Transcripts For CSPAN3 Hearing 20240703 : vimarsana.com

CSPAN3 Hearing July 3, 2024

We are going to leave it now as lawmakers are holding a hearing to examine software and how it plays a role in innovation. You are watching live coverage on cspan three. We expect the systems and code that we rely will work when needed. Despite this criticality, we see a department that struggles in peerk operating and prioritizing software. Congress, do know when something is gone and something is right or when something is working or not working. We see the reports, we read the studies, findings that are remarkably consistent from the 1980s to today. We know that some things are fundamentally amiss. My hope for today is for the witnesses to not only describe the problem but contextualize where possible what is being done to date and what the largest barriers have been in a meaningful manner. To help with that task that im about to introduce. Dr. Richard murray, professor of control and dynamics systems and bioengineering at caltech and cochair of the 2019 defense, innovations, boards of software accusation. And dr. Dan pratt at the hudson institute. Thank you for being with us today. I will now recognize the Ranking Member for his opening remarks. Thank you, mr. Chair. Looking forward to hearing from you. The department of defense and u. S. Government has been critical in the development of software and technology in this country as a representation of Silicon Valley. I remember that it was our mission to the moon that led to the acquisition of semiconductors. That is what spawned Silicon Valley. By semiconductors, you never would have seen the development of Silicon Valley and the technology. The innovation is happening in my district and the private sector, we need to figure out how we continue and strengthen and private sector recognizing the dynamic nature of software, how quickly it changes, how we need that innovation to keep us the Strongest Military and country in the world. I am looking forward to your comments and your suggestions. Thank you, mr. Chairman. We will now start with the witnesses. Misses lord, you are recognized for five minutes. Thank you very much for chairing this hearing and thank you members of the. In an era of strategic Competition Among technologically advanced powers, software shaped the nature of deterrent and defined National Security advantage. The urgency to empower our defense and apparatus across all domains with both the best existing and emerging technology is critical to not only prefers our freedoms but those of our partners and allies. Transformed our commercial sectors. In turn our everyday lives. Now, we must harness and apply this ingenuity and innovation to bolster u. S. Military superiority in the digital age. Given current geopolitical conditions, the stakes could not be hardier. Software development and support of our country support and infrastructure needs to meet the challenge of the moment. To fall short now would not just be a bureaucratic debacle but a source of imminent risk to our ability to deter, fight and win. The ability to quickly develop and deliver capability to close the gap between information discovery and Mission Response is a defining differentiator and emerging global competition. Defense and intelligent agencies must develop, acquire, execute and maintain software to meet Current Mission needs while also having the agility to quickly respond to future threat environments. The statutory, regulatory and budgetary framework for these agencies are right for streamlining to build and maintain the Nations Software advantage. The department of defense, procurement process, is one of the greatest challenges and opportunities to software acquisition. Often software is purchased using the same approach that is traditionally employed for major hardware systems. Typically this entails setting rigid requirements, lengthy solicitation processes and ultimately coming years later, to adapt software that is often obsolete upon delivery. Although alternative pathways exist, they are only effective as an acquisition professionals implement them. Funding professional training and development for acquisition professionals to ensure they have key skills for implementing the full spectrum of acquisition approaches will enable the best and most Innovative Technology to be quickly provided for our National Security workforce. Dod must operationalize policies and procedures to support the modern delivery and practices such as agile Lifestyle Software and service delivery, human centered design, and modern technology stats. Training the Acquisition Workforce is necessary but not sufficient to modernized development and deployment. Resourcing must be available to provide flexible and leadership must demand that all relevant procedures and processes are employed. My submitted testimony goes into more details on these items. I would like to close by acknowledging three efforts that are producing actionable recommendations that might be useful to the subcommittee. One is the commission on planning, programming and execution. We just last week produced our final report. We talked about recommendations that could be employed. Many would help our software initiatives. Two, the software Defense Coalition that is led by jane lee is producing actionable recommendations for the subcommittee. And finally, the Atlantic Council commission on Software Defined warfare on which i serve, is again producing actionable recommendations. I urge the committee to follow up on these. Thank you. Thank you, ms. Lord. Are recognized for five minutes. Mr. Luttrell and distinguished members. Thank you for inviting me to speak on the topic of software development. From 2016 to 2021, i was a member of the board and co chaired along to do software. This was established in 2018. Our report was called software is never done. The key findings of our report was that congress and dod had been