About
SPARC
DevSecOps
- Architecture Modernization Accelerator Workshop
Services
- Projects
- Contract Vehicles
UAS
Careers
- Career Opportunities
News
Contact

DevSecOps in the DoD

SERVICE
MESH

SERVICE MESH

The concept of a service mesh architecture is an inherently new one, at least in practice in a scaled production environment. The tools and technologies used to build service mesh architectures today are quickly evolving and there is still much disagreement in industry as to what are best practices vs anti-patterns in designing a service mesh architecture. SOLUTE is currently developing a service mesh for PMW 150. The service mesh provides dynamic service discovery which simplifies connectivity between individual services, mutual TLS encryption, an easier means for deploying and updating services, and an API gateway that serves as a front-facing entry point for external requests.

SOFTWARE
FACTORIES

SOFTWARE FACTORIES

The Navy is entering an era where speed to capability is a capability unto itself. Modern software development processes and architecture are increasingly optimized for speed which aligns well with the needs of the Navy. Commercial industry has seen success in adopting agile and lean methodologies, borrowed from other industries. A (somewhat) recent concept which has seen an increase in interest is the concept of a Software Factory. Software Factories attempt to move software development towards an assembly line construct where the process of developing software becomes more automated, predictable, efficient, and less costly.

SOLUTE has been participating in the NIWC PAC Collaborative Software Armory (CSA) and was part of the conception of the Compile to Combat in 24 (C2C24) Hours initiative. SOLUTE has been developing CANES Agile Core Services (ACS) under a Software Factory method, where ACS components are delivered to the factory as components for other systems like GCCS-M and DCGS-N Inc. 2 to consume.

SOLUTE’s commitment to agile software development, reusable components, intelligent automation, end-to-end security, and user engagement are the key enablers to a Software Factory and are implemented in almost all of our software development efforts.

INFRASTRUCTURE
AUTOMATION

INFRASTRUCTURE AUTOMATION

SOLUTE’s development process heavily relies on DevSecOps methodologies supported by CI/CD infrastructure. SOLUTE generally implements Immutable Infrastructure, Infrastructure as Code, and Configuration as Code concept all deployed to public / private / hybrid clouds (both hosted in the cloud or on-premise / afloat). Together these concepts allow us to handle development, testing, verification, certification, security engineering, and system updates / upgrades using the same processes. Since both the deployment and configuration of the infrastructure itself is automated along with the deployment of the software, changes to the software system and candidate update / upgrades to the system itself can be tested using the same pipeline.

IaaS /
PaaS

IaaS / PaaS

SOLUTE is a recognized leader in IaaS and PaaS design. This design focuses on resources that emphasize abstraction and deliver scalability. SOLUTE has successfully designed and delivered several prototype IaaS / PaaS solutions to the Navy and has researched and designed several afloat tactical compute architectures capable of supporting IaaS / PaaS solutions. SOLUTE automated the deployment of the ACS Platform as a Service (PaaS) solution by including manual deployment steps in the automated execution process for common core services, data ingest, data representation, data storage, data indexing, and data access to support applications leading to the deployment of data analytics capable of performing in Denied-Disconnected, Intermittent, Low (D-DIL) bandwidth environments across distributed Naval Forces afloat and ashore.

CONTINUOUS
ACCREDITATION

CONTINUOUS ACCREDITATION

SOLUTE’s approach to successful integration of cyber security concerns through the development process is to integrate cyber-related tools into the entire delivery process. SOLUTE enhances cyber resiliency through modern architecture, microservices, and DevSecOps automation. Security culture and security automation must be combined to attain a “Continuous ATO." SOLUTE has automated end-to-end STIGs, Static Code Analysis, and Vulnerability Assessment integrating security throughout the whole software development lifecycle. The process is agile, security focused, automated, and allows for rapid feedback from the end user community.

CONTINUOUS INTEGRATION /
CONTINUOUS DELIVERY

CI / CD

SOLUTE strongly believes in the DevSecOps methodology to software development and makes heavy use of CI/CD automation to implement DevSecOps concepts. SOLUTE’s view of Continuous Delivery is to treat the delivery pipeline as an assembly line that continually builds individual capabilities and then integrates them into larger systems. The pipeline is repeatable, instrumental, and places an emphasis on speed and quality, while containing security enforcement, testing, and validation at each step. The assembly line concept is a fundamental underpinning of a modern Software Factory. In an Agile, CI/CD setting, it is easier to directly and frequently measure actual outcomes instead of relying on proxy metrics (SLOC, test coverage, etc.) used in the previous waterfall model.

SOFTWARE
REFACTORING

REFACTORING

SOLUTE has performed significant refactoring on projects with 25+ years of legacy code developed in a large monolithic architecture. SOLUTE specializes in modernization, and as a result a large portion of the software projects that SOLUTE has performed on have been legacy in need of large-scale refactoring. Even in newly developed systems, operational requirements and technology change fast compared to the lifecycle of DoD system, requiring refactoring to keep the system relevant.

SOLUTE’s new capability development and refactoring efforts are heavily focused on building modular, reusable, containerized components. There is a current trend towards microservices (which SOLUTE is on the forefront of), but even when a microservice architecture is not required or warranted, the objective of developing reusable components as building blocks is still relevant. New capabilities are developed with this objective in mind. Service decomposition is a major focus when refactoring. DoD applications are historically large and monolithic. Services that could be otherwise common and reusable are mixed in with use case specific features, making re-use difficult. SOLUTE’s refactoring methodology identifies and remediates this situation by breaking up large services into cohesive reusable modules.

CLOUD
MIGRATION

CLOUD MIGRATION

The “migration to cloud” has generally improved the availability and consistency information by making data and services both location and platform independent. focuses on reducing the cost of computation, storage, and service delivery through positive economies of scale, virtualization, and massive parallelization. The hosted / centralized deployment model can increase agility and decrease maintenance cost by reducing the time to both deploy new services as well as upgrade existing ones. Applications, services, and data are deployed centrally and delivered to clients in an on-demand fashion. In this paradigm, system designers are free to determine the optimal mixture of local and remote processing and storage based on the unique requirements of a particular service and its users.

AGILE SOFTWARE
DEVELOPMENT

AGILE SOFTWARE DEVELOPMENT

SOLUTE is a full-fledged software development shop with over a decade of experience in agile software methodologies. SOLUTE’s formal development processes include Kanban, SCRUM, and the Scaled Agile Framework (SAFe). SOLUTE’s software development processes are CMMI Level-3 appraised and ISO 9001 certified demonstrating our commitment to the discipline and quality required in mission critical systems development.

SOLUTE is a Service-Disabled
Veteran-Owned Small Business
(SDVOSB) with a presence in many
major military areas.

SOLUTE – Headquarters
1660 Hotel Circle North
Suite 600
San Diego, CA 92108

Phone: 619-758-9900
Fax: 619-758-9910

About
SPARC
Services
Contract Vehicles
Projects
Careers
Contact

Developed By TinyFrog Technologies | Sitemap

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Reject

Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non-necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.

SAVE & ACCEPT