Last month, the Air Force Life Cycle Management Center (AFLCMC)’s Detachment 12, which is better known by its Star Wars-inspired operational name – Kessel Run – announced that its Kessel Run All Domain Operations Suite (KRADOS) would be operationally utilized by the U.S. Air Forces Central’s 609th Air Operations Center (AOC). This was historic, as it marks the first time that an AOC would utilize the new solution to plan and execute its Master Air Attack Plan.
KRADOS is a revolutionary system that has the potential to fundamentally change the way AOCs operate, communicate and share information. It’s also revolutionary in how it’s built. That’s because Kessel Run is an avid believer and supporter of the DevSecOps approach to application development that strives to utilize Agile and DevSecOps best practices in all of the applications that it develops.
In light of this historic news, we decided to shine our second Developer Spotlight article on the Head of Engineering, OpsC2, at Kessel Run, Sushil Kumar – who has spearheaded the development of KRADOS and has a history of running successful software engineering and development programs over the course of his more than three-decade-long career.
During our conversation, we talked about the functionality of KRADOS, what makes it better than the application that it’s intended to replace within the Air Force, how DevSecOps is making the applications developed by Kessel Run better and more secure, and what’s next for the KRADOS solution.GovDevSecOpsHub (GDSOH): Can you tell our readers a little bit about Kessel Run? Besides having a fun name, what does the unit do and who does it serve?
Sushil Kumar: Kessel Run is basically the operational name for the Air Force Life Cycle Management Center’s Detachment 12. Its mission is to deliver combat capabilities for our warfighters, but we’re also looking to revolutionize the way the Air Force conducts its software acquisition process.
We are primarily based out of our headquarters at the Hanscom Air Force Base. However, we have a significant presence in Boston at an experimental lab, which we call the Kessel Run Experimental Lab (KREL). We also have a presence out of Langley Air Force Base.
Kessel Run builds, tests, delivers and upgrades warfighting software applications in cloud-based infrastructures. Basically, [we’re developing] a suite of applications that warfighters can leverage out at the Air Operations Centers (AOC).
If you look at it from a larger perspective, we are part of the Air Operations Center – Weapon System (AOC-WS). We integrate applications, data, and platforms to deliver capabilities to our warfighters. These constitute a distributed network of systems that help deliver air tasking orders (ATO) and airspace control orders (ACO). Our applications assist in the creation of that ATO, that planning information for the daily execution and the daily operation of the AOC.
GDSOH: What is the Kessel Run All Domain Operations Suite (KRADOS)? What different applications and capabilities does it deliver to users?
Sushil Kumar: Right now, KRADOS is made up of applications that are primarily built to replace our legacy Theater Battle Management Core System (TBMCS) and Master Air Attack Plan Toolkit (MAAPTK), which is used at the AOCs. We are looking to replace that existing system and transition to something that is more automated and efficient.
KRADOS streamlines the ATO process by automating multiple planning functions that are currently done manually. [AOCs currently] use whiteboards, spreadsheets, and phone calls to share a lot of that information. What we are trying to do is to automate that.
We have nine applications now, and we’re continuing to enhance and expand on that and include more applications that provide more capabilities over time. Our ultimate goal is to have all of the AOCs within the Air Force use and leverage the KRADOS suite of applications to inform their daily operations.
GDSOH: How is KRADOS different/superior to its predecessors – the Theater Battle Management Core Systems (TBMCS)? What about the way the military operates today – and today’s military priorities – make the legacy TBMCS no longer capable of meeting its needs?
Sushil Kumar: The key advancement of KRADOS over TBMCS is the rapid nature in which it can deliver features and functionality. And I’m not just referencing the applications and application speed, but being able to deliver functionality in a rapid manner.
For example, currently at the 609th, if there is an issue with some feature or functionality within one of the applications, we are able to leverage our existing DevSecOps process to quickly develop, test, and deploy that functionality or feature in a very rapid manner. In fact, over the last few days, we have been able to do that within 24 hours.
“KRADOS streamlines the ATO process by automating multiple planning functions that are currently done manually. [AOCs currently] use whiteboards, spreadsheets, and phone calls to share a lot of that information. What we are trying to do is to automate that.” – Sushil Kumar
This is just not possible with the existing TBMCS, MAAPTK, and 10.1 applications. With the existing system, it goes through the traditional waterfall process, where the bugs are captured, triaged, and they go through a long review, development, test, and deployment process. That can take months – or sometimes years.
