Search results

Digital technologies have fundamentally changed organizations, industries, and even the society. Although institutional theory provides rich array of perspectives to both the content and dynamics of such changes, research at the intersection of institutional scholarship and digitalization has remained scarce. In this essay, I draw on the institutional logics perspective to elaborate digitalization as involving a new set of interconnected managerial beliefs and norms, organizational practices, and diverse material and social structures that together complement and challenge the established logics in organizations and institutional fields. I draw attention to two central organizing principles in the logic of digitalization: the pursuit of digital omniscience – the efforts to represent and conceive the world through digital data – and digital omnipotence – the efforts to bring activities inside and outside organizations under the control of information systems. I conclude the essay by elaborating how the institutional logics perspective can help understand organization-level efforts to leverage digitalization by incumbent corporations and new digital-native companies.

This paper aims to describe an effort to provide for a robust and secure software development paradigm intended to support DevSecOps in a naval aviation enterprise (NAE) software support activity (SSA), with said paradigm supporting strong traceability and provability concerning the SSA’s output product, known as an operational flight program (OFP). Through a secure development environment (SDE), each critical software development function performed on said OFP during its development has a corresponding record represented on a blockchain.

An SDE is implemented as a virtual machine or container incorporating software development tools that are modified to support blockchain transactions. Each critical software development function, e.g. editing, compiling, linking, generates a blockchain transaction message with associated information embedded in the output of a said function that, together, can be used to prove integrity and support traceability. An attestation process is used to provide proof that the toolchain containing SDE is not subject to unauthorized modification at the time said critical function is performed.

Blockchain methods are shown to be a viable approach for supporting exhaustive traceability and strong provability of development system integrity for mission-critical software produced by an NAE SSA for NAE embedded systems software.

A blockchain-based authentication approach that could be implemented at the OFP point-of-load would provide for fine-grain authentication of all OFP software components, with each component or module having its own proof-of-integrity (including the integrity of the used development tools) over its entire development history.

Many SSAs have established control procedures for development such as check-out/check-in. This does not prove the SSA output software is secure. For one thing, a build system does not necessarily enforce procedures in a way that is determinable from the output. Furthermore, the SSA toolchain itself could be attacked. The approach described in this paper enforces security policy and embeds information into the output of every development function that can be cross-referenced to blockchain transaction records for provability and traceability that only trusted tools, free from unauthorized modifications, are used in software development. A key original concept of this approach is that it treats assigned developer time as a transferable digital currency.