Services Overview
Software Crises Mitigation
· Hardware and software migrations
· Use of 5TH and 6th-Generation Languages
· Wrapper technology
· Software Virtualization
· Artificial Intelligence
Solutions to open-ended and complex IT problems and issues including
· Innovative, Creative, Progressive, and Leading-Edge Technology.
· New or modified architecture or infrastructure.
As subject matter experts, we can tell what is wrong and make it right
Economical, Low, and even Firm Fixed Price (FFP) costing and scheduling
· We offer several contracting strategies including Firm Fixed Price (FFP), Cost plus Fixed Fee (CPFF), Level of Effort, and Hourly.
· With detailed specifications, we will perform FFP contracts.
· We work smart, not hard. We use proven technologies and low-risk techniques wherever possible.
· We have learned from the Software Costing Experts. We have used the Constructive Cost Model (COCOMO).
· We perform most work remotely, which saves considerable overhead costs and is highly advantageous for recruiting skilled talent.
· We tend to use small, lean multidisciplinary teams but back them up with very highly skilled Program Managers and Software Subject Matter Experts (SMEs) who have a proven track record in solving major IT program-level technical and non-technical issues.
Custom Software Development
· 3GL: Java, JavaScript, C#, C++ and C.
· 4GL: Perl, Python, SQL. Visual Basic and *nix scripting languages.
· 5GL RAD type tools including PowerBuilder and SIB VisionX.
· Development performed with many APIs, Rest and SOAP APIs, and Toolkits.
· JavaScript frameworks such as React, AngularJS, and Vue.js.
· As a language-agnostic shop, we can adapt to what you have or need quickly and easily.
Rapid Prototyping and Proofs of Concept
· Rapid Prototyping requires Rapid Application Development tools.
· Prototyping should utilize the same architecture and development tools proposed as the solution.
· A good prototype should validate the Concept of Operations (ConOps), the architecture, and the intended infrastructure.
· "Throw away prototypes" a.k.a. wireframes are largely ineffective
Minimally Viable Products (MVP)
· Generally produced after a successful prototype.
· It contains most, but not all, needed functionality and can be used by real users.
· Are a key methodology to ensure that the system users are getting most of the capabilities they need
· It can be used to refine or change the architecture and/or implementation of most of the product’s features.
Full-Scale Development
· usually performed as part of custom software development.
· Contains all specified functionality
· meets all user requirements
· has been thoroughly tested
· The product should be
o scalable to meet flexible demands
o robust enough to recover from a data center failure.
Automation and Integrations
· Search Engines including AWS Elastic Search
· Robotics system that needed remote and unattended 24/7 operations.
· AI software to automate the tasking of intelligence satellites.
Migrations and Transformations. Examples of our successes:
· Air Force, moved from legacy Oracle applications to modern cloud applications
· FBI moved from non-containerized solutions to containerized solutions
· NGA converted non-virtualized applications to virtualized applications
Secure cloud infrastructures
· We have delivered secure, scalable, and robust solutions on Amazon Web Services, AWS.
Services Detail
As an IT Solutions Provider, we specialize in solutions for unique and challenging IT concepts or issues. If there is an IT-related concept, we can implement it; from ConOps to a production-ready product. We will conduct a complete and thorough Concept of Operations, proof of concept, rapidly prototype your concept, produce a Minimally Viable Product (MVP), and deliver your concept as a fully operational system.
1 Software Crises Mitigation
Software development is difficult and so frequently unsuccessful to the extent that the problem has a label ”Software Crisis”. According to Gartner, 80% of software projects fail. If your project or program is in jeopardy, The GDA Group can help. We have rescued eight () major U.S. Government programs from failure. Solutions have ranged from hardware migration, virtualized software, cloud infrastructure, wrapping or encapsulating lower-level software, and integrating new components.
The use of 5th and 6thGeneration Language software products is another successful strategy that has been used by us to mitigate the software crises and is described thoroughly here.
Artificial Intelligence (AI) is perceived by the public as a possible solution, however, many AI Experts see AI as contributing in a big way to the software crises.
The following successes demonstrate our capabilities in software crisis mitigation.
