Printer Friendly
The Free Library
14,634,478 articles and books
Member login
User name  
Password 
 
Join us Forgot password?

The fortress and the bazaar: open-source and DOD software.


This article discusses the application of the open-source software project model for the Department of Defense, a software systems development that uses the tenets first laid out in an original paper entitled "Cathedral and the Bazaar," written by Eric S. Raymond (person) Eric S. Raymond - One of the authors of the Hacker's Jargon File. Eric was involved in the JOLT project and GNU Emacs as well as maintaining several FAQ lists. He is a keen advocate of open source.

http://ccil.org/~esr.

E-mail: <esr@snark.thyrsus.com>  in 1998 explores the implications as applied to defense weapons systems software, in addition to examining the attributes, problems, and benefits of open-source software.

**********

This work is based on a paper written by Eric S. Raymond entitled "Cathedral and the Bazaar," which is widely considered the principal manifesto of the open-source software movement. We provide a brief overview of the Raymond paper, then attempt to explain the ideas of that document in the terms and methods of the defense-industrial establishment in America. The goal of promoting open-source in defense projects and procurement should be emphasis on lower costs, new functionality, and improved software reliability software reliability - See also formal methods, safety-critical system.

ftp://ftp.sei.cmu.edu/pub/depend-sw. Mailing list: depend-sw@sei.cmu.edu.  for the products used by our military.

SUMMARY OF RAYMOND'S "CATHEDRAL AND THE BAZAAR" PAPER

In his paper, Raymond discusses the historical model for software development and compares it to building cathedrals, a slow and laborious la·bo·ri·ous  
adj.
1. Marked by or requiring long, hard work: spent many laborious hours on the project.

2. Hard-working; industrious.  effort with exacting methods carefully applied. Each brick and beam was carefully planned and the structure was erected with painstaking pains·tak·ing  
adj.
Marked by or requiring great pains; very careful and diligent. See Synonyms at meticulous.

n.
Extremely careful and diligent work or effort.  craftsmanship Craftsmanship
Alcimedon

a first-rate carver in wood. [Rom. Lit.: Vergil Eclogues, iii. 37.]

Argus

skillful builder of Jason’s Argo. [Gk. Myth.: Walsh Classical, 29]

Athena

(Rom.  to meet the planned design and symmetry. The bazaar, by contrast, was often created ad-hoc and in an evolutionary fashion. The bazaar started with a few street vendors and was later built up by additional vendors and merchants, each staking out a piece of the market place as their own and maintaining and adding to their stall until a full-blown Agora agora (ăg`ərə) [Gr.,=market], in ancient Greece, the public square or marketplace of a city. In early Greek history the agora was primarily used as a place for public assembly; later it functioned mainly as a center of commerce.  was in place. Clearly each approach served its purpose well, but the cathedral method is rigid and static. It needs the contribution of each part exactly as designed in order to stand, and has difficulty adapting to any other shape or location. The open-source movement is all about flexibility and evolutionary development.

Raymond went on to review nineteen axioms This is a list of axioms as that term is understood in mathematics, by Wikipedia page. In epistemology, the word axiom is understood differently; see axiom and self-evidence. Individual axioms are almost always part of a larger axiomatic system.  of open-source development by discussing his experience developing "Fetchmail," a Linux application used to forward e-mail. These axioms are the basic tenets of the open-source community, and Raymond discussed them with detailed analysis and examples in the original paper. In brief form, these tenets are:

1. Every good work of software starts by scratching a developer's personal itch.

2. Good programmers know what to write. Great ones know what to rewrite (and reuse).

3. "Plan to throw one away; you will anyhow an·y·how  
adv.
1. In whatever way or manner; however: I'll cook it anyhow you like. They came anyhow they couldby boat, train, or plane. " (Brooks, 1975).

4. If you have the right attitude, interesting problems will find you.

5. When you lose interest in a program, your last duty to it is to hand it off to a competent successor.

6. Treating your users as co-developers is your least-hassle route to rapid code improvement and effective debugging (programming) debugging - The process of attempting to determine the cause of the symptoms of malfunctions in a program or other system. These symptoms may be detected during testing or use by real users. .

7. Release early. Release often. And listen to your customers.

8. Given a large enough beta-tester and co-developer base, almost every problem will be characterized quickly and the fix obvious to someone.

9. Smart data structures and dumb code works a lot better than the other way around.

10. If you treat your beta-testers as if they are your most valuable resource, they will respond by becoming your most valuable resource.

11. The next best thing to having good ideas is recognizing good ideas from your users. Sometimes the latter is better.

12. Often, the most striking and innovative solutions come from realizing that your concept of the problem was wrong.

13. Perfection (in design) is achieved not when there is nothing more to add, but rather when there is nothing more to take away.

14. Any tool should be useful in the expected way, but a truly great tool lends itself to uses you never expected.

15. When writing gateway software of any kind, take pains Verb 1. take pains - try very hard to do something
be at pains

endeavor, endeavour, strive - attempt by employing effort; "we endeavor to make our customers happy"  to disturb the data stream as little as possible--and never throw away information unless the recipient forces you to.

16. When your language is nowhere near Turing-complete, syntactic sugar Certain coding rules in a programming language that make it easier for a person to write a program. For example, in Perl, the double dot operator is used to create multiple values. Writing ('A' .. 'Z') declares a range of values from "A" to "Z.  can be your friend.