talking about the importance of software. In many ways, the report was just a rephrasing of the 1987 Defense Task Force on military software 32 years earlier. Identified itself over previous on that topic. Chapter three, been there, said that, we know what we need to do. We need to figure out how to actually do it and get to it. Our 2019 report, i believe we are still the most important points. The first is that speed and cycle time are the most important metrics for software. Being able to deploy faster than our adversaries means that we can provide more advanced and be more responsive to end users. And gives us a Tactical Advantage on the battlefield by allowing operation and response inside our adversaries. Second, software is by people and for people. Dod resource policies are not conducive to attracting and promoting digital towns. Talented developers and acquisition personnel are often put in jobs that do not allow them to make use of their talents. Particularly in the military were job assignments may not recognize the importance. Today and dod, the people with the necessary skills exist but instead of taking advantage of the skills, we often put them in environments where it is difficult for them. Third, software is different than hardware and not all software the same. Thomas and dod have established instructions that govern the development, procurement and sustainment of Defense Systems. Software development is fundamentally different. Software should be developed and continuously improved using much different cycle times and maintenance strategies. Software is never done and mostly managed treated differently than hardware. I took the opportunity to read reports on the implementation of some of the recommendations for the study we have partnered with. I was pleased to see that congress and dod have made progress in implementing many of our recommendations including establishing pathways for software and exploring new procreation categories. These are important steps and they should be continued and accelerated. In addition to these important actions focused on the acquisition process, dod implemented many actions on primary and secondary recommendations. Some of the most important providing guidance including reciprocity and continuous adls. As of april 2023, guidance for continuous adls has not been processed. Dod reports progress but appears they have let to establish. A welldefined Software Developer including Service Members will out dod to retain to design, build software systems. Finally, an area that is completely different when we did the study is the role of Artificial Intelligence and military systems. The implications of ai will be profound across all areas of society. The field is changing so rapidly its impossible to predict how ai is working progress. Ai is poised to revolutionize the way we right, test and deploy. Already riding code based on the speed development. In the future, it will be integral. These developments will democratize development and ways to do it drastically reduced time. At the same time, software is using for military systems is critical to fail so we must find ways to harness those. Dod must stay on top of these developments and take advantage of the current u. S. Leadership being development. Congress working with dod plays an essential role in breaking us out of the cycle. Thank you for your attention and i look forward to the session. Thank you, dr. Murray. Dr. Pratt. Five minutes. Thank you for inviting me here to speak on such an important topic. Im here an individual capacity. I serve in diverse roles offering perspective on technology and threats. Broad technoeconomic shifts and the vibrant ecosystem. As you all know, software is ubiquitous. Powerful implications for economic productivity and government effectiveness for cybersecurity and the character of National Security. These Technology Goal changes are overlaid on the context of our time. Strategic consultation. In the crux of the problem for National Security is this. And a sustained competition and the longterm competition, advantage ultimately depends on the ability for one side to adapt. Yearbyyear mitigating weaknesses and advantage. The kind of questions we ended up with are things like our weapons systems, relevant against a relentless pace of threats. Can we invent new ways of fighting that put the prc on the back foot. These are the issues that the department of defense must tackle if it wants to compete. Everyone of these issues now depends on software. Even changing i military units tactic. We need look no further than the battlefields of ukraine to find evidence that units which are able to change the software more quickly see better outcomes. We face a choice. We can be victims of software, cursing its bugs and overruns. Or we can harness it for competitive advantage by leveraging american ingenuity, a robust talent base leading technology. That is our question. Can we create a Defense System built for evolution and adaptation . My central message is this and it will echo those of my fellow witnesses here. The process of getting code from a programmer to an operational system is critical. We blur the lines between what is development, building something. And what is operations, using that same thing. Making this quick and robust is a necessary for competition. They remain in the minority and they faced daily struggles against organizations and processes built for another era. I call your attention to two axonal items. As weve discussed where adls how the department decides that software is safe to deploy and use. The second item, towns. Attacking on the first topic i will introduce an analogy. In many ways, making software resembles molding wet clay. Forming it into some finished piece. When an Engineering Team works with source code, they can quickly adjusted, make fixes. Once the code is compiled, built, shipped, it becomes fixed and brittle. The code only works on one