OpenSource Connections
Category: Uncategorized
In a memorandum dated October 16, 2009, the CIO of the Department of Defense published guidance on the use of open source software within the DoD. The CIOs assessment of the perception of open source sums up quite well the obstacles we have seen time and time again:
“Unfortunately, there have been misconceptions and misinterpretations of the existing laws, policies and regulations that deal with software and apply to OSS, that have hampered effective DoD use and development of OSS.”
I wonder how long it will take for contracting officers to get the memorandum (so to speak) and to try to find ways around the guidance, spelled out in Attachment 2:
“In almost all cases, OSS meets the definition of commercial computer software and shall be given appropriate statutory preference in accordance with 10 USC 2377 (reference (b)) (see also FAR 2.101(b), 12.000, 12.101 (reference (c)); and DFARS 212.212, and 252.227-7014(a)(1) (reference (d))).”
We also eagerly await broader acceptance within the DoD information assurance community, but do not expect rapid change, despite the following guidance:
“DoD Instruction 8500.2, Information Assurance (IA) Implementation, (reference (g)) includes an Information Assurance Control, DCPD-1 Public Domain Software Controls, which limits the use of binary or machine-executable public domain software or other software products with limited or no warranty, on the grounds that these items are difficult or impossible to review, repair, or extend, given that the Government does not have access to the original source code and there is no owner who could make such repairs on behalf of the government. This control should not be interpreted as forbidding the use of OSS, as the source code is available for review, repair and extension by the government and its contractors.”
In sum, this is good news for those of us who believe that open source has a place in the Department of Defense. However, word spreads slowly in the Government, and I expect that this policy will take many months, if not years, before gaining significant traction in DoD contracting policy. A good place to start would be providing correct links in the policy memo. Clicking on the link currently leads to a 404 error.
*Edit: This is the correct link: *Clarifying Guidance Regarding Open Source Software (OSS)
Thanks to the Powdermonkey blog and Dr. Mark Drapeau for sharing this!