search menu icon-carat-right cmu-wordmark

What Is Digital Engineering and How Is It Related to DevSecOps?

David Shepard Julia Scherb

This post has been shared 7 times.

The Department of Defense's desire for faster delivery of new capabilities is transforming defense acquisitions. The emerging processes of digital thread and digital engineering aim to address the difficulties of managing complex and evolving technologies over their lifecycles. In the same way that DevSecOps has transformed the processes of software development, testing, and acquisition for the DoD, digital engineering has the potential to transform the way hardware-intensive systems are built and acquired by placing an emphasis on digital modeling techniques. This blog post introduces some of the concepts of digital engineering, relating them to more familiar concepts, such as DevSecOps.

In the U.S. Air Force, for example, the acquisition of new weapons systems is poised to enter the 21st century, emulating best practices for engineering that likely originated in software practices. After the Air Force acquires an aircraft, it is used, maintained, and updated over a period of decades, which is the lifespan of a typical airframe. This commitment to sustainment and evolution is why aircraft, such as the B-52 bomber first deployed in 1955, are still in use today.

By the end of its lifespan, an airframe such as the B-52 has undergone many updates to keep it aligned with current missions and capability needs. Tracking all these changes over such a long span of time and across many different aircraft is an arduous, often error-prone, and necessary process. It is this type of long-lived system that may be aided by the emerging practice of digital engineering.

Digital engineering is defined as

an integrated digital approach that uses authoritative sources of systems data and models as a continuum across disciplines to support lifecycle activities from concept through disposal.

Digital engineering is designed for hardware-intensive lifecycle management, but its utility encompasses software, as well. To understand the need for digital engineering as a new process model for developing and acquiring systems, it is important to recognize the similarities and differences between hardware and software technologies, their acquisition, and their maintenance requirements. For example, complex weapons systems depend on multiple systems operating simultaneously and in concert. This is known as a system of systems (SoS) and occurs in both software and hardware-intensive systems. While integration challenges exist for both hardware and software SoS, the management and scheduling of hardware and software integration can look vastly different.

Agile/DevSecOps provides a lifecycle management methodology and framework that has already successfully been adopted by the DoD, a model that digital engineering emulates in its lifecycle management of complex hardware systems.

A recent SEI report defines DevSecOps as

an approach that integrates development, security, and delivery/operations of software systems to reduce the time from need to capability and provide continuous integration and continuous delivery with high software quality.

Digital engineering applies similar emphasis on the continuous evolution of artifacts and the organizational integration of people and process throughout a development organization and integration team, as does DevSecOps.

Digital engineering is sometimes referred to as "digital thread," which is understood as a more encompassing term, though the novelty of both terms has created some dispute over their exact overlap. Both digital thread and digital engineering are an extension of product lifecycle management, a common practice in private industry that involves the creation and storage of a system's lifecycle artifacts, in digital form, and which can be modified as a system evolves throughout its lifecycle. Digital thread and digital engineering both involve a single source of truth, referred to as the authoritative source of truth (ASoT), which contain artifacts maintained in a single repository, and stakeholders work from the same models rather than copies of models.

DevSecOps also relies on a single source of truth, stored in a version-controlled repository of artifacts. However, the physical nature of the stored artifacts means that the exact mechanism for how version control works is different. The infrastructure costs of DevSecOps, which involve storage of textual artifacts up to hundreds of megabytes of data for an entire repository, are much lower than those of digital engineering, which can involve storage of models that are terabytes in size.

Typical version control systems in use today for software store a copy of the repository on the developer's workspace and then reconcile changes with a master repository, digital engineering models can be too large for local storage by individual engineers and reconciling changes in large binary models at a later time can prove infeasible. Therefore, digital engineering uses a centralized version control system, as opposed to the distributed version control systems in use by software development practices today.

Both digital engineering and DevSecOps are committed to optimizing processes, automating the build and integration of systems, building/integrating more frequently, and testing earlier, more often, and more thoroughly. Through modeling and testing, the two paradigms seek to detect flaws at earlier stages in the development process, saving time and money, and improving overall quality.

DevOps is recognized to have emerged as a new process model in late 2010, with DevSecOps integrating security concerns into the process model sometime later. Ten years is an eternity in software terms, so DevOps and DevSecOps are at a more mature stage of development than digital engineering. However, digital engineering has a more ambitious scope: managing the entire lifecycle of a system of systems, not just its software components. Digital engineering's emphasis on simulation and modeling, for example, has benefits in the hardware realm, in addition to its familiar discipline of software engineering.

Digital Engineering and Testing Requirements

One example of the application of digital engineering is the digital twin, which is a software simulation of the operation of a physical system. The physical system often employs software, so the digital twin is potentially also simulating software. Digital twins can be used to reduce the time, money, and power required to test and iterate on the design of novel technologies.

Digital twins can be harnessed to augment the testing and validation of complex systems, such as autonomous vehicles. To achieve their testing and quality assurance goals, the autonomous vehicle industry needs to supplement real, physical-world safety testing on their self-driving cars. A recent RAND report exposed the exceedingly high requirements for test coverage of autonomous cars, to prove their safety: "Autonomous vehicles would have to be driven hundreds of millions of miles and sometimes hundreds of billions of miles to demonstrate their reliability in terms of fatalities and injuries." The report concludes that this near-insurmountable testing task can only be accomplished by augmenting it with simulated testing.

Digital engineering heavily promotes the use of virtual models in tandem or in advance of constructing physical models, to improve efficiency, efficacy, and success. In the Air Force as well, the costs of testing in terms of time, money, and availability of resources, without simulations and modeling are impossibly high. Dr. Will Roper, who is the Assistant Secretary of the Air Force for Acquisition, Technology and Logistics, as well as a digital engineering advocate, wants to change the acquisition process for aircraft, to avoid the massive toll of real-life testing. More than 300 pilots lost their lives and 889 aircraft were lost in the testing of 1950s-era F-100 Super Sabre jet fighters. Modeling and simulation tools that reduce the use of real aircraft and pilots could avoid significant consequences like these.

Looking Ahead

In its current state, digital engineering is new and relatively unrecognized as an industry term. However, those currently adopting DevSecOps practices should be able to recognize the similarities between the goals of DevSecOps and digital engineering, as well as be prepared to adopt the latter's practices and ideas.

Model-based software engineering (MBSE), while not a new concept, could also see wider use within the software engineering community, due to the way that digital engineering artifacts are modeled and managed. The introduction of new standards and practices from digital engineering may come full-circle and influence the way that software is currently built, placing a larger emphasis on the modeling and simulation of software systems.

Finally, the introduction of digital engineering into the DoD has the support of a congressional mandate. The DoD is expected to make significant use of the practices of digital engineering for systems acquisitions. Beyond the DoD, the integration of digital engineering concepts into a diverse range of fields would further promote efficiency, testing, safety, and the reuse of products, both physical and digital.

Additional Resources

The Digital Engineering Working Group newsletter promotes digital engineering principles that can assist in advancing digital engineering practices.

Get updates on our latest work.

Each week, our researchers write about the latest in software engineering, cybersecurity and artificial intelligence. Sign up to get the latest post sent to your inbox the day it's published.

Subscribe Get our RSS feed