Daniel Risacher ASD(NII)/DoD CIO, Associate Director, Enterprise Services & Integration Daniel.Risacher@osd.mil 1 Who am I? Dan Risacher • Policy wonk for Office of the DoD CIO • Author of the DoD guidance for Open Source Software (DoD CIO memo, 16 Oct 2009) • PSA representative for CANES & NCES • 1996-1998: Chief, Ground Support Software, (E-3 AWACS) 552nd Computer Systems Squadron, Tinker AFB, OK 2 Open Architecture and Acquisition Reform • USD(AT&L), 14 Sep 2010 memo: (page 10) Thoughts on Open Architecture • Open Architecture is great, but… – Need to simplify rules around IP – we need rules where the PM, COTR, etc. isn't one mistake away from lock-in • Lesson learned from OSS – simplified structure of IP management – even a developer can understand – need to expect industry to manage gov’t rights effectively • Balance competition and cooperation Open Gov’t Directive 21 Jan 2009, President Obama signed “Memorandum on Transparency and Open Government” 8 Dec 2009, OMB issued “Open Gov't Directive” Three principles: Transparency Participation Collaboration Open Source Software Defined: computer software that is available in source code form for which the source code and certain other rights normally reserved for copyright holders are provided under a software license that permits users to study, change, and improve the software. [wikipedia] Formally defined by the Open Source Initiative Closely related; “Free software” Open Source Def’n 1. Free Redistribution 2. Source Code 3. Derived Works 4. Integrity of The Author's Source Code 5. No Discrimination Against Persons or Groups 6. No Discrimination Against Fields of Endeavor 7. Distribution of License 8. License Must Not Be Specific to a Product 9. License Must Not Restrict Other Software 10. License Must Be Technology-Neutral OSS Examples GNU/Linux, Apache, Firefox, OpenOffice.org, MySQL, PostgreSQL, FreeBSD, Darwin (OS X kernel), GCC, Emacs, Eclipse, Java, Mediawiki, PHP, Perl, Python, Ruby, Android, OpenSSH, OpenSSL, OpenSSO, NASA Worldwind, + thousands more So What? OSS development model precisely matches the principles of Open Gov't Directive: Transparency Participation Collaboration Use OSS methods for system development OSS Dev Model Development Developer Community Trusted Developer Improvements (as source code) and evaluation results: User as Developer Trusted Repository Bug Reports Distributor “Stone soup development” User OSS users typically use software without paying licensing fees OSS users typically pay for training & support (competed) OSS users are responsible for developing new improvements & any evaluations that they need; often cooperate/pay others to do so Active development community like a consortium Legal Mandate for OSS OSS software is COTS Federal law (41 USC 403) clearly defines a commercial item is “(1) Any item, other than real property, that is of a type customarily used by the general public or by nongovernmental entities for purposes [not government-unique], and (i) Has been sold, leased, or licensed to the general public; or (ii) Has been offered for sale, lease, or license to the general public... (3) [Above with] (i) Modifications of a type customarily available in the commercial marketplace; or (ii) Minor modifications… made to meet Federal Government requirements.. In most cases, OSS products also meet the definition of a specific subset of “commercial items”, those defined as “commercial-off-the-shelf items” commonly referred to as “COTS”. Federal law (41 USC 431) defines COTS as being “(A) a commercial item (as described in [41 USC 403])... (B) sold in substantial quantities in the commercial marketplace... and (C) is offered... without modification... Consideration of suitable COTS required: FAR 2.101, DFARS 212.212 Why else? Better peer review Source code = Agility Less vendor lock-in Rapid prototyping Lower license costs Lower maintenance costs But pick the best value, regardless! Gratuitous Advice To gov’t: Take delivery of your source code. Often. To industry: Deliver your code Annotated Version-controlled To both: use OSI-approved licenses whenever appropriate Example: Copyright 2010, BigPrime Inc., LittleSub Ltd., FFRDC Corp. The U.S. Government has Unlimited Rights in this computer software pursuant to the clause DFARS 252.227-7014 of contracts no. 1234567890 & 123456791. Any reproduction of this computer software, or portions thereof, marked with this legend must also reproduce these markings. When/How to contribute OSS? For DoD, 3 part test: PM decides gov't interest Necessary data rights Not export controlled “Necessary data rights” is complicated Thank you for your time and attention Questions? 15 OSS Users in Government Military Intelligence Community Federally Funded (USIP, White House, Other) Departments (DOE, DHS, DOD, Treasury) Agencies (NASA, EPA, USDA) OSS Contributors in Government Military Intelligence Community Federally Funded (USIP, White House, Other) Departments (DOE, DHS, DOD) Agencies (NOAA, EPA, NASA) Common & Pervasive Operating Systems: Linux/GNU, BSD, Darwin, OpenSolaris Security: Snort, OpenSSL, OpenSSH, Kerberos, PGP Web/Application Layer: Apache, Jboss, Plone, Zope, nginx, Tomcat GCC Firefox Postgresql, MySQL, SQLite, ZODB OpenLDAP, Sendmail, Bind, Samba, Xfree86 Programming Languages: Java/JVM, Ruby, Python, PHP, Perl, Tcl/Tk Contributions By Military Army: BRL-CAD GRASS (Geo Resources Analysis Support) (Army Corps of Engineers) USAF: FalconView Marines OSIMM, OMAR Navy Delta3D Contributions By Federally Funded White House: Drupal (use) Drupal modules (contributed) U.S. Institute of Peace: Open Simulation Platform NIST: Expect STEP Class Library Institute of Museum and Library Services: Evergreen Contributions By Federally Funded The Smithsonian Astrophysical Laboratory Inline::SLang U.S. Postal Service: PTS (Product Tracking System) Contributions By Intelligence CIA: Apache Lucene (search) NSA: SELinux, OpenBSD Contributions By Departments Department of Energy: COUGAAR Department of Labor: EZRO (EZ Reusable Objects) Veterans Affairs: OpenVista Contributions By Agencies NOAA: QGIS (QT Geographic Information System) EPA: OpenNode DISA: Forge.mil OSCMIS (Open Source Corporate Management System) USDA: WikiWatershed: http://www.cnpp.usda.gov/Innovations/innovations-release-12-09-09.pdf Contributions By Agencies NASA: World Wind Growler Surfer Mesh ECHO NodeMon Pour Swim Many, many more: http://ti.arc.nasa.gov/opensource/projects