Taking DevSecOps to the Next Level with Value Stream Mapping

This post explores the relationship between DevSecOps and value stream mapping, both of which are rooted in the Lean approach to systems and workflow. It also provides guidance on preparing to conduct value stream mapping within a software-intensive product development environment.

If the focus of post-waterfall software engineering could be summed up in one word, it would be flow, which focuses on reducing the time for items of customer value (e.g., features) to move from concept to deployment. Lean software development, DevSecOps, and value stream management all consciously orient their principles and practices around flow optimization. Although Agile software methods don’t often mention flow explicitly, flow optimization is implicit in Agile’s focus on the incremental delivery of value and the use of empowered, cross-functional teams to minimize impediments and delays.

Flow is an intuitively accessible concept. Rivers flow unless impeded by dams or rock formations. Our minds in a state of flow are unimpeded, focused, and energized. Software development is not concerned with the flow of water or internal consciousness but rather with the flow of value to customers and end users. By focusing on flow, we aim to achieve value as soon as possible and to eliminate any impedance or friction. Iterative and incremental development, continuous integration and delivery, minimum viable product, and minimum viable capability release all have the rapid flow of value as their raison d’etre.

A focus on flow underlies and unifies the topics discussed in this post. Value streams and DevSecOps are rooted in the premise that organizational boundaries should be subsumed in the pursuit of flow. Value stream mapping provides a framework for identifying existing barriers to flow and designing a future state in which value flows more freely.

Lean and Value Stream Origins

Lean as a philosophy and set of practices was popularized in a 1990 book about Toyota and the Toyota Production System (TPS), The Machine That Changed the World, by Womack, Roos, and Jones. TPS

This article is purposely trimmed, please visit the source to read the full article.

The post Taking DevSecOps to the Next Level with Value Stream Mapping appeared first on Carnegie Mellon University's Software Engineering Institute Blog.

This post was originally published on this site