• Technika
  • Elektrické zařízení
  • Materiálový průmysl
  • Digitální život
  • Zásady ochrany osobních údajů
  • Ó jméno
Umístění: Domov / Technika / For Army DevSecOps trainees, emotional intelligence, teamwork more important than coding skills

For Army DevSecOps trainees, emotional intelligence, teamwork more important than coding skills

techserving |
2107

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

Calling the Army’s Software Factory a software factory actually is a misnomer. The service isn’t building software. It’s building soldiers’ and civilians’ skillsets so they can build software.

Yes, in the end, the Army receives modern software tools to help the warfighter, but this is not your typical DevSecOps workshop.

Hannah Hunt, the chief product and innovation officer for the Army Software Factory, said her office is focused on upskilling and training soldiers and civilians so they can go back to their units and use these skills to create a cadre of software development experts.

Federal News Network's Cyber Industry Exchange: Where does cybersecurity end and physical security begin for federal agencies? Find out at Federal News Network’s Industry Exchange: Cyber.

“Every six months, we bring in 30 soldiers and civilians and go through a technology accelerator and gain efficiency and proficiency in product management, user experience and user interface (UX/UI) design, platform engineering and software engineering,” Hunt said on Ask the CIO. “From a DevSecOps perspective, you need both the product teams themselves as well as your underlying continuous integration, continuous delivery (CI/CD) pipelines, your platform-as-a-service offering to ensure that those applications that the soldiers are delivering get into the hands of users. We own that entire lifecycle, which makes it really easy for us to quickly iterate and deliver software to our user base.”

After six months of intensive training, the 30 students, who are on a three-year assignment with the software factory, are paired with experienced developers and assigned to a project.

Hunt said the goal is to give these students a basic set of skills and then have them continue to learn by gaining real-life experiences.

“Once they finish their training, they’re paired with a Silicon Valley expert, and it’s very much a train-the-trainer model. They are sitting day-to-day with the Silicon Valley experts, learning the skills that are needed by your typical Silicon Valley product manager or designer engineer,” she said. “Eventually, once they have that level of proficiency, they can start to train other soldiers that come in and subsequent cohorts. It builds a model that is self-sustaining over three-to-five years.”

Six month training program

The Army, which set up the organization in July 2020, has sent the first cohort through the program, the second set of 30 students finished their initial six months of training in December and a third group began training in January. Hunt said the goal is to continue to bring in cohorts every six months for the foreseeable future.

For Army DevSecOps trainees, emotional intelligence, teamwork more important than coding skills

“What’s really great about our recruitment and hiring process is we bring in a large, diverse group. We are rank and military occupational specialty (MOS) agnostic, which means you can be in any career field and in any rank as long as you have the right attitude and a willingness to learn,” she said. “In cohort one, we have everybody from a private first class up to a captain. In cohort two, we have everybody from a specialist to a major. They also come from a variety of skillsets. We have medics and maintenance technicians that have become platform and software engineers. It’s really wonderful to see a very diverse skillset of people that is really an untapped talent in the Army who are interested in doing these things or did them in their spare time and want to be able to use those skills to support their force.”

The Army found the program popular from the beginning. Hunt said her office received between 250 and 300 applications per cohort.

She said good candidates aren’t necessarily those folks who have coding experience or come from the signal intelligence field, but students who demonstrate a level of emotional intelligence and teamwork. Hunt said having that aptitude can make or break a development team.

Read more: Ask the CIO

Projects come from crowdsourcing

The first cohort is working on projects that come from ideas or needs of others units or commands in the Army. Hunt said for the first cohort, the software factory received 30 project submissions. For the second one, they received 80 project ideas so word is getting out about the work the factory is doing.

The first cohort was placed in teams of 10—five students and five experts—or as Hunt called them the two-pizza team model, and are working on five projects.

“They are working on ‘This is my squad’ initiative through the Sergeant Major of the Army. That application is in production already and they have a user base at Fort Hood,” she said. “We are working on an application to improve the mobility common operating picture tour of duty website, which is how reservists and guardsmen apply for active duty jobs. Right now, it’s very clunky behind a DoD firewall, and you need a NIPRnet computer in order to access it. We want to make that a little bit more accessible and provide a better user experience. We are working on improving and optimizing the preventative maintenance checks and services checklists and services process, which exists for any unit that needs to do maintenance checks. Right now that’s all done on paper. You fill out a form, and somebody has to upload that information to the enterprise system for it to be actually be counted. We want to make that accessible on a soldier’s phone and make that easier for them. We are working with the 25th Infantry Division on improving their land utilization and land optimization because the island of Hawaii has very limited amount of land for like training and resources. And we’re working with the joint program executive office for armaments and ammunitions on automating the build out of ad hoc ammo supply points.”

Hunt said for each of these projects, the soldiers and civilians will learn and apply those lessons to the next project, and the software factory will do the same for each cohort and each application the teams develop.

“We took that feedback and integrated it into the training that we offer and ensuring that cohort two has those building blocks in places that when they move to a product team, they’ve already got that skills that maybe cohort one had to learn along the way or learn,” she said.. “As we scope and identify problems that we’re going to be working on, we think about viability and longevity of the software factory. We want to make sure that we’re not just working on business systems, which are important, but also tactically focused products that really do bring software factories to that other level of being able to demonstrate we are at the future front of the battlefield. We are focusing on those things that make us really successful. There’s a bunch of other things we’re learning about how to do security more effectively, automating as much as we can and some of the more nuts and bolts of development. But that’s the whole point of an organization to be able to take lessons learned, do post-mortems, understand what could be improved and then implement that.”

Hunt said Army Software Factory launched its fifth application in late January using the DevSecOps playbook codified in the Army.

“The process itself is that we have security advocates and evangelists whose sole job is to enable the success of the application teams to understand what security controls they need to maintain in order to go to production,” Hunt said at the recent ATARC DevSecOps summit. “There is this very tight feedback group with security, they understand what needs to be built and they are developers by trade with a security mindset so they know what needs to be built to be secure. They are called application security validation engineers to ensure teams can rapidly iterate with their users and are able to rapidly push to production as long as they meet certain security guardrails as they go through CI/CD pipeline.”

Want to stay up to date with the latest federal news and information from all your devices? Download the revamped Federal News Network app