17. A security system is only as secure as its secret. Beware of pseudo-secrets.

18. To solve an interesting problem, start by finding a problem that is interesting to you.

19. Provided the development coordinator has a medium at least as good as the Internet and knows how to lead without coercion coercion, in law, the unlawful act of compelling a person to do, or to abstain from doing, something by depriving him of the exercise of his free will, particularly by use or threat of physical or moral force. , many heads are inevitably better than one.

Raymond discusses these issues in detail, but it is his last item (#19) that is the essence of an open-source approach. It describes the advantages of multiple groups working on code to provide more innovation and faster debugging cycles, discussed primarily in terms of the Linux operating system operating system (OS)

Software that controls the operation of a computer, directs the input and output of data, keeps track of files, and controls the processing of computer programs. . Linux is one of the best known and most successful examples of open-source software, but a review of Sourceforge. net showed that there are now over 20,000 open-source software projects involving over 70,000 developers worldwide targeting many different operating systems Operating systems can be categorized by technology, ownership, licensing, working state, usage, and by many other characteristics. In practice, many of these groupings may overlap. . After discussing some problems with open-source for defense use, this article will develop new axioms, discuss advantages for Department of Defense (DOD (1) (Dial On Demand) A feature that allows a device to automatically dial a telephone number. For example, an ISDN router with dial on demand will automatically dial up the ISP when it senses IP traffic destined for the Internet. ) use, and develop some practical methods for the DoD to promote open-source solutions.

WHAT IS "OPEN-SOURCE?"

The principal trait of an Open-Source (es) project is simply stated in the name, but it involves more than just open-source code. "Open-source" projects are collaborative, rapidly updated and rapidly released, and pushed by highly motivated volunteers working with a diversity of interests, skills, and hardware sets. Some people work on open-source projects and are paid for it. Some projects move more slowly. Some only target one OS platform, and some many. This article will focus on how a generic open-source approach could be applied to DoD projects.

DEFENSE PROJECT SOFTWARE DEVELOPMENT: AN HISTORICAL OVERVIEW

Since the earliest use of computers, all the rigidity rigidity /ri·gid·i·ty/ (ri-jid´i-te) inflexibility or stiffness.

clasp-knife rigidity  of process and formalized for·mal·ize  
tr.v. for·mal·ized, for·mal·iz·ing, for·mal·iz·es
1. To give a definite form or shape to.

2.
a. To make formal.

b.  methods that the military systems engineers could muster have been applied to software projects, making them extremely rigid and well documented (e.g., DoD Standard-1467 and MIL-STD-2168). Several arguments for this are listed below, but we discuss how they do not stand up well.

THE CURRENT DOD SOFTWARE METHODS ILLUSTRATE AND EMBODY THE CATHEDRAL BUILDING METHODS

The DoD processes evolved due to several factors, some of which can win instant sympathy from the reader as being not only reasonably justified, but critically important. Some examples are:

* The system-fired missiles and munitions mu·ni·tion  
n.
War materiel, especially weapons and ammunition. Often used in the plural.

tr.v. mu·ni·tioned, mu·ni·tion·ing, mu·ni·tions
To supply with munitions.  needed every safeguard possible to prevent accidental firing or targeting.

* The lives of the soldiers depended on the project. They deserved all the care and testing that could be applied in order to produce the best possible product.

* The taxpayers' dollars were at work; reducing the possibility of mistakes or bugs was paramount.

* National security depended on the software program being perfect. To protect the country, we could spare no possible pain to make it so.

Typical military software projects in the 1970s and 1980s required formally documented and carefully detailed designs, involving "waterfall waterfall, a sudden unsupported drop in a stream. It is formed when the stream course is interrupted as when a stream passes over a layer of harder rock—often igneous—to an area of softer and therefore more easily eroded rock; the edge of a cliff or " builds with incremental Additional or increased growth, bulk, quantity, number, or value; enlarged.

Incremental cost is additional or increased cost of an item or service apart from its actual cost.  steps for adding functions and exhaustive testing (programming) exhaustive testing - Executing a program with all possible combinations of inputs or values for program variables.  at each step. The code had to be well documented, with interface design documents, requirements definition documents, system design documents, database design documents, program development folders, and test plans and reports. Usually the code was documented to transition it to a government organization. Once the "cathedral" was completely built, the government team was to "move in" and take on ownership and maintenance.

Systems that actually fired munitions were even more carefully tested. The live-fire testing and certification processes for missile and munitions-type projects are still very extensive. These testing and certification processes often evolved in a reactionary way to resolve problems associated with the previous fielding of poorly designed systems and were intended to provide a valuable check on the work of vendors developing weapons systems that are dangerous by design. In fact, the nature of military software is critically enabling in terms of achieving functional performance. This made the DoD software project much more than a cathedral in style. It became a "fortress," and its details had to be constructed and managed as any good military fortress was: in secrecy.

THE CLOAK OF NATIONAL SECURITY SCREENS DOD SOFTWARE CODE FROM CO-DEVELOPERS SO WELL THAT RESOLVING PROBLEMS IS DIFFICULT AND TIME CONSUMING

Since the original developing group is the only group to get effective exposure to the source code, there are actually no co-developers. Thus a very biased group of developers (i.e., the proud "parents" of the "baby") can only see the problem from their singular perspective. This keeps the code from getting wider peer review, more thorough testing, unbiased discussion, or more diverse usage. In order to prevent the dissemination dissemination Medtalk The spread of a pernicious process–eg, CA, acute infection Oncology Metastasis, see there  of software source code to threatening nations, some form of continued security around the software investment made within the weapons systems is essential. To say that no other vendor or R&D group is patriotic enough to protect the software, however, is ludicrous.

