Over a million developers have joined DZone.

Software Supply Chains and DevOps

DZone's Guide to

Software Supply Chains and DevOps

· DevOps Zone ·
Free Resource

Open source vulnerabilities are on the rise. Read here how to tackle them effectively.

During our induction into the IBM family, one of our new colleagues told an anecdote about a firm that outsourced its mobile application development. Managing the relationship of outsourced work with what is being developed in house is a challenge similar to what manufacturers face with their supply chains. While this is a topic the folks at IBM having been talking about for a while, it’s new to me. The implications however are both clear and profound.

Lessons from Supply Chain Masters

Consider the lessons that Toyota learned through its Lean efforts. Being Lean, and working in small batch sizes does not work unless suppliers are also able to react quickly, producing small batches of exactly the parts needed for the vehicles that were in demand. Liker’s book The Toyota Way recounts their work with Trim Masters where seats are ordered when a car begins its four hour trip down the assembly line. With Toyota’s help Trim Masters was able to produce the seats and deliver them just in time to meet up with the rest of the car a few hours later.

Or consider Walmart’s famous supply chain agility. While maintaining very low costs, Walmart is also able to react very quickly to changing market dynamics to rarely need to put items on clearance.

Applying Supply Chain Lessons to Software

Software companies that would decide to make a change and release it hours later are few and far between. However, we serve businesses that increasingly expect to be able to change plans often to exploit immediate or transient market opportunities. Speed of innovation is key.

If we have outsourced our mobile development and need to deliver a new capability to market, we need to be able to signal our supplier and get rapid delivery of new capabilities that match our internal development efforts. Renegotiating the contract won’t work. Instead outsourcers and the teams that deliver for them will need to establish contracts that expect frequent changes and account for them. There’s plenty of writing on agile software contracts that can help with this.

If the suppliers can’t react quickly enough to change, you may take a page from Toyota’s playbook and invest in teaching your partner how to be more agile. High expectations as well as providing assistance are your responsibility.

Optimizing how you work with your suppliers is never enough. Your internal systems for frequently delivering what is needed with high quality need to be in place as well. Applying similar Lean concepts to how software is development and released tends to result in adoption of Agile and DevOps techniques such as continuous delivery.

For IT shops that have outsourced, rapid internal delivery, smooth signaling of changing requirements to suppliers, and rapid delivery from suppliers need to come together to form a seamless, predictable release pipeline.

For more on Lean, you should check out of white-paper on Lean Build and Deployment Automation.

Learn about the ins and outs of open source security and management.


Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}