Jul 31 2014

Learning to Trust Your Mobile Apps

To speed secure, mobile app development, agencies take advantage of Homeland Security’s Carwash assurance platform.

In May 2012, the Office of Management and Budget released its Digital Government Strategy, which requires agencies to provide public access to high-quality digital information and services anywhere, anytime and on any device.

For its part, the Department of Homeland Security (DHS) developed a one-stop shop of tools and services needed to accelerate mobile application development, increase code quality and compliance, and leverage mobile best practices across the federal government.

Out of this effort grew Carwash, an automated application lifecycle management tool. Carwash opened in October 2013 to help DHS and other agencies develop good mobile apps by shortening the time it takes to build an app and deliver it to the public, while ensuring that security, Section 508 accessibility compliance and quality are built in. Carwash helps expedite the application development process by offering a continuous integration, build, test, source-code management and issue-tracking environment.

A defining feature of Carwash is its scanning and source-code testing ability. This feature lends insight on code security, quality and accessibility. It speeds up development by allowing developers to reuse quality code that has already been scanned. The more people view the code, improve upon it and reshare it, the better the efficiency, security and quality of their applications will be.

Carwash is innovative in other ways. Rather than discovering problems after an application is in use, Carwash offers users the ability to test against certain criteria and identify issues early in development. Once code is complete, software developers can access it through its own library, or source-code repository, and either add to it or access application reports. The repository acts as a kind of development hub and front door to the Carwash environment. After each build, users can see test results, download application builds and view the application via a centralized dashboard. They can also access a shared code repository with templates and certified modules that they can reuse.

How Can You Get Carwashed?

To allow users to leverage the service and offer feedback for improvement, Carwash is offered free of charge to government agencies through the end of fiscal year 2014. During this trial period, tenants have full access to test the service’s capabilities. The DHS Office of the CIO has established a Carwash support team for all current and prospective users.

DHS encourages other agencies to take advantage of the Carwash process. The National Institute of Standards and Technology and NIST Senior Researcher Tom Karygiannis are collaborating with federal partners and industry to establish a common set of criteria for mobile application vetting. Once those criteria are determined, Carwash will be able to help agencies scan and test those requirements.

Carwash is a streamlined delivery solution that gets high-quality, secure mobile applications into operation in record time. It not only marks a milestone in efficiency, innovation and compliance, but also offers a glimpse of the future of federal app development. To see a demo, learn more or get started using the Carwash platform, please contact the Carwash team at carwash@hq.dhs.gov.