CONTRACTORS AND LABORATORIES ARE MOTIVATED TO WITHHOLD THE SOFTWARE SOURCE CODE AT ALL COSTS TO PROTECT THEIR PROPRIETARY OR BUSINESS INTERESTS

This motivation is due in large part to the desire of the DoD companies to justify sole-source contracts or establish a favored business position. The possession and working knowledge of the applications software is one of the best ways to maintain a privileged "insider" position on a program, normally securing years of business revenue when successful. The developer is normally funded to fix software bugs A problem that causes a program to produce invalid output or to crash (lock up). The problem is either insufficient logic or erroneous logic. For example, a program can crash if there are not enough validity checks performed on the input or on the calculations themselves, and the computer , revise the user interfaces, provide training and logistics support, and continue integrating hardware and resolving hardware obsolescence ob·so·les·cent  
adj.
1. Being in the process of passing out of use or usefulness; becoming obsolete.

2. Biology Gradually disappearing; imperfectly or only slightly developed.  problems. This can amount to considerable business revenue that continues long after the system is delivered. One classic approach to maintaining the best business position for all this work is to minimize disclosure of the software source code.

Normally, software documentation, carefully crafted in true cathedral or fortress style, is eventually delivered in order for the Government to exercise their rights to full ownership. This typically involves sending the boxes of paper and computer disks to a Government engineering laboratory. These laboratories, often lacking the equipment or expertise to really use the source code, are often unable to do more than lock up the code in a secure vault, ultimately to be discarded many years later. Sometimes the Government itself acts to protect the developer's monopoly by limiting distribution of the code. The rationale is that the code has been paid for and now works, so that paying any other vendor to work on it is a waste of scarce resources and unnecessary. This logic fails in several aspects, failing to recognize key issues:

1. Secondary benefits arise from the distribution of knowledge to other projects, disciplines, or programs as code is re-written and re-used in ways never expected. Other program managers (PMs) can decide how best to utilize the code as their own program needs and budget dictates.

2. Maintenance benefits occur with open-source as other organizations or developers review and utilize the code and discover and remove bugs. The larger number of developers will have different and new perspectives and suggestions for improvement. The original owners of the code can then take advantage.

3. The laziness (or greed) of other activities or vendors gives incentives to leverage existing work as much as possible if given the access. Open-source code re-use can work to significantly lower new project costs and improve schedule performance.

4. Some companies will invest their own funds to upgrade existing code under Internal Research and Development (IRAD Irad (ī`răd), in the Bible, Enoch's son. ).

5. Sometimes Government PMs may invest funding to build on the existing work in a new way with other vendors.

6. The policy does not recognize the public ownership already established by using the taxpayers' funding, and that the application is already owned collectively by the public and other companies, not by a department or a single vendor.

7. The value to other projects can only be judged by their developing teams.

COMMON SOFTWARE WAS HISTORICALLY NOT "OPEN-SOURCE"

Commonality com·mon·al·i·ty  
n. pl. com·mon·al·i·ties
1.
a. The possession, along with another or others, of a certain attribute or set of attributes: a political movement's commonality of purpose.  was often championed as a cost savings, but actually promoted a business position. Commonality was resisted by others to defend their business positions.

Historically, commonality tended to be championed by the vendors that owned and benefited from selling the common product or solution. The goal was simple: take over the business content of the other "non-common" vendors. In reality, there are differences in mission, environment, and interfaces that exist from ship-to-ship or use-to-use. Adapting existing software to a new platform or environment takes familiarity with both the new environment and the software.

Typically, an incumbent organization is more familiar with the mission and platform, while the "common" software team knows the new software code. Both of the organizations have good claims to being able to efficiently adapt the code to the new mission. The interfaces and mission needs involve more complex integration issues, whereas the new code is probably well documented and evolutionary. The benefits of a having several groups using the software code and working out its bugs are fairly certain, but the ability of a single organization to support multiple customers with different missions is questionable.

SINGLE-MAINTENANCE ENTITLES WERE JUSTIFIED TO CONTAIN COSTS, BUT THE CODE SUFFERED FROM A REDUCED KNOWLEDGE BASE

Raymond says several times that multiple sets of eyes can find software bugs faster. The original development team is unlikely to even recognize some problems. They are emotionally biased towards the design they created. The Fast Fourier Transform See FFT.

(algorithm) Fast Fourier Transform - (FFT) An algorithm for computing the Fourier transform of a set of discrete data values. Given a finite set of data points, for example a periodic sampling taken from a real-world signal, the FFT expresses the data in terms of , as an example, can be coded hundreds of ways, but all are essentially the same algorithm. Some of these methods are significantly faster than others and some depend more on the use of a specific machine. Many groups use the original algorithm, while others were intrigued and developed new implementations. This would not have happened if a group had declared a single method as "best" and "common" (or worse yet, kept it a secret!).

