how important everyone working together can be to actually make a difference.”