· NRO
· NGA
· JSOC
2 Providing Open Ended Solutions
With over forty years of experience in software development, we provide solutions for difficult IT-related problems. Because we are outside-of-the-box thinkers, we have provided solutions to difficult open-ended problems using the latest leading-edge technologies. We are not just consultants or solution architects. We don’t just tell you what is wrong. We will make it right including a new or modified architecture or infrastructure.
Examples of our successes in this area:
· NGA
· JSOC
· Vricon
3 Economical, Low, and even Firm Fixed Price (FFP) costing
We offer several contracting strategies including Firm Fixed Price (FFP), Cost plus Fixed Fee (CPFF), Level of Effort, and Hourly. With detailed specifications, we will perform FFP contracts. We work smart, not hard. We use proven technologies and low-risk techniques wherever possible.
We have learned from the Software Costing Experts and have utilized COCOMO II. We perform most work remotely, which saves considerable overhead costs and is highly advantageous for recruiting skilled talent. We tend to use small, lean multidisciplinary teams but back them up with very highly skilled Program Managers and Software Subject Matter Experts (SMEs) who have a proven track record in solving major IT program-level technical and non-technical issues.
See our Costing and Scheduling information for many more details.
4 Custom Software Development
We have done extensive traditional software development with many 3rd Generation Languages (3GL) including but not limited to Java, JavaScript, C#, C++, and C. We have also performed significant SW development using 4GL languages such as Perl, Python, and SQL. Visual Basic and *nix scripting languages. We are a language-agnostic shop and can adapt to what you have or need quickly and easily. We have developed with many APIs, Toolkits, and JavaScript frameworks such as React, AngularJS, and Vue.js. We prefer using 5GL RAD-type tools for reasons explained in detail below.
Custom software development success examples:
· FBI
· Air Force Intelligence Agency
· NGA
· DISA
4.1 Low Level 3GL and 4GL Code
Traditional approaches to software development may rely on extensive codings in 3GL such as Java, JavaScript, C#, C++, and C to implement the necessary functionality. Development using these types of languages is very tedious, error-prone, and costly. 4GL like Python, Perl, Visual Basic, and Oracle PL-SQL may be used but requires an interpreter on the operational system as part of the solution, which is a major disadvantage in a lot of systems and architectures. We recommend 3GL only as a last resort.
4.2 5GL No Code, Low Code, and Rapid Application Development Tools
Modern software development relies heavily on 5GL which utilizes visual development tools and drag-and-drop interfaces.
We developed several products using 5GL RAD-type tools and products including Microsoft Access, Oracle Forms and Reports, PowerBuilder, and SIB VisionX.
These types of Tools generally provide GUI capabilities to design first the back-end data storage capabilities. Once the back end is designed RAD tools automatically produce front-end functionality in a highly automated manner using database schema as the primary input. Users (not just developers) can modify the database and web forms including layouts, data editing, and data restrictions.
Such 5GL products fall into the category of no code or low code tools. While a detailed comparison of these tool types can be found here, the following is a summary.
4.2.1 Low-code RAD tools
Low-code tools do their magic usually by generating either 3GL or 4GL code to implement the needed functionality. The code can usually be modified or enhanced by a developer with the requisite 3GL or 4GL skills to provide different functionality. Thus, there is a lot of freedom to change the default functionality provided by the RAD tool.
Microsoft Access and Oracle Forms and Reports were the earliest forms of low-code platforms but have not kept pace with either web-based capabilities or more modern RAD products.
4.2.2 No Code RAD Tools
No code tools do not produce any significant code that could be changed by a developer. Such products cannot be tailored or modified by developers in any significant way. We recommend that they be avoided in favor of low-code RAD tools.
4.2.3 Gartner Forecasts for RAD tool use
· Gartner’s latest review of low-code platforms is here.
· Gartner projects that by 2025, 70% of new applications developed by enterprises will utilize low-code or no-code technologies
· Gartner projects that developers from outside formal IT departments are expected to make up at least 80% of the user base for low-code tools.
· Gartner’s research shows that low-code platforms can cut development time by up to 50%, enabling businesses to launch new products and services faster.