The DoD offices are often challenged to fund a single software maintenance team. Long-term software maintenance can be enormously expensive. The DoD Users provide long lists of complaints and suggestions, but no licensing fees or support service payments. Would the software maintenance costs be higher if the code was supported by multiple groups? With only one support agent each, correction comes slower and with greater expense. Problems that take one group months to find may be quickly found by other organizations. Collaborative debugging versus isolationist i·so·la·tion·ism  
n.
A national policy of abstaining from political or economic relations with other countries.


i  debugging is what the open-source community claims will make projects more successful. Only experimentation can decide if the collaborative support is less expensive, but if it is, the net savings could be directed into new functionality and improvements.

FUNDED SOFTWARE MAINTENANCE TEAMS ARE BIASED, YET HISTORICALLY ALSO MANAGE AND RECOMMEND THE UPGRADE EFFORTS

Financial neutrality is important to keep upgrade and maintenance decisions unbiased. An active community of co-developers can help keep decisions unbiased. The potential benefits of proposed changes accrue to all of the developers. This axiom does not preclude the use of available expertise, including the original developer. Allowing an overly strong voice by a developer that is funded to maintain the code, however, can lead to long-term bias in the methods and types of changes being worked on.

PROPOSALS MUST OFTEN BE WRITTEN QUICKLY AND WITHOUT CRITICAL INFORMATION ON THE PROJECT'S SOFTWARE

The DoD customers often undervalue the effort it takes to understand software programs and complex systems deployed today, and companies (when solicited) are given little information to review before being asked to provide their best ideas. Informed proposals come from informed teams, not out of the clear blue sky.

Distributed knowledge through open-source code could provide a detailed understanding of the state of the practice in solving a systems problem. This understanding allows others, when invited, to submit their best ideas. Some project managers work hard to keep potential bidders informed and others do not. Without perspective on what the project is doing and what the current problems are, it is hard to offer improvements.

Even the customer's views are limited by their perspective, and a Request for Proposal (RFP (Request For Proposal) A document that invites a vendor to submit a bid for hardware, software and/or services. It may provide a general or very detailed specification of the system.

1. (business) RFP - Request for Proposal.
2. ) author may not see that a current design is lacking or problematical. Not recognizing the need of an informed review can cause a negative reply or a "left-field" response, which wastes the bidder's proposal budget and the reviewer's time.

Allowing informed and innovative proposals recognizes the potential value provided by new solutions. An open-source environment would allow developers to propose improvements based on their detailed and informed view of the source code, its problems, and their own strengths and experience.

THE DOD OPERATIONAL TEST AND EVALUATION (testing) operational test and evaluation - (OT&E) Formal testing conducted prior to deployment to evaluate the operational effectiveness and suitability of the system with respect to its mission.  (OT&E) PROCESS ENCOURAGES A RIGID "ONE-SHOT" CATHEDRAL APPROACH

The DoD currently uses formal testing methods that encourage programs to avoid frequent small tests in favor of single large test events, even though the OT&E offices encourage frequent interaction with a program. Most programs, however, will subconsciously sub·con·scious  
adj.
Not wholly conscious; partially or imperfectly conscious: subconscious perceptions.

n.
The part of the mind below the level of conscious perception. Often used with the.  try to "get everything right" before putting the glaring spotlight of formal OT&E on their system. Not wanting to risk negative reviews when the system is in its infancy, they avoid frequent incremental testing in favor of fewer and larger events that are scripted in nature. This is a very important problem, since corrections are less expensive when feedback is earlier and more incremental. These practices violate the "release early" and "release often" axioms.

THE PROPOSED OPEN-SOURCE MODEL FOR DEFENSE SOFTWARE PROJECTS

So far, we have reviewed the problems that exist with DoD software projects, and concerns that must be addressed regarding national security considerations. Listed below is a new set of axioms with at least one vision on how open-source software methods could be applied to defense systems software projects:

1. The code should be freely licensed to all willing co-developers.

2. The distribution must be controlled due to security conditions.

3. The distribution must limit technology transfer to international entities.

4. The distribution should not limit or constrain con·strain  
tr.v. con·strained, con·strain·ing, con·strains
1. To compel by physical, moral, or circumstantial force; oblige: felt constrained to object. See Synonyms at force.

2.  the platform (OS) use.

5. The soldiers, sailors, and pilots that comprise the user communities should be provided at least a partial distribution of the source code (especially for the user interfaces), as they are co-developers.

6. There should still be strict configuration management of installed software baselines.

7. Changes should not normally affect original functionality unless bugs are being fixed.

8. Commercial (generic) platform options for running the software are preferred.

9. A single lead activity or vendor should still be charged and funded to integrate proposed changes into a CM-controlled distribution and provide associated integration, stress testing Determining the durability of a system by pushing it to its limits. Stress testing a network is performed by transmitting excessive numbers of packets or attempting to break in illegally. , and documentation and logistics (e.g., operator manuals, training, etc.) updates for the system, even if open-source methods are used to evolve the software code.

10. The OT&E process must encourage more incremental testing and feedback.

Under the proposed open-source model, the software application code would be provided to any or all registered university labs, Government labs, and vendors that are willing to take the proper safeguards and precautions precautions Infectious disease The constellation of activities intended to minimize exposure to an infectious agent; precautions imply that the isolation of an infected Pt is optional, but not mandatory.  to protect the national security aspects involved. Then they could either invest their own resources or propose to a sponsoring agency to fund work using the code.

