John Keane is recently retired from the Civil Service. He is more widely known in the software assurance community as the “Software Angel of Death.” He has more than 40 years of experience both as an active-duty officer (retired LTC and Viet Nam veteran) and civil servant. He has been an advocate for and implementer of best practices associated with the full spectrum of software development that includes code quality/technical weaknesses, architectural correctness, devsecops as well as security weaknesses and vulnerabilities.
Some of his earlier accomplishments include development of the Department of Defense (DOD) Technical Reference Model, for which he was recognized as a Federal Computer Week Top 100; the DOD Human Computer Interface Style Guide and the DOD Standard-Based Architecture Planning Guide which contains the language and concepts that formed the basis for the Clinger Cohen Act.
As a contractor/consultant in private industry, he led engagements and taught classes in Portfolio Management, Project Management, Risk Management as well as Business Case (Exhibit 300) preparation to include financial management. He specialized in developing analytical tools which he provided to his customers that supported the sustainment of the training and engagements.
He returned to the Federal Government and became a certified acquisition professional in the field of Test and Evaluation Engineering with special focus on the Software Code Quality Checking (SCQC) practice. This practice is the Defense Health Agency’s way of implementing Software Assurance. His methodology was used as the basis for the first of three federal laws requiring DOD to implement software assurance. He was personally invited by the Senate staff to provide input to the second law on software assurance. The input contained the detailed economic analysis to prove the business value of doing software assurance early on during the SDLC.
Mr. Keane worked closely with NSA, NIST, DHS and many others to advocate for and advance the practice of software assurance within the Federal Government. He worked with many tool vendors to provide lessons learned to advance the state of the art of the tools.
He completed his service in the Army in 1988 as the Chief of the Interoperability and Standards Office where he served on multiple Joint and NATO working groups. He authored or co-authored the entire package of documents that detailed the entire set of operational requirements for C3I interoperability of NATO land forces. This included the Military Operational Requirements for Human Computer Interface and the Use of Low Probability of Detection/Low Probability of Intercept technology in support of Command Post Survivability.