particular type of processor. What we find is modern software so complex, you need to feed the results back to the Engineering Team. Unfortunately, our 312 process makes this quite difficult. On the second topic, technical talent come a software is a complex and technical subject matter. Details matter. We hear this quick big headline sometimes. One simple trick can solve dod software. One Software Factory to rule them all. Its all about agile. Those are all great tools. Those are useful things. But navigating that complexity requires judgment and organic technical talent on the part of the department. The dod needs leaders driven by mission. It doesnt need armies of coders. They can attract this talent if given the right tools using things like appointments and giving these people autonomy to make a mission impact. Thank you. Thank you, dr. Patt. I will move it to questioning. Authority coming all three had on that. I hate to say it, it seems, you guys shouldnt leave. Im going to talk to guys if you want to hang out. Yuck. Totally cool. Sit back down. The authority i dont it seems like its the improper medium for software innovation. Software is updated every half second of every second of every minute of every day. It moves so fluidly. For the past 40 years, the authority seems to be bogging the system down. Im asking three subject matter experts. Well start with you mr. Patt, or ms. Lord, we will start with you. Ladies first. What is the fixed . I dont want to report that we will never read. What is the fix to fix this problem . This is the way we lean in front of our adversaries. The system is failing itself. The challenge is the need for speed. I believe there are two things that we need to do. One, moved to continuous adls. Theres been a lot written and a lot discussed. Continuous atos are not yet implemented. This would be a very good thing to ask a dod leadership. Secondly, we are repeatedly across even programs, military services, agencies, not allowing reciprocal rights for ato. The same software is being reauthorized again and again. Those are the two key things that i think you should push on. Absolutely not looking at discrete, repetitive, approvals. Right now come in fact, there is only a requirement to approve 12 systems a year, which given the fact that most of our systems went on hardware, software and data is frightening. Dr. Murray. I completely agree. We think about continuous ato in particular. We need to be able to stay, this Software Needs to be updated. The longer we wait by not giving them the code they need to do. How do we get to the point where we are an industry, right . If a zero day comes out, some attack on my cell phone, there will be an update in the next day or two, right . Theyve already figured out, its going to satisfies our own. We need to find what that is. I think you should be asking on every program, what is the cycle time is going to the software. How much is that is the ato process. If that ato, if that more than a day, theres a problem, right . There needs to be a continuous ato where we automatically check, does a satisfied . This is important code. We need to be able to get out there quickly. Dr. Patt. I agree with those comments. The ato is about the risk of using the software. The schedule along with mission risk. If its buying body armor, you can separate these issues. Is it safe to use this on a mission. Does this help support the mission. These lines get blurred. I will say that one of the places where you see progress in the department is where they try to put these risks together. If you look at, in the navy, there are Program Offices and Program Managers which both own the risk of use of the software on the Operational Network and the development of software. When you move those things together, you tend to get these were mission focused outcomes. These are organizations which have been able to use continuous ato is. I would expect that same characteristic to carry us forward. As dr. Murray said, we often focus on adls. We forget the risk of not updating the software, of not deploying new features. We become too focused on compliance, checking the boxes of, you know, did we meet the boxes we said we did would . We forget the underlying problems. The most important thing is the cycle time that we keep coming back to. You can keep updating and mitigating problems. If i may have one quick followup on that, i think we need to differentiate in the department between Risk Management and risk elimination. We are never going to eliminate all risk. These tradeoffs are what take human judgment calls. What dr. Patt is talking about. I think its very important for congress to recognize those individuals in the department who are leaning forward and demonstrating, embracing authorities, policies, procedures. I would say who was, has done that admirably. Thank you, ms. Lord. For all the young men and women, they are talking to you. You are the next generation that will keep this country ahead across the globe. I highly recommend you play this takeback because we are counting on you. Do you understand . Outstanding. Your recognized for five minutes. In my district, when you have a software challenge, they dont just go out and buy new software. In fact that the last thing they do. They have a mission and they figure things out. Ive heard that they just buy new software to check off the box that they have complied. This is innovating in the way that the private sector does. Could you comment on how we change that culture other than getting tim cook to run these things . I think it comes down to investing in the human capital. If individuals are not trained to be smart buyers and we cannot attract contemporary coders and so forth, we cannot change that culture. Right now, we have a huge issue. This is mentioned in our final report with modernizing a lot of our business systems. We are pretty good at talking about from a War Technolo

© 2025 Vimarsana