The originating office may alternately establish their software agent as the control point for incorporating changes developed by others and re-distributing the code, as is done on Linux OS, or might allow a completely ad-hoc distribution method as used on many smaller projects. All changes made to the application's Code, however, should be provided to the originating team and all other registered development groups. They can review it and incorporate it at their discretion. Other co-developers may see a potential improvement and would have the option of implementing it on their projects or of proposing sponsored project work to any of several potential funding sponsors.

This proposed arrangement does not preclude a sponsoring program office from developing an entirely new application. The existence of a basic version of the software code for military applications, however, gives them an example to leverage fully (if possible), borrow from (if reasonable), or move on past (if necessary).

A critical aspect of bringing open-source methods to DoD use is using voluntary processes and avoiding the pitfall pit·fall  
n.
1. An unapparent source of trouble or danger; a hidden hazard: "potential pitfalls stemming from their optimistic inflation assumptions" New York Times.  of establishing a new DoD office chartered with managing and mandating open-source practices. A voluntary method that encourages participation would encourage participants to listen to their users and customers. Mandated methods tend to turn into monopolies with all of their inherent problems. Establishing a central registry of code and its originators, however, might be very beneficial.

EXAMPLES OF OPEN-SOURCE AT WORK WITHIN THE DOD

The Global Command and Control System Highly mobile, deployable command and control system supporting forces for joint and multinational operations across the range of military operations, any time and anywhere in the world with compatible, interoperable, and integrated command, control, communications, computers, and , Maritime (GCCS-M GCCS-M Global Command and Control System - Maritime (US DoD) ) has been a recent and significant example of the open-source model at work within the DoD. All Navy ships, airplanes, and units coordinate their tactical command The authority delegated to a commander to assign tasks to forces under his command for the accomplishment of the mission assigned by higher authority.  and control movement using this major DoD application. It was developed over many years and at tremendous expense. Before 1998, only one vendor had full access to and working knowledge of the source code. Then the Commander of the Space and Naval Warfare naval warfare

Military operations conducted on, under, or over the sea and waged against other seagoing vessels or targets on land or in the air. The earliest naval attacks were raids by the armed men of a tribe or town using fishing boats or merchant ships.  Systems Command, Rear Admiral John A. Gauss, made a decision with staffing coordination to open up the source code by providing it to several other software development activities. This decision was contested initially by the vendor, but the "opening" was implemented about a year later. After being made "open," over a dozen organizations paid a single-time developmental license (used to fund initial set-up and technical support) to the Navy and have obtained a copy of the program and all of its build packages. This was not truly a "free" deal, as the license fee is charged for the initial support. It is, however, truly "open," since all of the source code is provided. Reportedly, the vendor was initially suspicious of the Navy's intentions, but since making GCCS-M open-source, positive benefits have included identification of potential improvements, expanded use of the software, and increased opportunity for the vendor.

Another interesting example of software commonality and openness is the Core Architecture Data Model (CADM CADM Core Architecture Data Model (DoD)
CADM Computer-Aided Design and Manufacturing
CADM C4ISR Core Architecture Data Model
CADM Configuration & Data Management
CADM Clean Air Device Manufacturers Association ) being developed in Extensible Markup Language See XML.

(language, text) Extensible Markup Language - (XML) An initiative from the W3C defining an "extremely simple" dialect of SGML suitable for use on the World-Wide Web.

http://w3.org/XML/.  (XML XML
 in full Extensible Markup Language.

Markup language developed to be a simplified and more structural version of SGML. It incorporates features of HTML (e.g., hypertext linking), but is designed to overcome some of HTML's limitations. ) for all of the DoD services by the Defense Information Systems Agency (DISA 1. (body) DISA - Defense Information Systems Agency.
2. (standard) DISA - Data Interchange Standards Association. ). A common data model allows software programs to integrate in new ways and avoid having multiple definitions of the same item. Developers that leverage the CADM can utilize an off-the-shelf XML "parser A routine that analyzes a continuous flow of text-based input and breaks it into its constituent parts. See parse.

(language) parser - An algorithm or program to determine the syntactic structure of a sentence or string of symbols in some language. " module to provide the interface services for XML type data, thus eliminating the development of huge amounts of source code (data handling and error checking is a large part of a program). This is an extremely powerful philosophy for the DoD, placing emphasis on a common view of the underlying data that the code manipulates instead of a common code set that may be hard to port.

DOD BENEFITS FROM USING OPEN-SOURCE METHODS

A "DoD-Foundation Class Library" containing commonly used algorithms and application modules would be openly shared and maintained amongst programs. It would provide tremendous benefits, promoting software functions from successful programs while allowing improved debugging of errors or elements missing from others. Successful attributes of a DoD open-source approach would include:

* More application codes being re-used, lowering non-recurring costs.

* The cost of software maintenance and improvement is lower, with faster debug To correct a problem in hardware or software. Debugging software means locating the errors in the source code (the program logic). Debugging hardware means finding errors in the circuit design (logical circuits) or in the physical interconnections of the circuits.  cycles and more groups familiar with the source code and technically capable of working with it.

* Open-source software allows greater flexibility in choosing hardware solutions, since the single-source provider was historically biased.

* The better parts will get re-used and leveraged as much as possible (selective evolution), while the "buggy Refers to software that contains many flaws. Many in the software industry swear that bugs are inevitable, and perhaps they are right. As long as we work in the competitive, pressure-cooker environment of our high-tech world, products will more often than not be developed too hastily and " or poorer parts will get replaced or fixed. This is a genetic evolution model of "survival of the fittest."

