The U.S. military is no laggard when it comes to open-source software adoption, but apparently thinks it can do better. The U.S. Department of Defense on Tuesday issued new guidelines designed to remove roadblocks to open-source adoption, arguing that open source can help the Defense Department "anticipate new threats and respond to continuously changing requirements."
And to think open-source software like Linux used to be considered a threat to secure Defense Department systems.
While Department of Defense CIO David Wennergren's revised guidance (PDF) is not intended to create new policy, it does provide clarity that suggests open source is very welcome at the Defense Department.
Apparently, the Defense Department's guidance on open source, issued in 2003, wasn't resulting in as much uptake as the CIO desired.
Hence, the new guidance specifies that open-source software meets internal purchasing requirements for "commercial computer software," and as such gets statutory preference in purchasing decisions, just like software from Oracle, Microsoft, or others.
But the guidance goes beyond neutrality to suggest reasons that open-source software might be better than such alternatives, including:
- The continuous and broad peer-review enabled by publicly available source code supports software reliability and security efforts through the identification and elimination of defects that might otherwise go unrecognized by a more limited core development team.
- The unrestricted ability to modify software source code enables the Department to respond more rapidly to changing situations, missions, and future threats.
- Reliance on a particular software developer or vendor due to proprietary restrictions may be reduced by the use of OSS, which can be operated and maintained by multiple vendors, thus reducing barriers to entry and exit....
- Since OSS typically does not have a per-seat licensing cost, it can provide a cost advantage in situations where many copies of the software may be required, and can mitigate risk of cost growth due to licensing in situations where the total number of users may not be known in advance...
- OSS is particularly suitable for rapid prototyping and experimentation, where the ability to "test drive" the software with minimal costs and administrative delays can be important.
Ultimately, the Defense Department CIO leaves it to individuals to determine which software best meets Defense Department requirements in a given scenario, but the memo hardly reads like neutral guidance. This is consistent with a wise policy of preferences, not mandates, for open source.
It's also an indication of much more Defense Department open-source adoption to come.
(As an aside, special thanks to John Scott for alerting me to this news, and for his work with the Defense Department to help this happen.)
The dam holding back U.S. federal adoption of open source just burst with the introduction of the Defense Department's Forge.mil.
Forge.mil is an open-source project repository built in the image of SourceForge.net, Federal Computer Week reported Friday.
Despite being based on SourceForge's technology, Forge.mil has one significant difference: security. As David Mihelcic, chief technology officer for the Defense Information Systems Agency, told Federal Computer Week, the Department of Defense's code repository has been "upgraded to meet DOD security requirements," with smart cards used to provide log-in credentials.
There are only three open-source projects hosted at Forge.mil so far, and it's initially restricted to the Defense Department's technology community, but I suspect this number will soon increase as various federal agencies discover it and ask to collaborate on code through it. It's also a new way for vendors to participate in Defense Department projects, as Mihelcic noted about one project, which is designed to automate server configuration:
"Our intern had to stand up 50 Linux machines in a lab and he said, 'Boy I don't want to do this by hand; why can't I use Bastille to do this for me?'" Mihelcic said. "He looked at Bastille and saw it couldn't do all the things he needed, so he started an open-source project. He got folks like Red Hat to jump in and participate."
All of the code is open for public view, though only those with the right Defense Department credentials can edit or contribute to the projects. As the public sees the code, however, it's almost certain to lead to individuals wanting to contribute to the code.
The Defense Department, which has been pushing hard to get involved in open source for some time as a consumer, is now involved as a developer. In just a few years, open source has gone from being "risky" to one of the best ways to mitigate risk.
Editor's note: The code is actually based on CollabNet's SourceForge Enterprise code, not the SourceForge.net code base. CollabNet enables Forge.mil.
Follow me on Twitter at mjasay.
While some in private-sector industry drag their feet on open source, it's instructive that arguably the most mission-critical systems in the world are being migrated to open source, namely, the US military's systems.
It's not just a question of cost that drives the US military to buy open source. Indeed, the biggest benefits come down to innovation and flexibility:
...[T]he increasing scope and complexity of military software requirements encourages the use of open source. "If the project is of a sufficient scale, you cannot get there without an open source approach," said Dewey Houck, a senior engineer at Boeing, the lead systems integrator for the Army's FCS.
That is a massively important statement. We may be rapidly approaching the point when it will make little sense to buy proprietary software at all, given the tremendous benefits of open source.
Other benefits? The military cites several:
... Read moreThe goal of the US Army is to move from Windows to Linux. In the meantime, the Army has to find ways to make the two work together. It's turning to Red Hat to do so and to a group of internal IT professionals to create a "Battle Command" that will explore how to move the Army from 20th-century Windows to 21st-century Linux.
In the case of the US Army, integration is a matter of life and death. The Army is "talking about taking the battle command applications [they] are building and combining them with the battle command capabilities that are in the Air Force, Navy and Marines, making sure they work together and draw from the same data." The US Army didn't turn to Microsoft for patent-approved Linux but rather to Red Hat:
At the moment, Linux-based operating systems can communicate only to a limited degree with Microsoft-based systems, according to an Army official familiar with the summits.
... Read more
It wasn't very long ago that open-source developers struggled to make the market believe that open source was secure, ready for prime-time adoption, etc. Now the debate has shifted to demonstrating just how widespread adoption is and and pointing to case studies of how to get the most from open source.
Enter the U.S. Department of Defense's Open IT Conference (December 11-12 in Washington, D.C.). The conference is a bit different from others, in that so much of the United States' security rides on open-source adoption, as Brigadier General Nickolas G. Justice notes:
Open-source software is part of the integrated network fabric which connects and enables our command and control system to work effectively, as people's lives depend on it. When we rolled into Baghdad, we did it using open source.
Some may not like this use of open source, but it's still an amazing demonstration of how mainstream open source has become.
The conference promises to be an eye-opener on many levels:
... Read more
There are some open-source allusions that I'd rather not see. I've quoted from John Robb (the military analyst, not the now-wealthy Zimbra-ite :-), and today I wish I didn't have to. But open source is creeping into the military lexicon, and here's why:
"What we are seeing is the empowerment of the individual to conduct war," ...While the concept of asymmetric warfare dates back at least 2000 years, to the Chinese military strategist Sun-tzu, the conflict in Iraq has redefined the nature of such struggles....As events are making painfully clear, Robb says, warfare is being transformed from a closed, state-sponsored affair to one where the means and the know-how to do battle are readily found on the Internet and at your local RadioShack. This open global access to increasingly powerful technological tools, he says, is in effect allowing "small groups to?declare war on nations."
... Read more
I've long been a reader of The Atlantic, and found this article highly interesting. The article talks about how the US military can defeat an open-source insurgency, and actually has direct implications for proprietary software vendors who are trying to stave off threats from open-source software vendors.
John Robb (not the Zimbra John Robb, alas :-) writes:
After four painful years, the US military has stumbled upon...the only model for fighting a mature open source insurgency: a decentralized model of security that forgoes centralized defense/police forces in favor of a plethora of independent militias. The success of this model in reducing violence (at least in the short term) in Anbar province, has led to its replication in other provinces.... Read more
- prev
- 1
- next
