The US Department of Defense is not only encouraging use of open source applications, it recently open sourced an enterprise human resources application that has over a million lines of code.
This isn't the first time the DOD has released code to the public. In June, a PC-based mapping application developed for the military, FalconView, was also made available as open source.
In short, the DOD is making use of open source applications a two way street, and there may be more DOD-funded open-source software on the way.
There's evidence of a new, aggressive tone being set by the department's top CIO, David Wennergren, on open source use. A memo he wrote this month encourages adoption of open source and pointedly said that open source can "provide advantages" to the department's need to update its software "to anticipate new threats and respond to continuously changing requirements."
But Wennergren's memo, intended to ease adoption hurdles among defence agencies, comes just after the Pentagon's IT unit, the US Defense Information Systems Agency (DISA), has released under as open source a human resource and workforce management system that includes about 50 applications.
It's a system that has been in development since 1997 that is web-based and was moved in 2005 to Adobe's ColdFusion platform and Microsoft SQL Server.
The human resource system DISA is comprehensive. The agency won't put a value on it, but there are seven developers supporting it and they have continued to build out new capabilities that are used to help manage its workforce of 16,000 people.
Most recently, DISA's development team built tools that provide targeted notifications and some new personnel management capabilities. They were designed to be used in the event of an emergency and were just recently tested it as part of a pandemic planning scenario. In this test, telework for employees was expanded, which is a process that also uses DISA s telework management application.
Why build applications when you can buy software? Richard Nelson, DISA's chief of personnel systems support branch at its Manpower, Personnel and Security Directorate, said his IT team always looks for the commercial options first, and if the government decides to build instead of buy one of four things have happened: The commercial provider wanted too much money, the application didn't suit DISA's architecture, the system didn't meet federal processes and required extensive modification, or the provider told DISA "that what we wanted to have was not possible, so we built it ourselves," Nelson said.
Code written by government employees is technically in the public domain. But DISA wanted to make what it calls its Corporate Management Information System available to other federal agencies, state and local governments, academia, and more generally the open source community.
The government also wanted to enable private, third parties to offer service and support to users of the system. To accomplish that, DISA wanted the code under open source software license that would set some broad rules about how it is used.
DISA signed an agreement with the Open Source Software Institute, a non-profit industry group, that promotes adoption of open source in the public and academic sectors.
John Weathersby, OSSI's executive director, said his organization made enough modifications to the code to claim a unique copyright and then distributed the code back to DISA under Open Source License v.3, which gives users the right to do just about anything to the code buy sell it.
Nelson sadi he is hopeful that broader adoption of enterprise application by other entities will lead to improvements and new capabilities that it can incorporate as well. The code was made available under this license two months ago, and so far about 60 different organizations have licensed the software, more than half federal agencies.
Open source software is widely used by US defence and intelligence agencies, including the Central Intelligence Agency.
But Wennergren's memo suggest obstacles remain to open source adoption, and sets out to ensure that defence agencies evaluate open source software in any market research on new products.
The DOD's guidance on open source adds to the business case by stating, in certain terms, that open source may be more secure, saying in part: "The continuous and broad peer review enabled by publicly available source code supports software reliability and security efforts through the identification and elimination of defects that might otherwise go unrecognised by a more limited core development team."
Weathersby said Wennergren's memo makes clear that the DOD wants to ensure open source is treated equally. "It continues to legitimise the business proposition of open source within the government," he said.
John Scott, director of open source and software integration at Mercury Federal Systems, which is working with the DOD on software initiatives, published Wennergren's memo on his blog.