How Lockheed Martin Turns Its Software Factory into Continuous Combat Capability

1. Their software factory aims at continuous combat capability, not just efficiency

Lockheed Martin treats software as a decisive factor for mission success, so the goal of its software factory is to continuously deliver "mission capability" rather than merely ship software releases. The focus is on evolving capabilities such as perception, decision‑making, and system coordination, making software a core element of overall combat effectiveness.

2. DevSecOps is a tightly constrained process mechanism

Unlike many organizations that merely add security scanning tools, Lockheed Martin embeds security into every stage of the software lifecycle and enforces it through automated pipelines. Security checks act as gate conditions—code cannot progress without passing them—and the rules are enforced by a platform rather than left to individual teams.

3. Development environment and pipelines are offered as “standard products”

To eliminate variability in tooling and environments, the company provides pre‑configured development environments, unified toolchains, and templated CI/CD pipelines that can launch a new project within days. This standardization reduces start‑up costs and aligns processes across teams, effectively platform‑izing the development workflow.

4. Cloud‑native and GitOps address controllability and portability

Lockheed Martin adopts containers, Kubernetes, and micro‑services to decouple software from diverse execution platforms—airborne, ground, and cloud—thereby improving migration and maintenance. GitOps and Infrastructure‑as‑Code ensure all configurations are version‑controlled in Git, providing traceability, auditability, and the ability to restore system state on demand.

5. Extending the software factory to system interoperability

Beyond pure software development, the factory supports an "Interoperability Factory" concept that tackles integration challenges among weapon systems by standardizing interfaces, protocol conversion, and data fusion. The CI/CD pipeline also incorporates simulation‑based testing and careful release controls, while a dedicated Software Dojo continuously trains engineers in DevSecOps practices, linking platform construction with capability building.