IDGA Conference - Defense Daily Network

advertisement
Daniel Risacher
ASD(NII)/DoD CIO,
Associate Director,
Enterprise Services &
Integration
Daniel.Risacher@osd.mil
1
Who am I?
Dan Risacher
• Policy wonk for Office of the DoD CIO
• Author of the DoD guidance for Open Source Software
(DoD CIO memo, 16 Oct 2009)
• PSA representative for CANES & NCES
• 1996-1998: Chief, Ground Support Software, (E-3 AWACS)
552nd Computer Systems Squadron, Tinker AFB, OK
2
Open Architecture and Acquisition Reform
• USD(AT&L), 14 Sep 2010 memo:
(page 10)
Thoughts on Open Architecture
• Open Architecture is great, but…
– Need to simplify rules around IP
– we need rules where the PM, COTR, etc. isn't one
mistake away from lock-in
• Lesson learned from OSS
– simplified structure of IP management
– even a developer can understand
– need to expect industry to manage gov’t rights
effectively
• Balance competition and cooperation
Open Gov’t Directive



21 Jan 2009, President Obama signed “Memorandum on
Transparency and Open Government”
8 Dec 2009, OMB issued “Open Gov't Directive”
Three principles:

Transparency

Participation

Collaboration
Open Source Software
Defined: computer software that is available
in source code form for which the source code
and certain other rights normally reserved for
copyright holders are provided under a
software license that permits users to study,
change, and improve the software. [wikipedia]
Formally defined by the Open Source Initiative
Closely related; “Free software”
Open Source Def’n
1. Free Redistribution
2. Source Code
3. Derived Works
4. Integrity of The Author's Source Code
5. No Discrimination Against Persons or Groups
6. No Discrimination Against Fields of Endeavor
7. Distribution of License
8. License Must Not Be Specific to a Product
9. License Must Not Restrict Other Software
10. License Must Be Technology-Neutral
OSS Examples
GNU/Linux, Apache, Firefox,
OpenOffice.org, MySQL, PostgreSQL,
FreeBSD, Darwin (OS X kernel), GCC,
Emacs, Eclipse, Java, Mediawiki, PHP,
Perl, Python, Ruby, Android,
OpenSSH, OpenSSL, OpenSSO, NASA
Worldwind, + thousands more
So What?
OSS development model precisely matches
the principles of Open Gov't Directive:
Transparency
Participation
Collaboration
Use OSS methods for system development
OSS Dev Model
Development
Developer Community
Trusted
Developer
Improvements (as source code)
and evaluation results: User as
Developer
Trusted
Repository
Bug Reports
Distributor
“Stone soup development”
User
OSS users typically use software without paying licensing fees
OSS users typically pay for training & support (competed)
OSS users are responsible for developing new improvements &
any evaluations that they need; often cooperate/pay others to do so
Active development community like a consortium
Legal Mandate for OSS
OSS software is COTS
Federal law (41 USC 403) clearly defines a commercial item is “(1) Any item, other
than real property, that is of a type customarily used by the general public or by nongovernmental entities for purposes [not government-unique], and (i) Has been sold,
leased, or licensed to the general public; or (ii) Has been offered for sale, lease, or
license to the general public... (3) [Above with] (i) Modifications of a type customarily
available in the commercial marketplace; or (ii) Minor modifications… made to meet
Federal Government requirements..
In most cases, OSS products also meet the definition of a specific subset of
“commercial items”, those defined as “commercial-off-the-shelf items” commonly
referred to as “COTS”. Federal law (41 USC 431) defines COTS as being “(A) a
commercial item (as described in [41 USC 403])... (B) sold in substantial quantities in
the commercial marketplace... and (C) is offered... without modification...
Consideration of suitable COTS required:
FAR 2.101, DFARS 212.212
Why else?
Better peer review
Source code = Agility
Less vendor lock-in
Rapid prototyping
Lower license costs
Lower maintenance costs
But pick the best value, regardless!
Gratuitous Advice
To gov’t: Take delivery of your source code. Often.
To industry: Deliver your code
Annotated
Version-controlled
To both: use OSI-approved licenses whenever appropriate
Example:
Copyright 2010, BigPrime Inc., LittleSub Ltd., FFRDC Corp.
The U.S. Government has Unlimited Rights in this computer software pursuant to
the clause DFARS 252.227-7014 of contracts no. 1234567890 & 123456791.
Any reproduction of this computer software, or portions thereof, marked with this
legend must also reproduce these markings.
When/How to contribute OSS?
For DoD, 3 part test:
PM decides gov't interest
Necessary data rights
Not export controlled
“Necessary data rights” is complicated
Thank you for your time and attention
Questions?
15
OSS Users in Government
Military
Intelligence Community
Federally Funded (USIP, White House, Other)
Departments (DOE, DHS, DOD, Treasury)
Agencies (NASA, EPA, USDA)
OSS Contributors in Government
Military
Intelligence Community
Federally Funded (USIP, White House, Other)
Departments (DOE, DHS, DOD)
Agencies (NOAA, EPA, NASA)
Common & Pervasive
Operating Systems: Linux/GNU, BSD, Darwin, OpenSolaris
Security: Snort, OpenSSL, OpenSSH, Kerberos, PGP
Web/Application Layer: Apache, Jboss, Plone, Zope, nginx,
Tomcat
GCC
Firefox
Postgresql, MySQL, SQLite, ZODB
OpenLDAP, Sendmail, Bind, Samba, Xfree86
Programming Languages: Java/JVM, Ruby, Python, PHP,
Perl, Tcl/Tk
Contributions By Military
Army:
BRL-CAD
GRASS (Geo Resources Analysis Support)
(Army Corps of Engineers)
USAF:
FalconView
Marines
OSIMM, OMAR
Navy
Delta3D
Contributions By Federally Funded
White House:
Drupal (use)
Drupal modules (contributed)
U.S. Institute of Peace:
Open Simulation Platform
NIST:
Expect
STEP Class Library
Institute of Museum and Library Services:
Evergreen
Contributions By Federally Funded
The Smithsonian Astrophysical Laboratory
Inline::SLang
U.S. Postal Service:
PTS (Product Tracking System)
Contributions By Intelligence
CIA:
Apache Lucene (search)
NSA:
SELinux, OpenBSD
Contributions By Departments
Department of Energy:
COUGAAR
Department of Labor:
EZRO (EZ Reusable Objects)
Veterans Affairs:
OpenVista
Contributions By Agencies
NOAA:
QGIS (QT Geographic Information System)
EPA:
OpenNode
DISA:
Forge.mil
OSCMIS (Open Source Corporate Management System)
USDA:
WikiWatershed: http://www.cnpp.usda.gov/Innovations/innovations-release-12-09-09.pdf
Contributions By Agencies
NASA:
World Wind
Growler
Surfer
Mesh
ECHO
NodeMon
Pour
Swim
Many, many more:
http://ti.arc.nasa.gov/opensource/projects
Download