How next-generation tools are impacting your software supply chain

New categories of product are emerging at the seams of the software supply chain.

To optimize the development of software products, we need a holistic view of the system used create them. I call this view the “software supply chain”, and it looks at how the creating activities are connected with each other and the rest of the business.

Those connections are significant business opportunities, and a number of tool categories have formed at these business-IT intersections with innovative functions that allow you to achieve ground-breaking new operational efficiencies.

In this article, I look at some of these emerging categories and how they impact your software supply chain.

What is the software supply chain?

The purpose of a supply chain is to meet customer needs, to deliver value to customers. Doing so with the most efficient use of resources possible is the modus operandi. Supply chain thinking, therefore, asks you to couch product development in a customer-centric model that is connected to the overall value chain of the organization. You accomplish this by connecting and integrating different parts of that chain.

Systems thinking says that the value of a system is not the sum of its parts. Rather, the value of a system is found in the strength and fidelity of the relationships among its parts. Those relationships are the force multipliers. They turn a banal collection of activities into a purpose-driven value-delivery system. Supply chain thinking allows you to execute on that and is, therefore, relevant as a critical competency to software product development.

When you are modeling the software supply chain, you want to maximize the network effects of the relationships between activities, identifying interesting ways to build connections and enhance interactions, ways that are unique to the world of software products.

Although all software products are built using a supply chain, you will see in the third example that software-as-a-service (SaaS) products are especially suited for supply chain thinking. The managed service delivered through a subscription-based model means that the operations of the business are uniquely coupled with the customer experience.

When you follow the path of applying this model, new tool categories emerge that optimize operations and deliver incredible value to customers. Three such categories are below.

Value stream management

Without value stream management, the overhead involved in connecting lifecycle activities is enormous — at an organizational level, it means an endless number of meetings, spreadsheets, emails, and appointments, and at the individual level it involves inefficiency and wastes from double data entry, tool juggling, and context switching acrobatics. VSM leverages the fact that all this information already exists, it is stored in artifacts in the tools you use to manage your work — Salesforce, Jira, Microsoft Project, ServiceNow, GitHub, and more.

By connecting and integrating the artifacts stored in your tools through a central hub, your entire activity chain becomes connected and integrated, and the flow of product-critical information to be controlled and managed effectively.

Of course, most vendors provide some kind of point-to-point integration, but these do not allow you to achieve the kind of central, system-level control you need to do value-stream management. Likewise, the process of building and maintaining long-running, high-fidelity integrations using web APIs can be difficult and frustrating due to their poor documentation and unexpected behaviors. For many organizations, this is an area ripe for outsourcing, using the skills of a dedicated third party that specializes in innovating on the integrations space.

Component management

Connecting your product life cycle with the open source teams working on the overwhelming majority of your application’s components is critical. Component-management tools seek to resolve the operational issues with component sourcing.

How do you know when a new version of the hundreds of open source packages in your application has been released? How do you know when a new vulnerability has been found in one of your packages? How do you track licensing and create a legal document like a bill of goods?

These problems are opaque and exhausting to solve, but component management tooling gives you the ability to manage all these issues, all in one place. Outsourcing this activity to a third party is not only cost-effective but also prudent — why bring this difficult competency in-house when it is better suited to a team of specialized security people? Supply chain thinking advocates that this nonfunctional operation is outsourced.

Product engagement

How does your organization accomplish the difficult task of feeding information about how a product is being used in the field back into the product life cycle? Collecting feedback the traditional way is a process heavy, high-touch activity that generates a lot of opinionated information. And collecting the data and generating the statistics needed to make data-driven decisions is incredibly expensive. Even with a team of data scientists correlating your many disconnected data sets, you would still find yourself dropping thousands on a BI tool to make sense of it. Smaller companies have no hope of pulling this off. Again, supply chain thinking says that this functionality is implemented best using outsourced innovation.

For SaaS applications, product-engagement tools attack the problem by dropping in easily but embedding deeply into your application to collect and report on real data about how customers are actually using your product. You can easily generate an understanding of what your customer journey looks like, what features get used (and which ones don’t), how behaviors differ across different user segments, and much more. It is not an understatement to say that this tool category is revolutionizing how product teams shape their user experience.


Originally published at on May 9, 2018

Software Engineering Manager @ Cisco Cloud Security