DEFENSE IT

Forge.mil key part of DISA's net-centric strategy

Military developers need network-centered collaborative approach, too

In the Defense Department's vision of net-centric operations, the different parts of each military service can work together for a speedier and more thorough response. The data network ties all the separate parties together.

By embracing the ideals of community development, the Defense Information Systems Agency's recently unveiled Forge.mil repository fits perfectly into the net-centric operations, noted Forge.Mil's project director, Rob Vietmeyer, speaking in an e-seminar about the respository.

"Developers need a net-centric development environment," Vietmeyer said. The traditional military acquisition process is not well-suited for how software gets developed today, where large applications are developed in isolation, he added.

DISA held the e-seminar last month, in conjunction with software development tool vendor CollabNet and federal IT integrator Carahsoft Technology Corp. A recording of the event was posted last week.

The Defense Information Technology Contracting Office (DITCO) awarded a blanket-purchase agreement for CollabNet to provide software and services for Forge.mil.

While DISA's Net-Centric Enterprise Services provides a central location for the service to draw upon enterprise and infrastructure applications, so too can Forge.mil serve as a central hub for the development of such software, Vietmeyer noted.

A development team could store the nightly-builds of a software project in Forge.Mil, and then, to test their code, contract with DISA to upload an image of the application image and supporting operating system to the Rapid Access Computing Environment, for live testing.

The Forge.Mil model of a collaborative repository is based on the giant repository of open-source software, SourceForge, which developers have used to store and manage the code for open source software projects.

The project leaders are encouraging those military services or supporting contractors who are developing applications for the military to use Forge.Mil as the development environment. By offering this environment as a network-based service, it eliminates the need for the developers to set up their own environments, which, especially if the participants are geographically dispersed, can be a complicated endeavor.

Also, by hosting projects as open-source, outside contributors could also participate, which means the software could be built more quickly and with more robustness.

As an open repository, Forge.mil could cut down on duplication of effort, as services could check to see if a component has already been developed elsewhere before commissioning it anew, Vietmeyer noted. The services could focus on developing components, rather than entire systems, each component could be fielded at its own pace, without holding up progress of any given system as a whole.

The repository could also hold software code that was developed for the government, and could be reused by government as per the original licensing agreement. A lot of software is available for reuse, but tends not to be used because agencies do not know it is available.

Forge.mil is actually comprised of a number of different elements, each dealing with some aspect of the development process.

SoftwareForge is the repository for public projects. ProjectForge will hold the application life cycle management tools, such as version control and bug-tracking, which can be used a service by other services for a fee. CertificationForge will provide a workflow process for certifying applications in Common Criteria or other government certification programs. TestForge will provide an on-demand testing environment for trying out new applications and StandardsForge will provide a central meeting place for different service efforts to interact with standards bodies.

Thus far, SoftwareForge seems to be furthest along. Earlier this week, DISA announced that was opened for unclassified military projects.

Right now, all the projects on SoftwareForge can be viewed by outside parties. The team deliberately disabled the feature to make projects private, in hopes of inviting greater collaboration. Closed projects will eventually be housed in another section of Forge.mil, to run on the Secret Internet Protocol Router Network (SIPRNet), explained Forge.mil community manager Guy Martin, who also spoke at the e-seminar. Martin is an employee of CollabNet.

To access the site, participants will need either a military issued Common Access Card, or be sponsored by someone with the Defense Department. Each project will have two levels of participants: All project members can access the code and submit changes. Only a subset of the project team, called committers, will be able to merge changes into an existing code base.

Each potential SoftwareForge project will go through a review process, Martin said. The review committee specifically wants to ensure that any new projects are not duplications of other projects, or have forked off from an existing project.

Only a few months into the beta phase, Forge.mil already has 60 projects and about 1,300 registered users. Projects are under way to build a secured version of Solaris, a Common Access Card module for Linux computers, and a reference implementation of the NCES.

Slides from the talk are available here.

Reader Comments

Thu, Apr 23, 2009 Herndon, VA

Try to go to https://forge.mil and you will be told that the certificate is only valid for www.forge.mil. You have to override the security warning message to go to the site. (You get different info from IE and Firefox, but they both say the certificate is bad.) This is just another case for saying "government security" is an oxymoron.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above