Having the ability to rapidly develop these features and fix bugs makes us more resilient. It also enhances our warfighting capabilities going forward.
GDSOH: Last month, Kessel Run announced that the U.S. Air Forces Central’s 609th Air Operations Center became the first AOC to operationally utilize the KRADOS to plan and execute the Master Air Attack Plan. What does this mean? Is the KRADOS still being BETA tested by the AOC? Is it already replacing the TBMCS?
Sushil Kumar: The 609th has been using TBMCS – as well as some of the standalone KRADOS applications – to perform its mission planning activities. Previously, there were a lot of manual steps necessary to transfer data from one system to another, or to share information between groups.
At the 609th, we’ve deployed the KRADOS application suite, including a mechanism for inputting and managing mission planning data and workflow in a more integrated and timely manner.
This mechanism helps increase operational efficiency, improve communication, and enable information sharing both within and between groups in the 609th. This particular announcement reflects our ability to deliver minimum viable product (MVP) capabilities, specifically related to mission planning. What we are working towards – and will soon be moving towards – is upgrading to a minimum viable capabilities release (MVCR). That means building the operational and performing capabilities, as well as the ability to meet the needs of “theater of war” scenarios that may come up in the future.
“Security is a key aspect of everything we do. That includes the development process, the data classification and usage, and user management and deployment processes. In order to streamline our process, Kessel Run has employed a variety of source code analysis tools.” – Sushil Kumar
Right now, we are delivering just a fraction of what we plan to deliver in the future. But, it is a step forward in providing the MVP capabilities.
GDSOH: The Air Force – and units like Kessel Run – have been avid proponents of the DevSecOps approach to application development. Was KRADOS developed with this approach?
Sushil Kumar: Yes, absolutely. All of the Kessel Run software and application development practices are strongly based on leveraging Agile best practices and the DevSecOps approach to application development and deployment.
DevSecOps helps us to identify vulnerabilities and mitigate risks much earlier in the development process. This is essential as we place our products, features, and functionalities in the hands of our warfighters. Following the DevSecOps process ensures that what we’re building is secure enough and complies with accepted standards and guidelines.
GDSOH: Why is DevSecOps important for Kessel Run and other application development teams today? What does the adoption of DevSecOps mean for the application development and deployment process? How does it help to accelerate ATOs and get vital software into use more quickly?
Sushil Kumar: Right from the initiation of the development process, applications run through a security scan. Security is a key aspect of how we develop, as well as how we test our software. Our development process uses a continuous integration and continuous delivery (CICD) pipeline. Once testing activity is completed in the development CICD pipeline, it then goes through a security scan as part of the security CICD pipeline.
“…if there is an issue with some feature or functionality within one of the applications, we are able to leverage our existing DevSecOps process to quickly develop, test, and deploy that functionality or feature in a very rapid manner. In fact, over the last few days, we have been able to do that within 24 hours.” – Sushil Kumar
Only after successful scans and approval can an application get deployed in a pre-production environment. And in that environment, we run a bunch of smoke and integration tests before it gets deployed into production to test it further.
Kessel Run has a continuous approval to operate (CATO). One of the key tenets of getting that CATO is ensuring that the security cycle pipeline is tightly integrated into our DevSecOps-based development and deployment processes.
Security is a key aspect of everything we do. That includes the development process, the data classification and usage, and user management and deployment processes. In order to streamline our process, Kessel Run has employed a variety of source code analysis tools.
As part of that aforementioned security scan, applications go through these source code and code quality checks, and other tools could be used as part of the DevSecOps process. They are tools used by the commercial industry – including solutions such as static and dynamic code analysis tools.
To learn more about Kessel Run and their KRADOS solution, click HERE.
Featured image: U.S. Air Forces Central Airmen work in the Combined Air Operations Center at Al Udeid Air Base, Qatar. AFCENT’s 609th Air Operations Center made history this week when it became the first AOC to operationally utilize the Kessel Run All Domain Operations Suite to plan and execute the Master Air Attack Plan. (U.S. Air Force photo by Staff Sgt. Dustin Mullen)