·
5 System and Software Architectures (including Concept of Operations)
We develop cost-effective architectures and solutions. As Experts, we have saved costs for the Air Force and FBI by using Cloud Infrastructures.
A comparison of the top five Software Architecture tools is here.
Examples of our successes in developing system and software architectures:
• IBM Rational Software Architect
We are experts with The Department of Defense (DoD) Architecture Framework (DoDAF) which has multiple levels. The full framework includes over 50 models and views, but, at least 3 views and models are required for any software system.
With software architectures, the most difficult part is mapping functional capabilities to an actual existing Commercial Off The Shelf Software (COTS) product or a software component to be developed (Custom Software Development). This requires considerable Market Research, Software Tradeoff studies, and Software testing.
Costing is highly dependent on the System Architecture. Cost analysis includes infrastructure, software licensing costs, and the total cost for any custom software development.
Software architectures use a combination of SaaS, COTS products, Open-Source software, and custom software development. We know how to maximize system capabilities by blending the above cohesively and cost-effectively.
For more details, see our architectural-related success stories:
6 Proof of Concept
The GDA Group focuses on POCs for IT systems or software-related efforts.
A Proof of Concept (POC) is a critical tool in successfully deploying new technologies and implementing policies. With a properly executed POC, you can both evaluate the viability of a technology and can also demonstrate how it can be properly deployed, and provide what policies to build around it for long-term use. A POC tests and exercises the most technically challenging and risky part of a program or project. It is critical before investing time and energy into a new business or organization. It is usually done before any prototyping efforts.
The following are examples of our successful Proof of Concepts for our clients:
· The NGA to ensure the capability of communicating ASCII characters over an IBM 3270 EBCDIC-based network
· JSOC to ensure critical security goals were still achievable when using the Sequoia AWS SC2S and C2S simulators
· The FBI to ensure SOLR data could be successfully migrated to AWS Elastic Search
· DISA to intercept and re-route cryptographic keys before TLS authentication.
7 Rapid Prototyping
We perform rapid prototyping using the same architecture and development tools that are proposed in the architecture, instead of using throw-away prototyping.
Prototyping a system serves several purposes.
· The customer will get a very clear understanding of the product they need.
· This proves the intended architecture is workable.
· Implements and proves any risky functionality.
Prototyping can be performed using wireframes and mockup-type products. Such products provide good visual detail; however, these visual details usually look quite different when using modern software development tools. And there is very little functionality that can be demonstrated by such tools. Thus, these types of prototypes can be very misleading and are largely ineffective.
Rapid Prototypes require RAD tools. A good prototype should validate:
· Requirements
· The architecture
· Real data functionality
· The intended infrastructure
· Any cost analysis is done.
We have provided Prototypes for many different systems. Here are applicable success stories:
· JSOC
· Vricon
8 Minimally Viable Product (MVP)
The GDA Group very strongly recommends producing an MVP before full-scale product development commences.
MVPs
- Are generally produced after a successful prototype.
- It contains most, but not all, needed functionality and can be used by real users.
- Are a key methodology to ensure that the system users are getting most of the capabilities they need
- Can be used to refine or change the architecture and/or the specifications of most of the product’s features.
We have done MVPs for many different systems. Here are applicable success stories:
· Air Force Intelligence Agency
· JSOC
9 Full-Scale Development (FSD)
· usually performed as part of custom software development.
· Contains all specified functionality
· meets all user requirements
· has been thoroughly tested
· The product should be
o scalable to meet flexible demands
o robust enough to recover from a data center failure.
We have performed Full Scale Software Development on a number of large Government Projects including:
· NGA
· NRO
· DISA
· Air Force Intelligence Agency
10 Migrations
We have conducted many different types of migrations. See the following applicable success stories:
10.1From legacy apps to modern cloud apps
· Air Force Intelligence Agency
10.2From non-containerized solutions to containerized solutions
· FBI
· JSOC
10.3From on-premise applications to cloud-based applications
· FBI
· JSOC
· Vricon
10.4From a database or search engine to another
· FBI
· Air Force Intelligence Agency
11 Automation and Integrations
We have developed (or conducted) many automation and integration-type efforts. If you want to add an integration (e.g. AWS Elastic Search), to your system, we can do it. We developed software for a classified government robotics system that required remote and unattended 24/7 operations. For another classified government system, we developed AI software to automate the tasking of intelligence satellites.