Examples of the types of software modules that could be shared amongst programs with great benefit to the DoD as a whole are sonar and radar signal processing See DSP. , image processing image processing

Set of computational techniques for analyzing, enhancing, compressing, and reconstructing images. Its main components are importing, in which an image is captured through scanning or digital photography; analysis and manipulation of the image, accomplished , track management, phased-array beamforming, graphical user libraries, scene rendering, and data fusion Data fusion, is generally defined as the use of techniques that combine data from multiple sources and gather that information in order to achieve inferences, which will be more efficient than if they were achieved by means of a single source. . If even a small percentage of the software maintenance costs were reduced, the DoD cost savings would be significant.

PROBLEMS WITH AN OPEN-SOURCE MODEL FOR DEFENSE SYSTEMS

There are some potential problems with the use of open-source software in a defense system application, such as increased cost to national security. The problems must be balanced against the gains for each particular program and measured against the potential benefits. Some of the arguments are:

* This is expensive; co-developers are not really free. This is an important issue. A legion of co-developers capable of working on complex software systems is expensive. This is certainly true if a small project is viewed individually. When viewed generically, many company, laboratory, and university efforts are all relevant to big projects and are already funded. When a software module is used by four or five programs, however, the cost-per-program for the life-cycle support decrease (in aggregate) compared to duplicative efforts funded by multiple programs. The cost of debugging should become lower through repeated porting and broadened team support.

* The platform can be a big problem. The software may need a specific type of system on which to run. This problem has few simple solutions. Open-source methods and porting for other project use will tend to eliminate platform-specific nuances and allow deployment on less expensive commercial-equivalent systems as time goes by.

* National Security is threatened through widespread code release. In reality, National Security is threatened more by expensive and bug-ridden software. Technology transfer and secure vaulting vaulting

Gymnastics exercise in which the athlete leaps over a form that was originally intended to mimic a horse. At one time, the pommel horse was used in the vaulting exercise, with the pommels (handles) removed.  and transfer rules can protect the national interests. The groups and companies participating are already developing military systems.

* Nothing is really gained; the algorithms are published in journals to publicize pub·li·cize  
tr.v. pub·li·cized, pub·li·ciz·ing, pub·li·ciz·es
To give publicity to.

publicize or -cise
Verb

[-cizing, -cized]  the state of the art, and the coding of the algorithm is trivial. This argument does not recognize the complexity of the software involved and the potential benefits and budget savings through use of a previously debugged version of the algorithm.

* Competitors will take advantage of "open-source" to develop preferred business positions. It is a bold move to register and provide software modules to competitors, some of whom may be large and aggressive. There have been notable examples of companies that obtained existing software from a competitor and leveraged it to their advantage. The use of a feedback system and "registry" web site should provide a means of identifying those companies that were obtaining open-source code but not contributing to the "open" efforts or identifying how they use the code. This imbalance could be used to justify a ban on a group from receiving further code developed by others. This would put financial pressure on such companies, since their proposals would become more expensive and receive less favorable financial and technical reviews.

* The GPL See GNU General Public License.

1. GPL - General Purpose Language.
2. GPL - ["A Sample Management Application Program in a Graphical Data-driven Programming language", A.L. Davis et al, Digest of Papers, Compcon Spring 81, Feb 1981, pp. 162-167].  License is confusing. What does it mean for the DoD? This article does not attempt to cover the differences in the various open-source licenses, which is an important topic that needs review and comprehensive study. A specialized version of the GPL may need to be developed for DoD use.

SHARPENING THE COMPETITIVE EDGE WITH OPEN-SOURCE

One significant reason that corporations tightly protect their software source code is to maintain a singular business position through collecting intellectual property (IP). Despite the fact that the taxpayer often funded the code development, the old adage "possession is nine tenths of the law" applies. Senior business managers can be understandably horrified hor·ri·fy  
tr.v. hor·ri·fied, hor·ri·fy·ing, hor·ri·fies
1. To cause to feel horror. See Synonyms at dismay.

2. To cause unpleasant surprise to; shock.  at the prospect of releasing the source code for a project to potential competitors. Certainly the DoD sector is no different in this concern than the private sector, yet companies such as SGI (SGI, Sunnyvale, CA, www.sgi.com) A manufacturer of workstations and servers, founded in 1982 by Jim Clark. The company was founded as Silicon Graphics, Inc., but changed to its acronym in 1999.  and IBM (International Business Machines Corporation, Armonk, NY, www.ibm.com) The world's largest computer company. IBM's product lines include the S/390 mainframes (zSeries), AS/400 midrange business systems (iSeries), RS/6000 workstations and servers (pSeries), Intel-based servers (xSeries)  are now pursuing open-source strategies for significant portions of their software IP base. Strong factors can help to give open-source policies more business importance for the military sector than for the private sector, such as:

* Regardless of who else gets the source code, the developing agent will always have stronger bragging rights and credentials when trying to develop new business. Most customers will prefer to deal with the originating agent, since they are clearly a sharp group. This may, however, take some reminders.

* Wider use of one's software on other programs can open doors to those programs and provide new customers. Getting into a new program or project has always been very difficult in the military business. The advantage of having one's software modules already in use on that program would be a major selling point selling point
n.
An aspect of a product or service that is stressed in advertising or marketing.

Noun 1. selling point - a characteristic of something that is up for sale that makes it attractive to potential customers  in claiming capability in supporting the needs of that customer. This implies that some method of tracking the use of that code is available. Registration for updates should be sufficient.

