CRITICAL CODE

SOFTWARE PRODUCIBILITY FOR DEFENSE

Committee for Advancing Software-Intensive Systems Producibility

Computer Science and Telecommunications Board

Division on Engineering and Physical Sciences

NATIONAL RESEARCH COUNCIL
OF THE NATIONAL ACADEMIES

THE NATIONAL ACADEMIES PRESS

Washington, D.C.
www.nap.edu



The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement



Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.

OCR for page R1
Committee for Advancing Software-Intensive Systems Producibility Computer Science and Telecommunications Board Division on Engineering and Physical Sciences

OCR for page R1
THE NATIONAL ACADEMIES PRESS 500 Fifth Street, N.W. Washington, DC 20001 NOTICE: The project that is the subject of this report was approved by the Governing Board of the National Research Council, whose members are drawn from the councils of the National Academy of Sciences, the National Academy of Engineering, and the Institute of Medicine. The members of the committee responsible for the report were chosen for their special competences and with regard for appropriate balance. Support for this project was provided by the Office of the Secretary of Defense, Department of Defense, with assistance from the National Science Foundation under sponsor award number CNS-0541636 and by the Office of Naval Research under sponsor award number N00014-04-1-0736. Any opinions expressed in this material are those of the authors and do not necessarily reflect the views of the agencies and organizations that provided support for the project. International Standard Book Number-13: 978-0-309-15948-7 International Standard Book Number-10: 0-309-15948-2 Additional copies of this report are available from the National Academies Press, 500 Fifth Street, N.W., Lockbox 285, Washington, DC 20055; (800) 624-6242 or (202) 334-3313 (in the Washington metropolitan area); Internet, http://www.nap.edu. Copyright 2010 by the National Academy of Sciences. All rights reserved. Printed in the United States of America

OCR for page R1
The National Academy of Sciences is a private, nonprofit, self-perpetuating society of distinguished scholars engaged in scientific and engineering research, dedicated to the furtherance of science and technology and to their use for the general welfare. Upon the authority of the charter granted to it by the Congress in 1863, the Academy has a mandate that requires it to advise the federal government on scientific and technical matters. Dr. Ralph J. Cicerone is president of the National Academy of Sciences. The National Academy of Engineering was established in 1964, under the charter of the National Academy of Sciences, as a parallel organization of outstanding engineers. It is autonomous in its administration and in the selection of its members, sharing with the National Academy of Sciences the responsibility for advising the federal government. The National Academy of Engineering also sponsors engineering programs aimed at meeting national needs, encourages education and research, and recognizes the superior achievements of engineers. Dr. Charles M. Vest is president of the National Academy of Engineering. The Institute of Medicine was established in 1970 by the National Academy of Sciences to secure the services of eminent members of appropriate professions in the examination of policy matters pertaining to the health of the public. The Institute acts under the responsibility given to the National Academy of Sciences by its congressional charter to be an adviser to the federal government and, upon its own initiative, to identify issues of medical care, research, and education. Dr. Harvey V. Fineberg is president of the Institute of Medicine. The National Research Council was organized by the National Academy of Sciences in 1916 to associate the broad community of science and technology with the Academy’s purposes of furthering knowledge and advising the federal government. Functioning in accordance with general policies determined by the Academy, the Council has become the principal operating agency of both the National Academy of Sciences and the National Academy of Engineering in providing services to the government, the public, and the scientific and engineering communities. The Council is administered jointly by both Academies and the Institute of Medicine. Dr. Ralph J. Cicerone and Dr. Charles M. Vest are chair and vice chair, respectively, of the National Research Council. www.national-academies.or g

OCR for page R1

OCR for page R1
COMMITTEE FOR ADVANCING SOFTWARE-INTENSIVE SYSTEMS PRODUCIBILITY WILLIAM L. SCHERLIS, Carnegie Mellon University, Chair ROBERT F. BEHLER, The MITRE Corporation BARRY W. BOEHM, University of Southern California LORI A. CLARKE, University of Massachusetts, Amherst MICHAEL A. CUSUMANO, Massachusetts Institute of Technology MARY ANN DAVIDSON, Oracle Corporation LARRY DRUFFEL, Software Engineering Institute RUSSELL FREW, Lockheed Martin JAMES LARUS, Microsoft Corporation GREG MORRISETT, Harvard University WALKER ROYCE, IBM DOUGLAS C. SCHMIDT, Carnegie Mellon University JOHN P. STENBIT, Independent Consultant KEVIN J. SULLIVAN, University of Virginia Staff JON EISENBERG, Director, CSTB LYNETTE I. MILLETT, Senior Program Officer JOAN D. WINSTON, Program Officer (until May 2008) ENITA A. WILLIAMS, Associate Program Officer ERIC WHITAKER, Senior Program Assistant 