Our automation and integration-related successes include:
· NRO
· NGA
· Vricon
12 Infrastructure – Commercial Cloud Providers (CCPs)
We have developed and delivered scalable, robust, and secure solutions on AWS including the U.S. Government specific AWS Regions: GovCloud, SC2S, and C2S.
12.1CCP Overview
CCPs consist primarily of Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft’s Azure. A comparison of the 3 major CCPs can be found here.
The Commercial Cloud Services (CCS) offered by CCPs generally fall into the category of proprietary software; they also fall into the category of virtualized data centers and virtualized infrastructure since all the hardware they physically have in their cloud data centers is presented virtually to customers. Hence you must use the CCS as is.
12.2IaC
Each CCP provides a custom front end to use and integrate with the rest of the ecosystem. They also provide a way of using their product so it can be driven via high-level type code called Infrastructure as Code (IaC). IaC can automate the deployment and setup of a customer’s complete IT environments with the only exception being customer end user devices on customers’ premises. Migration of a corporate data center to the cloud is done mostly by using IaC.
While there are attempts using products like Terraform to develop agnostic IaC that works across multiple CCPs, agnostic IaC can never take advantage of the full capabilities of a service offered by a CCP. In effect, by using a product such as Terraform, you are reduced to using the lowest common denominator of all the CCPs and are therefore diminishing the value of the additional services provided by your specific CCP. Multiple cloud solutions that span one or more CCPs are possible. Hosting SharePoint on Azure but with all other services and software running on AWS would be a valid CCP architecture.
12.3AWS Overview
For the above reasons, The GDA Group specializes in using the most well-known and best CCP, AWS, which is the first CCP that provided both classified and unclassified cloud services to the U.S. Government. AWS now offers more than 200 fully featured services to millions of users.
12.4AWS Security
Security for enterprise-level services transcends simple software security and encompasses hardware, networking devices and even cabling. When such physical resources are virtualized by CCPs, they are easy to make more secure. AWS has been certified for secure operations at the highest security classification levels including those classifications used by the U.S. Intelligence Community.
We have worked in critical and secure environments such as those used by the DoD and Intelligence Agencies. We have done RMF artifacts including Authority To Test (ATT), Authority To Operate (ATO), Security Control Matrices (SCM), Plan of Action and Milestones (POA&M), and have included Zero Trust (ZT) security features.
12.5AWS Availability and Scalability
AWS provides significant capabilities for availability and scalability. Even if a specific AWS Availability Zone (AZ) fails (examples include disaster or war), other AZs within the same AWS Region can quickly assume all the functions and data of the failed AZ.
12.6Successes
Our CCP infrastructure-related successes include:
· FBI
· JSOC
· Vricon
Successes
1 Air Force Logistics Command
The Air Force had a requirement to migrate from an obsolete Oracle Forms and Reports application front-end and an Oracle RDBMS back-end to an AWS Java environment. We developed an architecture, performed product selection, and prototyped the new system to prove the migration methodology. The new system used a modern RAD development tool, SIB VisionX, and could automatically produce modern Java code based on the Oracle Forms and Reports high-level PL/SQL coding. We prototyped and migrated multiple forms and reports from the old system to the new system using SIB VisionX.
2 JSOC
JSOC provided production environment and support for a wide group of custom JSOC applications, most intended to run in a Kubernetes environment provided by Rancher Federal on AWS Commercial, C2S, and SC2S enclaves. We identified several architectural issues with missing components. These missing components included the ability to automatically backup, restore, and generate a run IaC to clone VPCs and other elements as needed. N2WS was selected, prototyped, and integrated to implement this requirement. Development and Test environments were needed for the development of the custom applications. We introduced Sequoia to allow simulated classified software development to be performed using non-cleared personnel, reducing the number of cleared personnel needed onsite.
3 FBI
We prototyped and architected multiple solutions to migrate a major legacy on-premises operational FBI application to an AWS environment. The solution we implemented involved multiple simultaneous efforts.
