LLNL’s Computing Directorate supports software development as a discipline through strategic investments, training, working groups, hackathons, and other outlets—including Developer Day, an annual gathering of the Lab’s software development community to discuss common issues and share best practices. Held in a hybrid format for the first time, Dev Day 2022 convened more than 70 people for an agenda of lightning talks, a town hall discussion, and guest speakers.

John Grosh, deputy associate director of Computing, stated in his opening remarks that “software drives almost all components of what the Lab does.” Indeed, the Computing Directorate encompasses computational science, information technology, data science, control systems, applied mathematics, cyber security, and—of course—software development.

“I’m heartened by the Lab’s continued investment in the software developer community through events like Dev Day and programs like the new Software Development Resource Center. The ways we employ software technologies and the people working on them are unique to LLNL, and Dev Day is a nice time to celebrate those things and build a stronger community of developers,” said Geoff Cleary, who co-organized the event along with Kyle Dickerson, David Beckingsale, and Angie Schneider.

Dev Day provides different ways for the audience to learn about and engage in topics of interest to the developer community—such as lightning talks about small projects, summaries of literature, deep dives into project planning and implementation, discussions of career opportunities and challenges, and networking and brainstorming sessions—and the format varies every year. This year’s event spotlighted guest speakers who explained the impact of unique software projects on their organizations.

For example, Kyle Wendt, a computational nuclear theorist in LLNL’s Nuclear and Chemical Sciences Division, gave an overview of quantum computing and the Lab’s quantum design and integration testbed. He approached the topic through the lens of a software development, comparing and contrasting this new technology with classical computing. “Quantum computing will bring about an unprecedented leap in computational power. The algorithms will be very different from how we currently think about numerical simulations,” Wendt stated.

Software Quality Standardization

Miranda Mundt, a research software engineer at Sandia National Laboratories, described her team’s tiered approach to software quality practices. Unlike commercial software, research software provides a means to advancing science, and project teams often determine their own quality guidelines or may not prioritize quality guidance the same way. Accordingly, Sandia’s Center for Computing Research (CCR) recognized the need for a quality standardization framework that can scale and evolve naturally with a software project. Mundt noted, “Software quality is not a one-size-fits-all problem. We wanted to determine how to ‘right size’ a software quality model depending on a project’s maturity and without being prescriptive.”

Her team interviewed CCR managers to understand how they define quality and measure success. Mundt and colleagues also conducted surveys with software project leaders to shine a light on each project’s current methods for ensuring quality. Finally, they reviewed literature to explore how software teams work under different sets of quality standards. The resulting framework contains different tiers of quality requirements and recommendations, so project teams can compare the characteristics of their projects to the framework to determine next steps for ensuring quality.

Mundt explained, “As a project matures and moves into higher tiers, new requirements and recommendations are applied. The software quality activities represented in each new tier are designed to align with the project’s new level of maturity and to match the level of rigor deemed necessary for that maturity.” For example, Tier 1 provides recommendations for a project in the early stages of development or with short-term funding, while Tier 3 is designed for established projects or those with undefined release processes.

Mission-Focused Cyber Security

Dr. Arun Viswanathan from NASA’s Jet Propulsion Laboratory (JPL) presented work that keeps space missions resilient from cyber threats. He leads JPL’s Cyber Defense Engineering and Research (CDER) group, which is tasked with cyber defense engineering for JPL’s space missions, designing and implementing advanced cyber tools and capabilities, research on the security of autonomous and intelligent systems, and more. “Satellites and other spacecraft are high-value targets for cyber attackers,” he stated. The group’s expertise and tools have assisted several JPL missions such as the Mars 2020 and Europa Clipper missions, and they continue to be engaged in research projects with academia, other NASA centers, and government agencies.

Space cyber security has many challenges, and risks can arise in multiple ways. A mission’s systems are complex, networked, and distributed, often with legacy components. Attacks can target ground systems, communication links, or autonomous capabilities such as satellite signal interception. Furthermore, Viswanathan pointed out, “Space research is collaborative. If a partner organization gets hacked, there’s a chance we’ll get hacked.” During a mission’s years-long development times, the cyber security landscape can change significantly.

The CDER group developed the Cyber Analysis and Visualization Environment (CAVE)—a multilayered model that includes all the hardware, software, files, processes, network connections, and other components of a physical system. “The model runs various scenarios to show all adversarial paths so we can isolate them and mitigate their impact,” Viswanathan explained. CAVE collects data from disparate sources and transforms them into a format that is easily ingested by machines and readable by humans. The team can then run interactive visualizations of mission data.

Demonstrating a few user-defined layouts and analyses over a sample model, Viswanathan noted, “CAVE consolidates distributed information into a structured, automated representation. This process enables model-based reasoning, which dramatically reduces the time for identification of security weaknesses from months to minutes.” CAVE’s risk assessments are scalable, repeatable, and accurate.

Looking Ahead to Year Seven

With Dev Day 2023 on the horizon, the organizing team acknowledged the directorate’s ongoing support. Beckingsale remarked, “Management continues to commit to Dev Day both through sufficient funding to allow us to put on a high-quality event, and through participating in the event itself by giving the opening remarks each year.”

As software technologies and trends evolve, so too will Dev Day. “Software developers at the Lab want to stay connected and share their knowledge. Expanding and reinforcing opportunities to connect with each other will be increasingly important as we spend more time in our new reality of remote and hybrid work,” said Dickerson, who along with Beckingsale has spearheaded every Dev Day. Cleary added, “At times it was difficult to cross the in-person and remote attendee divide, yet it was lovely to invite participation from everyone who couldn’t attend in-person.”

Past coverage of Dev Day events can be found on this website.

—Holly Auten