OCR for page R1
COMPUTER SCIENCE AND TELECOMMUNICATIONS BOARD ROBERT F. SPROULL, Oracle Corporation, Chair PRITHVIRAJ BANERJEE, Hewlett-Packard Company STEVEN M. BELLOVIN, Columbia University SEYMOUR E. GOODMAN, Georgia Institute of Technology JOHN E. KELLY III, IBM JON M. KLEINBERG, Cornell University ROBERT KRAUT, Carnegie Mellon University SUSAN LANDAU, Radcliffe Institute for Advanced Study DAVID E. LIDDLE, US Venture Partners WILLIAM H. PRESS, University of Texas, Austin PRABHAKAR RAGHAVAN, Yahoo! Labs DAVID E. SHAW, D.E. Shaw Research ALFRED Z. SPECTOR, Google, Inc. JOHN A. SWAINSON, Silver Lake PETER SZOLOVITS, Massachusetts Institute of Technology PETER J. WEINBERGER, Google, Inc. ERNEST J. WILSON, University of Southern California Staff JON EISENBERG, Director VIRGINIA BACON TALATI, Associate Program Officer SHENAE BRADLEY, Senior Program Assistant RENEE HAWKINS, Financial and Administrative Manager HERBERT S. LIN, Chief Scientist EMILY ANN MEYER, Program Officer LYNETTE I. MILLETT, Senior Program Officer ERIC WHITAKER, Senior Program Assistant ENITA A. WILLIAMS, Associate Program Officer For more information on CSTB, see its Web site at http://www.cstb.org, write to CSTB, National Research Council, 500 Fifth Street, N.W., Washington, DC 20001, call (202) 334-2605, or email the CSTB at cstb@nas.edu. i

OCR for page R1
Preface The Committee for Advancing Software-Intensive Systems Producibility was appointed by the National Research Council (NRC) and convened under the auspices of the NRC’s Computer Science and Telecommunications Board (CSTB) to assess the nature of the national investment in software research and, in particular, to consider ways to revitalize the knowledge base needed to design, produce, and employ software-intensive systems for tomorrow’s defense needs. The statement of task is provided in Box P.1. This report contemplates Department of Defense (DoD) needs and priorities for software research and suggests a research agenda and related actions. This is the final report of the committee, and it builds on two prior reports—Summary of a Workshop on Software Intensie Systems and Uncertainty at Scale1 and Preliminary Obserations on DoD Software Research Needs and Priorities.2 This report draws on the briefings listed in Appendix A. The committee considered four sets of questions: • To what extent is software capability significant for the DoD? Is it becoming more or less signifi - cant and strategic in systems development? • Will the advances in software producibility needed by the DoD emerge unaided from industry at a pace sufficient to meet evolving defense requirements? • What are the opportunities for the DoD to make more effective use of emerging technology to improve software capability and software producibility? • In which technology areas should the DoD invest in research to advance defense software capa - bility and producibility? Chapter 1 of this report addresses the first two of these questions. It discusses the essential and evolv- ing role of software in defense systems and the distinctive and unusual characteristics of the software 1 National Research Council (NRC), 2007, Summary of a Workshop on Software Intensie Systems and Uncertainty at Scale, Wash- ington, DC: National Academies Press. Available online at http://www.nap.edu/catalog.php?record_id=11936. Last accessed August 10, 2010. 2 NRC, 2008, Preliminary Obserations on DoD Software Research Needs and Priorities: A Letter Report , Washington, DC: National Academies Press. Available online at http://www.nap.edu/catalog.php?record_id=12172. Last accessed August 10, 2010 ii