* The companies that support DoD open-source solutions can claim enormous credibility with their customers, the soldiers, and the taxpayers. This is most important in areas of basic research, where continued funding is dependent on demonstrated original work and program transitions.

* The money saved by avoiding repetitious rep·e·ti·tious  
adj.
Filled with repetition, especially needless or tedious repetition.


repe·ti  software is a savings in personal and corporate taxes. In comparison to a single individual's personal taxes the savings may represent a lifetime of earnings.

* The money saved in software redevelopment could be used more productively on new functionality. Today's military systems are better than ever, but more capability could often be utilized to face the complex and dense multi-threat environments. Developing that functionality is more challenging than basic building block code.

* Open-source policies make good business sense on their own financial merit, since they can lower the cost of developing and supporting software (cost centers or revenue drains) while leveraging non-employee (i.e., free) people working to improve the systems your company is selling. This happens without major costs to your organization, usually with only minor assistance, to promote your original IP content to new customers.

Some of these benefits are intangible. The bottom-line financial incentive is necessary to sway senior management. Benefits should start to accrue with even modest use of open-source policies and should be monitored and measured if possible.

HOW THE DOD CAN PROMOTE OPEN-SOURCE

There are several ways that the DoD can encourage the use of open-source software. Of particular interest are voluntary methods, since mandated policy efforts, such as the Tactical-Digital Standards or Militry Standard (MIL-STD-1499), have historically proven ineffective. Some voluntary methods that we have identified are:

1. Request notification and disclosure if any open-source module or code is planned or in use. Take that notice back to originating companies. This could be required in proposals, design reviews, and in delivered code and documentation. This notification would help to initiate feedback from the Government back to the original developers.

2. Include open-source data in proposal requirements, and make it an evaluated criteria, and offer award criteria "points" to those with positive policies.

3. Provide pre-approved release of source code to other domestic DoD vendors. This puts the process in a streamlined mode of operations and prevents bureaucracy. This also allows the developing company to track those companies that are using their software and code and to send them future updates or releases. This allows them to boast about how their work is benefiting other projects.

4. Establish a central registry or web site for companies and researchers to access and review what software modules are available to leverage. This would allow companies or customers to check a vendor's support for open-source through their willingness to "register" software modules.

5. Actively identify and register DoD laboratory-developed software modules as available to all reasonable DoD vendors. Since the DoD labs are already public entities, those labs can be directly tasked and funded to take a leadership position in providing open-source software modules.

6. Be patient with companies trying to develop an open-source methodology. In some cases a business interest may delay the release of code, and this may be unavoidable.

7. Identify "in possession" software already delivered to the Government and register it as available. Most development or R&D programs include extensive requirements for delivering code and documentation.

8. Encourage a more incremental and open OT&E system with more frequent feedback and reviews. This should help achieve a more build/test/build methodology.

HOW DOD VENDORS CAN INITIATE OPEN-SOURCE POLICIES

There are ways that a company can promote open-source practices with small steps and assist the development of a larger but fair business environment. These steps start small (though still brave) and then grow in scope:

1. Offer limited release of source code to laboratories and universities. These are groups less likely to compete directly for business, and the release creates something like "free IRAD" work for the company.

2. Post public web site notification that select modules are available, either on the company's own web site or on a registry. Initially, the modules could be older or less-vital ones, or perhaps prototypes that need help.

3. Release executable library software modules as dynamic link libraries A set of program routines that can be called at runtime as needed. See DLL.

dynamic link library - Dynamically Linked Library  with application programmer An individual who writes application programs in a user organization. Most programmers are application programmers. Contrast with systems programmer. See system development cycle.

 interface (API (Application Programming Interface) A language and message format used by an application program to communicate with the operating system or some other control program such as a database management system (DBMS) or communications protocol. ) information. This is a transitional step, since the source is not really available, and a form of protection is still offered to company intellectual property. This release to other vendors, however, allows some of the benefits to accrue, while still retaining IP content.

4. Fully release application and source code for application programs. This would require review of security requirements and customer coordination. It is the boldest of the steps we can identify, but provides the most benefits to both the developer and the DoD community as a whole.

SUMMARY

Open-source projects are collaborative, rapidly updated and rapidly released, and pushed by highly motivated volunteers working with a diversity of interests, skills, and hardware sets. Benefits of open-source for the DoD include greater reliability, lower software development and maintenance costs, and more rapid evolution. Steps that the DoD can take to promote OS include making laboratory code available, creating a code catalog or registry, and making it a proposal evaluation and award criteria. To achieve these benefits the movement to open-source policies must be made jointly by the industry vendors and DoD customers and led by the DoD's senior management.

REFERENCES

Bezroukov, Nikolai. (1999, October). Open-source software development as a special type of academic research (A critique of vulgar Raymondism). First Monday First Monday is a short-lived U.S. television drama centered on the U.S. Supreme Court. Created by JAG creator Donald Bellisario, the show aired on CBS from January until May of 2002. , 4(10). Retrieved on November 21, 2005, from http://www.firstmonday.org/issues/ issue4_10/bezroukov/index.html.

Brooks, Fred P. (1975). The mythical myth·i·cal   also myth·ic
adj.
1. Of or existing in myth: the mythical unicorn.

2. Imaginary; fictitious.

3.  man month. Boston: Addison-Wesley.

