December 8, 2020

Understanding JEDI-compliant application design 

Deepinder Uppal

Topic:   Industry Focus

In 2017, then-Defense Secretary James Mattis issued a problem statement:

“The Department of Defense’s (DoD) lack of a coordinated, enterprise-level approach to cloud infrastructure and platforms prevents warfighters and leaders from making critical data-driven decisions at “mission-speed,” negatively affecting outcomes. In the absence of modern services, warfighters and leaders are forced to choose between foregoing capabilities or slogging through a lengthy acquisition, rollout, and provisioning process.”

The DoD’s General Purpose Enterprise Cloud, also known as the Joint Enterprise Defense Infrastructure (JEDI) Cloud, was conceived as a 10 billion dollar initiative designed as a solution for Mattis by establishing foundational cloud technology while leveraging commercial parity, “from the home front to the tactical edge.”

Despite being two years behind schedule, three years after the DoD first unveiled the project, and almost a full year after Microsoft was first awarded the contract, the JEDI computing initiative shows some signs of thawing. However, with legal challenges anticipated to last until February 5, 2021, DoD CIO Dana Deasy is looking for alternatives for “service, commands, and other defense agencies with urgent warfighting needs”.

While the process of finalizing and ultimately implementing JEDI has been delayed, the DoD has been working on various projects that use cloud technology to develop a standard for application configuration, best practices, and security framework. We have already seen such standards find their way into projects such as Cloud One or the United States Air Force’s VAULT, administered by that agency’s chief data officer.

As February draws closer, the need for a secure and resilient application design set remains a priority for many DoD agencies. With cloud technology becoming the norm, it would be good to review some of the objectives of JEDI, specifically as to how they relate to strategic objects within the DoD data strategy, and more importantly what application stacks should look like when trying to leverage the future of DoD cloud infrastructure.

Enable Exponential Growth

The DoD has repeatedly stated its requirement for a secure and elastic environment that can grow as the DoD onboards additional programs. The extensible nature of such a cloud environment should not be overlooked either. The DoD has made it clear that a clear and common focus would be on the extensibility of such an environment and its ability to encompass and be interoperable with the tactical edge.

Applications that leverage JEDI infrastructure should be able to leverage available elasticity and extensibility. The benefits of being able to rapidly access compute and storage in near real time to meet battlefield challenges at the “speed of relevance” will transition from specialty application stacks to an absolute must for all technology stacks doing business with the DoD. Finally, applications must start looking at designs that leverage the end result of such scalability: a Common Operating Picture (COP); that is, the ability to leverage, organize, analyze, secure, scale, and capitalize critical information ubiquitously available to all warfighters and decision-makers unilaterally. 

Extend tactical support for the warfighter at the edge

As part of supplying a COP, the DoD cloud environment will serve mission owners from the home front to the tactical edge, both CONUS and OCONUS, and at all classification levels and disseminations.

Applications would need the ability to function on the tactical edge, be ruggedized, and adaptable, providing automatic synchronization to the enterprise cloud once communication is re-established. Enterprise DoD cloud applications should also have the proven capability of leveraging cloud resilience, such as conforming to a continuity of operations (COOP) mindset via automated and immediate failover due to its distributed, scalable, and redundant nature.

Drive IT reform at the DoD

For many applications, this resilience will have to be purposefully designed, or in some cases, redesigned for integration within JEDI. Once integrated, these applications should be able to further consolidate data assets with new methodology, such as virtualization and abstraction, which could in turn enable efficiencies through rapid deployment of common services or common data artifacts.

Enterprise applications should look at their efforts as a means to target and accomplish DoD’s longstanding cyber and infrastructure resilience goals. Part of this redesign would also be congruent with DoD’s big picture of driving IT reform at the DoD, which would further enable cyber components to deliver upgraded security measures integrated within Defensive Cyber Operations (DCO).

Proactively Address Cyber Challenges

DoD has produced a unified cybersecurity framework that addresses cloud support for classified and unclassified data, however technology stacks will need to frequently and independently ensure effective defenses and early alert notifications against developing threats. This requirement alone singles out application developers to incorporate the ‘sec’ components in a DEVSECOPS approach to software development. This will allow DoD to shift its security focus from defending the network perimeter to securing data and services for applications which are congruent to this new cyber framework to leverage.

Part of being compliant with this updated cyber framework means that applications will need strong authentication for people and machines, specifically new technology elements such as robotic process automation (RPA). Much of this can be accomplished by applications leveraging common existing DoD standards, such as secure encryption for data at rest and in motion. However, part of the updating of applications would center around enabling artificial intelligence (AI) and data transparency.

AI and machine learning (ML) algorithms used for decision support will require data that is highly available and well organized (i.e., “transparent”) within a secure common environment. These artifacts will need common data standards for tagging, storing, accessing, and processing information.

Scale for the episodic nature of the DoD mission

DoD requires the ability to provision and deprovision resources automatically in order to optimize asset utilization. This ability not only helps with resource allocation but also with the costs associated with infrastructure, compute, and storage. The cloud “pay-for-use” (i.e., “actual use”) cost model is on track to become the adopted standard rather than traditional on-premise “maximum use” cost models. 

Technology stacks that can use a cloud pay-for-use cost model will be able to provide greater agility in adapting to changing priorities, budgetary conditions, and industry developments. These modifiers will become almost a must have for any request for information (RFI) and evolve any indefinite delivery/indefinite quantity (IDIQ) agreements.

JEDI philosophy

Application developers should also understand the JEDI philosophy: keep the warfighter first – think cloud-data smart while leveraging commercial industry best practices to create a culture better suited for the DoD’s modern take on application design and development. It is obvious to see that JEDI will satisfy the need for greater analysis, cybersecurity, and tactical practices while providing reliable access across the department and promote greater levels of efficiency and security. Developers should now do their part and work on a framework that can leverage these assets to increase the lethality of tactical systems while providing a common platform for computing and analysis.

Future mission success will lay in highly effective, multi-tenant integrated environments that provide a decisive advantage to the warfighter by connecting data silos, platforms, and sensors across a common architecture regardless of service, network, or domain. JEDI has the potential to be this modernized military ecosystem, but only if government stakeholders can take advantage of all it has to offer by connecting the warfighter to data and ensuring the creation of faster, more secure applications to leverage everything JEDI has to offer while enabling mission success.

Deepinder Uppal is the vice president for Innovation and Technology in the Public Sector for ibi. In this role, Deepinder helps to define a customer’s technical vision by assisting with the successful creation, integration and deployment of next-generation analytics and data architecture. As ibi’s chief innovator for the public sector, Deepinder collaborates with public sector clients on the implementation of emerging technologies and provides solutioning for complex technological problems. Prior to his role with ibi Deepinder Singh Uppal was an Assistant Division Director for the Criminal Justice Information Center (CJIC). He has also held positions as the Chief Innovations Officer and Chief Data Steward for the Michigan State Police. In these roles, Deepinder has innovated on numerous State and Federal projects to provide legislative insight into Data Governance, IoT: Smart City Initiatives, and the application of Artificial Intelligence to State and Federal Threat Analytics portfolios. Additionally, Deepinder has also made considerable contributions to network architecture; Deepinder has innovated on a state-wide Dynamic Multipoint Virtual Private Network (DMVPN) to eliminate legacy gateway-to-gateway architecture, remove “hub and spoke” dependencies, and leverage 5G (FirstNet) infrastructure for first responder agencies. Deepinder has presented his research at academic conferences, held workshops at major research institutions, and has been the recipient of numerous grants and awards. Outside of academics, Deepinder is a United States Army veteran and has served honorably in numerous areas of conflict.