U.S. Department of Defense issues open-source use guidelines

By Alex Handy

October 28, 2009 — The United States Department of Defense is taking a more welcoming approach to the use of open-source software by issuing a memorandum that lays out the strengths and weaknesses of its use. It is the first such update to DoD policy regarding the use of open source since 2003.

The memorandum, dated Oct. 16 but made public yesterday, starts with a nod to the speed of development enabled by open-source software.

“To effectively achieve its missions, the Department of Defense must develop and update its software-based capabilities faster than ever, to anticipate new threats and respond to continuously changing requirements. The use of Open Source Software can provide advantages in this regard,” reads the preamble to the new guidelines, written by David M. Wennergren, deputy CIO of the DoD.

Prior DoD guidelines had hinted at the idea that open-source software could not be secure because its source code was publicly available. The new guidelines remove the ambiguity around this issue.

“The continuous and broad peer-review enabled by publicly available source code supports software reliability and security efforts through the identification and elimination of defects that might otherwise go unrecognized by a more limited core development team,” read the guidelines.

Additionally, the new guidelines attribute other widely recognized benefits to open-source software. “Reliance on a particular software developer or vendor due to proprietary restrictions may be reduced by the use of OSS, which can be operated and maintained by multiple vendors, thus reducing barriers to entry and exit,” the paper states.

The new guidelines also point out, for the clarification of DoD employees, that all open-source software does not include the GPL redistribution requirements.

While the new guidelines infer a greater acceptance of open-source software than was previously evident in the DoD, there are some caveats. The new guidelines declare that having a corporate entity behind software to offer support is critical.

“The use of any software without appropriate maintenance and support presents an information assurance risk," read the guidelines. "Before approving the use of software (including OSS), system/program managers, and ultimately Designated Approving Authorities, must ensure that the plan for software support (e.g., commercial or Government program office support) is adequate for mission need."

Related Search Term(s): open source

Share this link: http://sdt.bz/33865

Technorati

Digg

Slashdot

Facebook

Friendfeed

Twitter

del.icio.us

SD Times Blog: Microsoft Open Tech turns one Subsidiary advances Microsoft's cooperative stance toward open source

Git changes how developers manage source code versions At this year's Git Together, developers praise the platform's convenience and its ability to make source control easier. Changes for the future will focus on making it more Web 2.0-compatible by offering more on-demand repositories on GitHub.

Open source is done. Welcome to open development Without bosses or overly centralized structures, developers can be more productive