Raymond, Eric S. (1998, March). The cathedral and the bazaar. First Monday, 3(3). Retrieved on November 21, 2005, from http://www.firstmonday.org/issues/issue3_3/raymond/index.html.

David Lechner has 20 years of experience in Department of Defense systems development and acquisition. His civil service career included NAVAIR NAVAIR Naval Air Systems Command (REWSON REWSON Reconnaissance, Electronic Warfare, Special Operations, Navy (US DoD)
REWSON Radar, Electronic Warfare, Sonar (Naval Electronics Systems Command) ), NAVELEX NAVELEX Naval Electronic Systems Command  (PMW PMW Pacific Media Watch
PMW Palestine Media Watch
PMW Patmont Motor Werks
PMW Pari-Mutuel Wagering
PMW Passive Microwave
PMW Project Management Workshop
PMW Perfect Magnetic Wall
PMW Program Manager, Warfare (SPAWAR) 143), GSA (1) (Global mobile Suppliers Association, Sawbridgeworth, U.K., www.gsacom.com) A membership organization of suppliers of GSM products and services. Its goal is to promote GSM as the worldwide mobile communications standard. See GSM Association and GSM.  (FEDSIM FEDSIM Federal Systems Integration & Management Center ), and NAVSEA NAVSEA Naval Sea Systems Command
NAVSEA Naval Avionics Support Equipment Appraisal  (PMS425). He holds a B.S. in Electrical Engineering electrical engineering: see engineering.
electrical engineering

Branch of engineering concerned with the practical applications of electricity in all its forms, including those of electronics.  from Carnegie Mellon University Carnegie Mellon University, at Pittsburgh, Pa.; est. 1967 through the merger of the Carnegie Institute of Technology (founded 1900, opened 1905) and the Mellon Institute of Industrial Research (founded 1913). , an M.E.Ad. from George Washington University George Washington University, at Washington, D.C.; coeducational; chartered 1821 as Columbian College (one of the first nonsectarian colleges), opened 1822, became a university in 1873, renamed 1904. , and an M.S. in Computational Physics Computational physics is the study and implementation of numerical algorithms in order to solve problems in physics for which a quantitative theory already exists. It is often regarded as a subdiscipline of theoretical physics but some consider it an intermediate branch between  from George Mason University Named after American revolutionary, patriot and founding father George Mason, the university was founded as a branch of the University of Virginia in 1957 and became an independent institution in 1972. . He spent 5 years with DRS DRS Drives (street suffix)
DRS Dispute Resolution Service
DRS Doctorandus
DRS Department of Rehabilitative Services
DRS Direct Registration System (securities)
DRS Department of Rehabilitation Services  Electronics Systems on combat systems programs and currently works for GeoLogics Co.

E-mail address See Internet address.

e-mail address - electronic mail address : Lechnerd@wdn.com

Harold Kaiser is the Executive Director for Radar Programs, with 30 years' experience at DRS Technologies DRS Technologies, Inc. (commonly known as DRS; formerly known as Diagnostic/Retrieval Systems, Inc.) is a supplier of defense electronic products and systems to the United States Air Force, Army, Coast Guard, Marine Corps, Navy, aerospace and defense prime , Inc, responsible for managing various sonar and radar engineering development and manufacturing programs. He holds a degree from RCA See RCA connector and video/TV history.  Institute of Technology, and received a diploma from the Defense Acquisition University (formerly DSMC DSMC Direct Simulation Monte Carlo
DSMC Defense Systems Management College
DSMC Data and Safety Monitoring Committee
DSMC Division-Support Medical Company
DSMC Data Services Management Center (US NASA) ) Program Management Course. Kaiser earned Program Management Institute, PMP See point-to-multipoint and portable media player.

PMP - Portable Media Player  status in 1992 and is currently preparing for renewed PMP certification.

E-mail address: Kaiser@drs-c3.com
COPYRIGHT 2005 Defense Acquisition University Press
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2005, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

 Reader Opinion

Title:

Comment:



 

Article Details
Printer friendly Cite/link Email Feedback
Author:Kaiser, Harold
Publication:Defense A R Journal
Geographic Code:1USA
Date:Dec 1, 2005
Words:5815
Previous Article:An assessment of the lead systems integrator concept as applied to the future combat system program.
Next Article:Irreducible truths of software-intensive program management.
Topics:



Related Articles
NY designer cries foul with retail storefronts. (Josephine Sokolski calls many retail building facades visual pollution) (Brief Article)
SWANK BAZAAR : CHATSWORTH'S MARKETPLACE SET TO OPEN.(BUSINESS)
Open Architecture Opportunity: Open-source software components are fueling a new reseller's market, customized enterprise software for smaller...
IBM pledges 500 U.S. patents to open source in support of innovation and open standards.
OPENSSO PROVIDES DEVELOPERS W/ PROJECT INFORMATION & RESOURCES.
Open Source in the Enterprise: From Evaluation, Adoption to Implementation and Optimization - Integrating Open Source into Existing IT Platforms.
Defense ARJ executive editor.
CMS: sticking with tried and true: institutions are boosting their content management efforts with the use of commercial software while looking at...
Free and open source software: new programs offer alternatives for districts.(Professional Opinion)
Defining open source systems.(DATABASE AND NETWORK INTELLIGENCE)

Terms of use | Copyright © 2009 Farlex, Inc. | Feedback | For webmasters | Submit articles