Improving software delivery for Guardian operations

The Challenge

Delivering software at the pace of space operations is no small task. By 2018, early modernization efforts led by the U.S. Air Force had hit a wall. Their traditional acquisition process, built for hardware-centric programs that once governed software delivery, was not designed to support the realities of modern software development. As missions advanced, application development was slow, deployment environments were inconsistent, and operators were left wrestling with clunky manual workflows that lagged.

Modernization efforts led by SSC now focus on delivering software capabilities to key units, including the space operations centers and Space Domain Awareness (SDA)-focused teams.

The overall mission of these efforts is to challenge bureaucratic inertia and prove that fast, secure, operator-aligned software delivery is possible inside government. Built by Guardians for Guardians, teams apply agile software development, lean product management, and user-centered design (UCD) with continuous delivery infrastructure to build applications that directly support mission operations.

But even with the right structure, early modernization teams hit roadblocks that slowed delivery and diluted impact:

• Resource gaps left core operational units underserved. As USSF leadership prioritized SDA capabilities, fewer resources were available to support the primary joint command and control environment. In practice, sustainment took priority over development, leaving innovation underfunded and frontline needs unmet.
• Technical debt created constant drag. Legacy software was difficult to maintain, expensive to update, and nearly impossible to integrate with modern cloud infrastructure. Teams were stuck fixing brittle, outdated codebases instead of building new solutions.
• Deployments were fragmented and unreliable. Without consistent environments across Impact Level 4 (IL4), Impact Level 6 (IL6), and on-premises systems, teams struggled with testing, version control, and getting code to production. Even minor updates could take weeks to reach users, including those at coalition operations centers in Canada, the United Kingdom, and Australia. Supporting multinational users introduced additional challenges, including classification boundaries, data-sharing constraints, and environment-specific deployment issues.
• Operators struggled with cognitive load. Operators are trained to act decisively, but poorly designed tools and redundant processes eroded that confidence until friction became an expected part of the job.
• Workarounds became the norm. Without reliable tools, operators resorted to deprecated systems and manual processes. Even routine actions like creating a single space task could take 45 minutes, while operators manually managed radio frequency (RF) deconfliction using outdated tools and incomplete data.

Despite an ambitious vision and early momentum, the delivery environment constrained speed, scalability, and impact. Critical software was slow to ship, hard to scale, and rarely met operator expectations. Decisions that should have taken minutes stretched into hours or days, directly impacting national security and the Space Force’s ability to respond to threats.

Without a better approach to software delivery, the Space Force risked losing ground in one of the most contested domains of modern warfare.

The Approach

In advancing digital transformation within space command and control, SSC paired with us early to mature agile practices, stabilize its pipelines, and expand continuous delivery across environments. Together, we focused on three areas:
‍

1. Building reliable environments and pipelines for secure software delivery across security boundaries

SSC supports applications across on-premises and cloud networks, spanning multiple classification levels (IL4 and IL6), each with distinct compliance and operational requirements. To reduce friction and establish repeatability, we:

• Developed and deployed secure development and production environments across IL4, IL6, and on-premise to support consistent integration and deployment processes.
• Standardized delivery pipelines using GitLab CI, Infrastructure as Code (Terraform), and GitOps (ArgoCD) for consistent, auditable software releases
• Maintained version parity across environments, allowing developers to build and test at the unclassified level and promote code to IL6 without direct access to SIPRNet, eliminating environment-specific bugs and deployment delays
• Delivered continuous updates to operators without compromising security controls

2. Putting users at the center of the development process with user-centered design

Legacy systems were difficult to modify, and vague requirements with excessive rework often slowed new development. User-centered design was already central to the original modernization approach, and we worked alongside teams to deepen and operationalize those practices in daily development:

• Paired engineers, product managers, and UX designers directly with operationally deployed Guardians, using feedback loops to build features that meet mission needs. Guardians test recent updates, identify issues, and shape the next iteration based on real-time input.
• Brought SupraCoders onto the development teams to apply their expertise and operational experience, helping them adopt software development practices while training them to ship features that solve real mission problems.
• Implemented Extreme Programming (XP) and test-driven development (TDD) to increase software reliability and reduce rework
• Shifted from project-based to product-based development, focusing on iterative improvements based on operator feedback loops

3. Automating security and compliance from day one

Traditional security release processes treat compliance as a final checkpoint, leading to rework, delays, and elevated risk. We moved security into the development workflow by:

• Integrating automated security scans (static code analysis, container scanning, and runtime validation) directly into CI/CD pipelines
• Enforcing Zero Trust principles through role-based access control (RBAC), micro-segmentation, and least-privilege defaults
• Eliminating manual compliance tasks by building applications to meet security requirements from the start, not as a post-facto checklist
• Pairing continuous automated testing with user-centered design to meet Developmental Test and Operational Test requirements, avoiding the large, infrequent test events that often uncover issues late and delay releases

Beyond implementing these technical changes, we paired 1:1 with Guardians, civilian staff, and contractors to teach modern development methods like Extreme Programming (XP), user-centered design, and lean product management practices. By building real products for real users, these teams ensured that capabilities were operationally valuable. Many carried those practices into future assignments, expanding government ownership of software development and helping sustain a culture of continuous delivery across the organization.

These changes helped the government move from rigid, slow-moving processes to a modern software delivery model where Guardians could build, test, and deploy new capabilities faster with less risk and better alignment to mission needs.

Impact

Together, teams at SSC and Rise8 built and matured delivery pipelines, engineering practices, and security workflows to deliver at a speed and scale that matches mission needs. In close partnership with Guardians, we developed and deployed the full suite of applications supporting daily operations. Operators no longer wait weeks or months for critical updates. Instead, real-time needs and feedback shape weekly releases with updates to mature applications as needed to support pipeline, security, and platform improvements.

Application Overview

The following applications support faster decision-making, simplify workflow processes, and improve collaboration across Space Force units and coalition partners.

→ SpaceBoard

The first app developed by Rise8, SpaceBoard is a high-interest event tracking tool designed to give operators real-time awareness of space activities like launches, reentries, and sensor status, all displayed on a centralized “big board.” This tool improves coalition coordination and mission awareness across 1,600+ global users, enabling rapid and unified situational understanding among allies such as the US, UK, Canada, and Australia.

→ SureFire

SureFire is a radio frequency deconfliction support tool designed to manage and process RF coordination requests for space assets for safe and conflict-free mission execution. It replaces the outdated FlightCheck system, improving mission risk management and operator workflows while providing coalition partners with access and automating RF safety decisions.

→ Space Desk

Space Desk drastically reduces Space Support Request (SSR) management times, improving the speed and efficiency with which operators handle requests for support and information. It also boosts transparency by transforming email-based updates into a status-tracking system.

→ Bluestat

Bluestat is a sensor maintenance management tool that centralizes sensor data into a single application. It replaces the need to navigate multiple legacy systems, reducing sensor maintenance workflow time from 41 minutes to just 30 seconds. Space Force theater watch officers use it to simplify sensor management, maintenance tracking, and operational oversight.

→ Vue

Vue is a satellite-object identification (SOI) matching optimization tool that helps task satellites to appropriate ground-based radars for collection missions. It significantly boosts the processing capacity of objects and slashes user rates, dramatically increasing accuracy and reducing manual processing time.

→ Relay Tasking Suite

Rise8 built an integration suite of responsive applications to address each stage of the Space Tasking Cycle. These applications work together to decrease the time and cognitive load necessary to produce and disseminate plans, directives, and task orders.

• Relay Strat

Relay Strat is a digital tool that manages planning directives, simplifying the production, version control, and dissemination of directives from eight to under five hours. It enables strategists to manage contributors and share directives, providing real-time access on SIPRnet.

