Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Software Supply Chains: DevOps Lessons Learned from Southwest Airlines

November 23, 2015 By Wayne Jackson

iStock_000027380650_Medium

I was talking to a new business acquaintance the other day and had a really interesting exchange. It went something like this:
Him: So, what does Sonatype do?

Me: We work in the software development realm doing this new thing called Software Supply Chain Automation.

Him: What does that mean?

Me: Well, modern software is, for the most part, manufactured in ways that very much resemble traditional manufacturing, leveraging components, that are often open source, as the 'parts' in the process of assembly. We help them pick higher quality suppliers (projects) and parts (versions) while keeping track of what they've used and where.

Him: So you sell to developer types?

Me: Sometimes. There are a number of benefits to Supply Chain Automation – better security, policy compliance, and so on, but the strategic benefit is that we help organizations reduce their software and maintenance surface area. Fewer things to maintain means more resources for innovation - something that CEO's care about.

Him: Oh, you mean like Southwest only using 737's.

Me: Wow! Yes, exactly, I never thought of that analogy!

 

Reinventing How Software Is Manufactured

Southwest is largely credited with disrupting, if not reinventing, the airline industry. One of their key innovations was that decision to standardize on one aircraft to operate within their entire value chain. Not only did this decision dramatically reduce training and maintenance costs, but it also allowed for much higher quality on many dimensions including on-time departures.

This combination of increased efficiency and higher quality allowed Southwest to accelerate into new markets and drive extremely rapid business growth.

Screen Shot 2015-11-23 at 2.04.46 PM

At Sonatype we are similarly working to reinvent how software is manufactured – leveraging many of the same supply chain innovations employed by Southwest as they reinvented the airline industry.

A key lesson learned from Southwest is that passengers don't care what type of plane is used to get them to their destination. They simply want better, faster, cheaper air travel.

Similarly, when it comes to software development, users don't care what type of open source components are used to make their application perform. They simply want better, faster, cheaper software.

So how do you give them that? How do you learn from the lessons of Southwest to deliver better, faster, cheaper software?

Focus on Demands of the Customer

Here's the secret. It doesn't matter if you're delivering air travel, or software applications; success requires a maniacal focus on the demands of the customer. Customers want quality. Customers want speed. Customers want value. In order to deliver what customers want, you must eliminate waste, embrace standardization, and automate supply chain operations wherever possible.

Screen Shot 2015-11-23 at 2.04.13 PM

And it's not as hard as you might imagine, mainly because modern software engineering has fully evolved into a manufacturing-like discipline driven by the rapid proliferation of reusable, off-the-shelf, open source components. Simply stated, these components feed continuous DevOps processes that closely resemble traditional manufacturing supply chains.

This evolution toward software supply chain automation is excellent news because it provides development organizations an opportunity do exactly what Southwest did: eliminate waste, embrace standardization, improve time to market, and most importantly - make customers happy.

Now, admittedly, while Southwest's decision to optimize their value chain by standardizing on 737s was incredibly innovative at the time, it was also fairly easy to implement because they only had to choose one standard from among dozens of models and a handful of suppliers.

Software Supply Chain Intelligence and Automation

In the case of modern software, optimizing the supply chain by standardizing on components is quite a bit more difficult due the incredible variety, volume, and velocity of open source projects and the components that they produce. Quite literally, millions of them. Unlike Southwest, modern software development organizations can be overwhelmed with infinite choice; which means they must standardize on hundreds of parts from millions of alternatives.

Screen Shot 2015-11-23 at 2.07.01 PM

Such standardization is impossible without automation. Simply stated, we have created a portfolio of solutions that apply software supply chain intelligence and automation to ensure that only the best components are used throughout the software development lifecycle and to standardize on fewer suppliers (projects) and the highest quality supply.

As with Southwest, reducing your maintenance surface area can transform your ability to invest in innovation

So yes, if you fly Southwest Airlines, "you're now free to move about the country."

And, if you use Sonatype tools, "you're now free to innovate with an efficient software supply chain."

Tags: Sonatype vs. Black Duck, Software Supply Chain, Supply Chain Intelligence, AppSec, Open Source, Devops

Written by Wayne Jackson

Wayne is the CEO of Sonatype, a role he has held since 2010. Prior to Sonatype, Wayne served as the CEO of open source network security pioneer Sourcefire, Inc. (NASDAQ:FIRE), which he guided from fledgling start-up through an IPO in March of 2007, later acquired by Cisco for $2.7 billion. Before Sourcefire, Wayne co-founded Riverbed Technologies, a wireless infrastructure company, and served as its CEO until the sale of the company for more than $1 billion in March of 2000.