OCR for page R1
iii PREFACE Box P.1 Statement of Task This study will bring together academic and industry software systems researchers, software and software tool vendors (suppliers), and systems integrators who comprise the community of skills required for future successes in complex software-intensive systems required by the Department of Defense (DoD). They will: (1) Assess the emerging situation with respect to the national investment in relevant software research, the present state of and future requirements for tools for software production, testing and maintenance, and the adequacy of human resources; (2) Examine the needs, relationships, and interdependencies expected of future DoD software re- search, development and maintenance needs, and consider what advances are needed for continuous improvements in the design, production, and evolution of DoD software-intensive systems; (3) Make recommendations to responsible agency, executive branch, and legislative officials, and to the software technical community, about how to improve the present state of affairs and achieve future goals. used in such systems. The chapter also contemplates the extent to which the DoD can rely on industry to innovate at a rate fast enough to allow it to fully meet future defense software requirements. Chapters 2, 3, and 4 of this report focus on three principal clusters of challenges to software produc - ibility wherein the DoD has particularly unusual needs or “leading demand.” These chapters address the third question presented in the statement of task and describe process management for innovative software systems development (Chapter 2), architectural leadership for large-scale software-intensive systems (Chapter 3), and the need to take a strategic approach to assurance (Chapter 4). These chapters, taken together, address the core features of what we mean by software producibility—the capacity to design, produce, assure, and evolve software-intensive systems in a predictable manner while effectively managing risk, cost, schedule, quality, and complexity. Chapter 5 discusses the value of research in enhancing software producibility for the DoD. It addresses the role of academic research, the synergy between industry and academic research, and the impact of past investments. It then tackles the fourth question and offers a seven-part agenda for advancing DoD software capability: architecture, assurance, process and economic models, require - ments, language and tools, cyber-physical systems, and human-systems interaction. The committee thanks all those who participated in its workshops and contributed to its delibera - tions (Appendix A). The committee would also like to thank the Computer Science and Telecommu - nications Board staff, including Enita Williams, Jon Eisenberg, Lynette Millett, Joan Winston, and Eric Whitaker, who have ably managed the project and coordinated the team effort through three separate reports. Enita Williams and Jon Eisenberg deserve special thanks and appreciation for their heroic effort in the preparation and editing of this final report, which would not have been possible without their highly capable support and collaboration. William L. Scherlis, Chair Committee for Advancing Software-Intensive Systems Producibility

OCR for page R1
Acknowledgment of Reviewers This report has been reviewed in draft form by individuals chosen for their diverse perspectives and technical expertise, in accordance with procedures approved by the National Research Council’s (NRC’s) Report Review Committee. The purpose of this independent review is to provide candid and critical comments that will assist the institution in making its published report as sound as possible and to ensure that the report meets institutional standards for objectivity, evidence, and responsiveness to the study charge. The review comments and draft manuscript remain confidential to protect the integrity of the deliberative process. We wish to thank the following individuals for their review of this report: Rick Buskens, Lockheed Martin Advanced Technology Laboratories Grady Campbell, Software Engineering Institute William Campbell, BAE Systems John Gilligan, Gilligan Group William Griswold, University of California, San Diego Anita Jones, University of Virginia Annette Krygiel, Independent Consultant Steve Lipner, Microsoft, Inc. David Notkin, University of Washington Frank Perry, SAIC Alfred Z. Spector, Google, Inc. Daniel C. Sturman, Google, Inc. John Swainson, CA, Inc. Mark N. Wegman, IBM Although the reviewers listed above have provided many constructive comments and suggestions, they were not asked to endorse the conclusions or recommendations, nor did they see the final draft of the report before its release. The review of this report was overseen by William H. Press, University of Texas at Austin. Appointed by the NRC, he was responsible for making certain that an independent examination of this report was carried out in accordance with institutional procedures and that all review comments were carefully considered. Responsibility for the final content of this report rests entirely with the authoring committee and the institution. ix

OCR for page R1

OCR for page R1
Contents SUMMARY 1 1 RECOGNIZE THE PIVOTAL ROLE OF DOD SOFTWARE INNOVATION 17 The Role of Software in Defense, 17 Precedent and Innovation in Software, 22 The Role of the DoD in Addressing Its Software Needs, 35 The Necessity of Innovation in Software, 39 2 ACCEPT UNCERTAINTY: ATTACK RISKS AND ExPLOIT OPPORTUNITIES 45 Innovation, Precedent, and Dynamism, 45 Managing Risk at Scale, 47 Managing Requirements and Architecture, 55 Estimations, Contracting, and Iterative Development, 57 Realizing DoD Software Benefits via DoD Instruction 5000.02 and Evolutionary Acquisition, 60 Intrinsic DoD Software Expertise—Being a Smart Customer, 61 3 ASSERT DOD ARCHITECTURAL LEADERSHIP FOR INNOVATIVE SYSTEMS 68 Software Architecture and Its Critical Role in Producibility, 68 Software Architecture in Industry, 72 Architectural Problems as a Source of Software Problems, 73 The DoD Experience with Architecture-Based Development, 74 Supporting Technology and Research Needs, 78 Strengthening DoD Capabilities with Respect to Architecture, 81 4 ADOPT A STRATEGIC APPROACH TO SOFTWARE ASSURANCE 86 Software Assurance and Evidence, 86 Software Assurance Fundamentals, 98 Challenges for Defense and Similar Complex Systems, 102 Two Scenarios for Software Assurance, 105 xi

OCR for page R1
xii CONTENTS 5 REINVIGORATE DOD SOFTWARE ENGINEERING RESEARCH 112 The Role of Academic Research in Software Producibility, 113 Investing in Research in Software Producibility, 117 Areas for Future Research Investment, 122 APPENDIxES A Briefers to the Committee 141 B Biosketches of Members of the Committee 143