• Relay Plans

Relay Plans is a Master Space Plan (MSP) production and visualization tool that enables operators to create an MSP in 15 minutes using live data. It improves decision-making and situational awareness by providing a self-service viewer role for SIPRnet access.

• Relay Tasks

Relay Tasks simplifies the creation and distribution of Combined Space Tasking Orders (CSTO), which allocate space assets, sensors, and satellites to tactical units. It reduces tasking order production time by half while standardizing formats and enabling dynamic tasking of sensor units.

Key Outcomes

The development and deployment of these applications has driven measurable improvements across multiple mission areas, including Space Command and Control and Space Domain Awareness. Key outcomes include:

‍Space Command and Control

• Faster deployment cycles. Initial production releases that once took months now happen in as little as 64 days, with a 3.2-day deployment frequency achieved across classified applications.
• Significant operator time savings. Improved workflows have saved—and continue to save—warfighters over 34,000 hours across nine mission applications, eliminating manual, redundant, or inefficient tasks with automation and better design.
• Resilient RF deconfliction. The SureFire application replaced the deprecated legacy FlightCheck system, automating RF deconfliction and preventing disruption when coordinating space assets.
• Faster space tasking. The Relay Tasks application cut space tasking order production time by 50%, allowing operators to adjust asset allocations in near real-time.
• Reduced operator fatigue. NASA Task Load Index measurements showed a 36% reduction in cognitive burden for users of updated applications, reflecting better interface design, fewer manual steps, and improved decision support.
• Streamlined strategic planning.
  
  • The Relay Strat application reduced directive production from 8 hours to under 5.
  • The Relay Plans application enabled the creation of a Master Space Plan (MSP) in just 15 minutes using live data, replacing a process that relied on stale, weeks-old information.
• Faster support workflows.
  
  • Space Desk reduced request times from 45 minutes to 3 minutes.
  • Bluestat cut the time to access sensor status and planned maintenance windows from 41 minutes to 30 seconds.
• Improved DORA performance metrics:
  
  • 88.4% test coverage
  • 5.8% change in failure rate
  • 2-hour mean time to recovery (MTTR)

Space Domain Awareness

• Connected coalition coordination. Spaceboard, the first application we built and deployed, supports coalition partners, bridging the gap between allies for joint space domain awareness.
• Improved object tracking accuracy. The Vue application increased space object identification (SOI) processing capacity from 20 to 1,500 objects per week while slashing error rates from 30% to under 3%. Tasks that consumed over 100 hours per week now take less than one hour.  

With faster deployments, real-time operational insights, and automated decision-support tools, Space Force Guardians can focus on the mission instead of their software. The transition from slow, disjointed development to continuous software evolution has become a model of how military organizations can build, scale, and maintain technology that keeps pace with operational demands.

Tech Stack

CI/CD & Automation

• GitLab CI
• Terraform
• ArgoCD
• GitOps workflows
• Automated integration and testing pipelines

Application Infrastructure

• Azure Kubernetes Service (AKS)
• Tanzu Kubernetes Grid Integrated (TKGi)
• Tanzu Application Services (TAS)
• On-premise environments (IL4, IL6)
  

Application Development

• Spring Boot
• Java/Kotlin
• React
• Material UI
• Graph QL and SQL
• Keycloak
• NATS Messaging
• RabbitMQ
• Kafka
  

Security & Monitoring

• Anchore, Sigstore, Privy (vulnerability scanning and image signing)
• Istio and Calico (network segmentation and workload isolation)
• RBAC
• Prometheus, Grafana, and Loki (real-time monitoring and alerting)

Key Practices

• Agile, product-based team structure
• Embedded product managers and UX designers
• Extreme Programming (XP) and test-driven development (TDD)
• Continuous delivery across classification levels
• DevSecOps integration
• Paired programming with internal Guardians and contractors
• Real-time user feedback and iteration
• Secure-by-default architecture

Contract Information

This work was awarded under a DevSecOps Support Contract for operational software development.

Contract period of performance: May 15, 2020 – October 1, 2026.