Trusted Code Initiative (update 2017) - Open Source in Government
- Last Updated: Friday, 12 May 2017 18:32
Open Source in Government
Defining Trusted Code
Software, along with hardware, make up technology systems. Software code is a set of digital instructions that pass long information to other parts of the system. It tells a computer what to do. As an individual component, software can be visualized as a gear or widget. These components, like digital gears, are impartial to the organizational structure of its user. Software doesn't know if it's licensed as proprietary or open source.
On a base level, code is simply code.
Open source software is software whose license agreement grants the user certain rights and privileges as defined by the Open Software Initiative, an independent, non-profit standards organization. Traditionally an OSI-approved open source license grants the user permission to obtain and study the human-readable source code; to make changes to the code as the user deems necessary; to distribute the code and any modifications without seeking permission of the copyright holder; and to do this without having to pay initial or recurring license fees.
It is important to note that open source software is not “freeware,” “shareware,” or software within the “public domain.”
Open source software is widely used in commercial and government environments and the licenses have withstood challenges in court. In addition, the use of open source software has been recognized and approved for use in civilian government and Defense systems through Federal Acquisition Regulation (FAR) and Defense/Federal Acquisition Regulation (D/FAR).
Open Source vs Proprietary
Not a Zero-Sum Game
The Trusted Code Initiative takes the position and there is value in all software licensing models, development techniques and business strategies including proprietary and open source. In addition, the Initiative does not view the choice between open source and proprietary solutions as a zero sum game, but seeks to apply the most effective, efficient technology solution to the challenge at hand. Adoption trends have demonstrated that most dynamic technology solutions consist of mixed-source combining the benefits of both development models to provide the strongest, most viable and resilient solution possible.
Roadblocks and Opportunities
In 2011, the U.S. Department of Homeland Security, Science and Technology Directorate commissioned a research paper to identify the existing challenges and opportunities for Federal Government adoption of open source software.
The report titled, Lessons Learned: Roadblocks and Opportunities for Open Source Software (OSS) in the U.S. Government, by Dr. David A. Wheeler of the Institute for Defense Analysis (IDA) and Tom Dunn of Georgia Tech Research Institute (GTRI), was conducted as part of the DHS Homeland Open Security Technology (HOST) program.
Information for the report was collected through one-on-one interviews with stakeholders representing government employees, contractors and commercial suppliers who were engaged in various levels of the Federal Government technology process.
Roadblocks in Government Adoption
The report acknowledged the current and increasing use of open source software throughout government systems. However, the report revealed many of the sources of hesitation focused on procedural and policy compliance issues including procurement, security accreditation and 508 compliance; as well as reliable access and availability of trusted technical resources and supplier support.
In addition to the issues identified in the DHS study, limited resources and resistance to change are often factors that contribute to opposition in adoption of any new technology or system change.
Benefits of Open Source Software
There are many measurable, as well as anecdotal, benefits that can be derived from the use of open source software.
Common examples of benefits noted in public and private-sector adoption efforts include:
- Cost - lower initial and lifecycle management cost provided through no license fee costs and broad access to commodity-based technical and human resources;
- Security - increased security through transparency in development and maintenance process granted to each user via the software license access which permits access, review, modification and redistribution the program and source code;
- Stability - increased reliability, stability, flexibility from granted access and ability to modify the code to fix flaws and customize to address specific user needs;
- Freedom - increased access to development and service and supplier base.