Since the introduction of the concept of Tactical Data Links, and later through the Network Based Defence or Net-Centric Operations, the ability to connect different assets via networks, and securely and dependably act in this system of systems, has been one of the most critical aspects of systems thinking. Over recent years, an ever increasing pressure on all assets in the cyber domain has forced substantial shifts in the approach to securing equipment, from a unilateral focus on thorough evaluation and accreditation to a balanced approach with monitoring a substantial number of sources, searching for newly identified vulnerabilities in 3rd party software that is included in the system and an ability to fix these in a shorter time than an antagonist could exploit the defects. This shift requires dramatically shortened turnaround times from development to deployment and operation of the software.
At the same time, software based industry as a whole is identifying new and more agile ways to address general needs of speed and efficiency. Globally distributed development organizations is becoming the norm, open source software becomes increasingly important as components of any major, software-intensive system, and increasing amounts of software comes online in 24×7 availability requirements.
All these circumstances drive the Aerospace and Defence software industries to look to DevOps methods for the development, deployment and operation of software intensive systems. The special restrictions that apply in this industry, with nation-state cyber threats and national and international legislation regarding export control etc., drive the requirements in DevOps to their limits, and often beyond – a problem that could – and should – be addressed through systematic research, such as in the IoD project.
The primary problem owner in this category is SAAB.