· Migrated server-based products to run on AWS instances
· Migrated Java executables were to docker containers
· Migrated build pipelines from Ansible to Gitlab
· An automated test capability was provided by a new COTS product
Work was done on GovCloud, SC2S, and C2S AWS Regions
4 Vricon
Architected and implemented a new AWS-based infrastructure for Vricon a company headquartered in Sweden that created 3D models from 2D geospatial satellite imagery. The principal in-house product was a closely coupled HPC-based software product. The solution involved many unique features of AWS including HPC and parallel file systems. The architecture had to be able to support cloud-based features such as automatic scaling and spot instance additions to the infrastructure as needed for operations. The solution involved extensive software development using Python and AWS CloudFormation JSON.
5 DISA
Developed a programmatic interface to SharePoint without using the standard REST API due to limitations in the provider’s offering. The customer’s version of SharePoint only supported authentication via the TLS protocol using both client and server certificates. Developed extensive prototyping and experimentation using a combination of a simulated server, multiple browsers, and multiple versions of software written in several languages and environments.
6 Air Force Intelligence Agency
"DEWEY" was an Object-Based Production (OBP) system built directly on open-source software including Docker, Kubernetes, Accumulo, MongoDB, Keycloak, and MS Active Directory intended for use by U.S. Intelligence agencies. The major objective was to provide and execute a roadmap to migrate a DEWEY prototype system first to an MVP and then to a production-ready product.
The solution was a new PaaS. Alternative PaaS were evaluated including Docker EE, Pivotal Cloud Foundry, OpenShift, Cloudera, and Hortonworks, with OpenShift being the recommended PaaS. Designed a new security approach to address various authentication and authorization options that would ensure and preserve MAC and security labeling for a highly classified DoD environment. We evaluated several approaches for getting the system accredited for operations on JWICS and other networks. Work was done in an Agile environment using Scrum methodology within JIRA. Provided a version of Dewey running on AWS using OpenShift as a PaaS with OpenShift’s embedded Kubernetes for containerization. Updated the Database API to include Accumulo as a SaaS for cell-based access control. Identified and resolved availability, scalability, and security issues.
7 Army IT Agency
Proposed, prototyped, integrated, demonstrated, and documented a new cloud-based system architecture for the Army IT Agency, Chief Technology Officer. The new system was to be able to test new software and capabilities before migration to the operational infrastructure.
8 NGA
NGA had 300 hard-wired terminals globally distributed that were obsolete. We developed an improved architecture and provided a solution. We migrated a critical enterprise-level application from a hardwired terminal to a modern GUI running on Unix workstations. The solution involved minor changes to the enterprise-level IBM VM custom application, virtualized software to capture Input/Output operations, and a new custom terminal emulator on the Unix workstations. The new system greatly improved end-user communications since it used TCP/IP as the protocol versus RS-232 ASCII protocols. It also gave the program the ability to provide users with a whole suite of modern workstation-based tools and products, some of which were custom-developed and integrated with the rest of the solution.
For another NGA project, we developed software that could go back in time and replicate a previous satellite tasking strategy, saving users a large amount of effort to repeat the same tasking manually. While not quite Artificial Intelligence, it was close to it.
9 National Reconnaissance Office (NRO)
The organization needed the ability to deploy a classified intelligence collection system covertly in foreign territory. The system needed remote and unattended 24/7 operations spanning months to years. The original contractor developed both the hardware and the software, however on the first major test, the system failed within a few days. To make matters worse, there was only one hardware suite and no software simulation capability which made extensive full-scale testing impractical to meet for the mandatory deployment schedule.
We were brought in to resolve the above problems. Fixes and changes entailed:
· Changed the poorly designed timer/Deadman switch so it was ALWAYS active and coded in assembler language.
· Ensured the system was restarted if the timer/Deadman switch went beyond a customizable number of seconds.
· Developed a simulation capability for the software that could inject many types of failures into it such as failed operations, and bad data.
o Many such failures could only be simulated in this way, not via full-scale testing in short durations.
· The software would run normally if not in simulation mode