You are here

SEAL: A generalized framework for deploying a secure application lifecycle management process with CI/CD

Award Information
Agency: Department of Defense
Branch: Defense Threat Reduction Agency
Contract: HDTRA123C0028
Agency Tracking Number: T2-0459
Amount: $1,099,942.24
Phase: Phase II
Program: SBIR
Solicitation Topic Code: DTRA212-004
Solicitation Number: 21.2
Solicitation Year: 2021
Award Year: 2023
Award Start Date (Proposal Award Date): 2023-08-01
Award End Date (Contract End Date): 2025-08-01
Small Business Information
9909 Mira Mesa Blvd. Suite 230
San Diego, CA 92131-3003
United States
DUNS: 962467747
HUBZone Owned: No
Woman Owned: Yes
Socially and Economically Disadvantaged: No
Principal Investigator
 Sarom Leang
 (703) 635-9090
Business Contact
 Laura Carrington
Phone: (858) 775-5063
Research Institution

The Defense Threat Reduction Agency (DTRA) uses High-Fidelity (HF) computer codes, many of which are legacy codes that have evolved over many years, to investigate weapon effects phenomenology and techniques for countering Weapons of Mass Destruction (WMD). As DTRA’s reliance on HF codes for tasks critical to national security continues to increase, transitioning such codes from legacy coding practices to modern practices becomes paramount. This transition to modern practices through the use of Application Lifecycle Management (ALM) frameworks will allow HF code developers to carefully monitor and control the evolution of the codes to ensure software development best practices are adopted, the code changes are thoroughly vetted for security, accuracy, and performance before the changes make their way into the mainline (or shared source code base) and released to the customers. EP Analytics is developing SEAL (for Secure ALM), which is a framework that enables transitioning legacy codes to a modern ALM framework. The foundation of the SEAL framework has evolved from years of experience in software modernization and performance analysis of large complex HPC applications. Legacy codes come with unique dependencies, requirements, and complexities that can pose hurdles during modernization. These hurdles may be caused by technical (e.g., breaking changes during technology stack upgrade) or social (e.g., reluctance to rapid technical changes by key personnel) factors. Cognizant of these factors, a key design goal of the SEAL framework is to be extensible, technology agnostic, and incremental. In Phase I, EP Analytics successfully demonstrated the feasibility of applying the SEAL framework to develop and demonstrate a working prototype of an automated CI/CD pipeline within an application container for SHAMRC, a legacy HF DTRA code. The automation entailed developing multiple enabling software artifacts/tools to support code builds, establishing test oracles (or truth values) for existing tests, executing tests, validating the test results, analyzing code coverage, and generating reports. EP Analytics and ARA tested the pipeline on multiple HPCMP systems (Narwhal, Onyx, and Mustang) and ARA’s local development cluster.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government