DevSecOps and Preparing the PeBL eBook Platform for DoD-Wide Use
As the new Personalized eBooks for Learning (PeBL) platform grows in popularity, the ADL Initiative is taking steps to broaden its accessibility, functionality, and security for DoD uses. Specifically, the PeBL development team is using a DevSecOps approach for software development, testing, and security assurance.
DevSecOps (short for Development, Security, Operations) combines software development with concurrent cybersecurity and IT operations. DevSecOps replaces the traditional waterfall approach, which relies on a lengthy process of pre-development requirements-gathering and planning. The waterfall approach is slow and inhibits adaptability and innovation. In contrast, DevSecOps—which employs a more agile development model—rapidly matures ideas into capabilities, reducing software release times from months to weeks.
For PeBL, the DevSecOps process included containerizing the code and hosting it in a sandbox development environment. Containerizing involved placing the software and all its dependencies (code, runtime environment, system tools, system libraries and settings) within a virtual machine (called a container). Running on a host computer’s operating system, the virtual machine allows the software to run as its own system.
Using containerized software streamlines installation because the code is already compiled within the containers and only requires the definition of limited variables to run. This virtualization also enables faster installation and maintenance, including scaling up and down (by adding or removing containers) to ensure functionality when widely deployed.
The PeBL software was containerized using the Docker platform for operating system virtualization. The package was then uploaded to the ADL Initiative sandbox, in this case a cloud environment hosted by USALearning, an ADL Initiative partner. A cluster of 15 servers was added to imitate the wide variety of digital traffic that would be experienced with hundreds of PeBL e-books communicating xAPI statements to a Learning Record Store.
Within the sandbox, the PeBL package was run in multiple configurations to test its interoperability with other systems and applications, including components of the Total Learning Architecture (TLA).
“Testing PeBL for cross-domain interoperability and TLA compliance was a vital step in bringing the software to market given the large and complex user community within the Defense Department and its Services,” said Elliot Robson of Eduworks, the ADL Initiative vendor responsible for PeBL’s design and development. “We now hope to see PeBL used throughout the Department, which will speed its adoption at other agencies, by academia, and in the private sector.”
About PeBL and Its Early Adopters
PeBL is a next-generation platform that extends the learning utility of e-books, adding multimedia, interactivity, and adaptive widgets, as well as leveraging xAPI to allow detailed learning analytics.
After the ADL Initiative’s investment in development and prototype testing, in 2020 the United States Marine Corps became an early adopter of PeBL. The Marine Corps Doctrinal Publication 7, Learning (MCPD 7) was converted from a static text publication into a fully interactive workbook that links user data to USMC learner records via xAPI statements. The PeBL version of MCPD 7 is now available to thousands of Marines.
The Naval Air Warfare Center Aircraft Division (NAWCAD) Strategic Education Office (SEO) is also using PeBL as a learning tool for their future workforce: middle- and high-school students. The NAWCAD SEO has deployed PeBL technology to teach the basics of AI to STEM students in an engaging way.
DevSecOps and the Learning Technology Warehouse
Because security and speed are increasingly important for DoD software projects, the Department in August 2019 formalized a DevSecOps Reference Design Document to guide its development and procurement of software products.
The PeBL project is one of the first ADL Initiative software projects to follow this recommended approach—but it’s far from the last. The ADL Initiative is maturing its program-wide DevSecOps processes as part of the Learning Technology Warehouse project. The final PeBL application package and other ADL Initiative apps will be made available to government stakeholders through the Learning Technology Warehouse portal, the user-facing interface to the ADL Initiative’s DevSecOps pipeline. Federal Government personnel can now register for a Warehouse account to access these resources.