open source software discussion in Gov, to include: – Free, libre, open source software – Creation of OSS by the gov – open standards
Kundra Jan 7 Memo Spells out Open Source as Acquistion Option; Open or Checking-the-Box?
January 9, 2011 at 7:03 am #119941
Yesterday Federal CIO Viveck Kundra issued a memo entitled “Technology Neutrality” reminding federal agency CIOs to evaluate their acquisions based on a set of needs – not brand – and included open source as one of those options.
…agencies should analyze alternatives that include proprietary, open source, and mixed source technologies. This allows the Government to pursue the best strategy to meet its particular needs.
My blog post includes a downloadable copy of the memo and links to the press coverage plus (just for kicks because it’s Saturday) a copy of Viveck’s GOSCON 2008 Keynote Presentation: “Open Source, A Way of Life”.
Are you involved in the decision-making process in your agency? Does this memo provide guidance? Cover? Clarity? Is the timing linked to Google’s cry-foul on cloud procurement? Or Is Fed Radio on track with their take that this just is yet-another-reminder to not name brands in your procurements, or don’t forget to justify them?
I’d love to hear what you think.
January 9, 2011 at 4:10 pm #119962
I’m curious as well the back-drop to the memo. I think the memo is a good start but the key is really reminding and enforcement. In the end, most of the decisions end of a few levels down w/in IT program managers, IT architects, IT security officers and it is very rare that these folks are trained on these memos.
January 9, 2011 at 9:28 pm #119960
Thanks Steve. Leads me to a wondering, since my administrative or operational policy process context is from within state government……
What most typically happens with an OMB memo? How much weight do they typically bear in terms of either affecting policy or practice? Are they considered serving suggestions? Or do they invoke a process inside an agency that review their operational policies or practices? And what “enforceability” comes with a memo?
January 10, 2011 at 7:20 pm #119958
Peter G. TuttleParticipant
Great Posting Deborah. Hopefully, you’ll get some good discussion. I don’t think you have to look too far beyond the recent US COFC decision about Google and Onix to find a back drop. Check out some of the referenced cases like Savantage & Distributed Solutions, Inc. as well. When government officials decide on standardizing on a single product/solution without using a competitive process to do it….stuff happens, as it did here. I suspect that the new Republican House will become more and more interested in why the Executive Department gets into these types of fixes. Cheers. Pete
January 10, 2011 at 10:05 pm #119956
I like it – it seems to require a more inclusive definition of alternatives. The assumption is that opening up to other than brand name alternatives can be incorporated into the requirements definition and evaluation processes and that concepts such as “total cost of ownership” can be assessed for a wider variety of alternatives. It would also seem to me that this new requirement could make some procurements more complex and more expensive, given the need to sometimes compare apples and oranges.
January 11, 2011 at 3:11 pm #119954
Deb, This has been a heavily discussed topic within the Mil-Oss group. My understanding of the issues are the following:
1. Individual agency guidance regarding procurement continues to be a source of confusion. (caveat: I’m not a procurement expert) So in regards to the DON Policy for instance:
You are required under SECNAVINST 5230.15 dictates that all software, whether open source or off-a-shelf, must be *supported* in order to be used or you have to get a waiver. (The sticking point is the lack of definition of what is considered “supported”?
So in order to utilize OSS, you must fill out a waiver that discusses support, funding, justification, mitigation, impact. Completely understood. However, If you are utilizing legacy GOTS or even COTS that is purchased from a vendor no such waiver is required…..
So as I have experienced many times in both private sector/financial industry/health care: What happens if that vendor disappears? Case and point: Large physician organization pays 2.1 million for shiny new EMR platform great it works…until….Uh oh! over extended vendor goes belly up. The data is locked down, source code proprietary and no way of creating new reports to meet new business requirements.
ROI = FAIL
I won’t even mention at length in my the number of poorly designed access databases and macro enabled spreadsheets that continue to exist on shared drives.
It’s a valiant effort by GOV employees who see what technology can do and try to make their jobs more effective, efficient and standardized. But are not given access to the right tools to do it. Someone who isn’t “boots on the ground” buys some software and shoves it down their throats….they get frustrated because no one did a business requirement document, RFP or UAT before pushing it into production. So the bandaid approach continues….through access and excel. KM? Version Control? Thats another rant…
For what it is worth: My point is the following: I see it as a lip service play on a progressive “check the box” and pat ourselves on the back for the public to see “we” are getting with the times.
2. Adaption of OSS in the government is still a HUGE hurdle! They continue to make you jump through arduous hoops (the waiver process which most are baffled by or don’t even know where to begin).
3. You would continually “technically” need a waiver to install and use your own in-house developed OSS AND YOU would need a waiver each time you develop a new version and want to release it.
4. If you wanted to release GOTS software as OSS to different organizations within the DON or Any other agency then everyone would have do to the waiver each time a new version was released.
So what they fail to understand is that the unfamiliarity or risk perceived is completely unfounded. It is much more simple to detect vulnerabilities in OSS software that isn’t compiled before implementing it than a compiled COTS/GOTS product.
Plus if you farm out modules and objects to the OSS community who REALLLLLLLY want to help make things better, you have a huge number of people working on an issue and solve things much faster than calling SAP, Oracle, etc = $$$$ oh and by the way scan and test it in a sandbox….then put it into production.
Win/Win for all……
I really hope that I’m wrong……and they learn quickly! I’m just a LITTLE bit passionate about this….Can you tell?
January 11, 2011 at 4:37 pm #119952
I think the guidance continues the slow opening up, maturing and acceptance of other solutions, not just open source but software as a service as well. while I would like to see it go further, changes comes slowly to big enterprises.
January 11, 2011 at 5:58 pm #119950
Appreciate your comments and referenced cases Pete.
I would have to say that (in some respects) short-cutting the acquisition process – such as writing an RFP for the brand you know instead of doing the harder work of articulating what it is your agency needs (and may the best solution step forward) – seems to be a long-standing non-partisan problem. Timing being everything, I suspect we’ll be hearing more on the issue. But I digress. Deb
January 13, 2011 at 9:20 pm #119948
Open Source for American publishes Federal Open Technology Report Card; Rates Agencies on Open Government, Use of Open Technologies
January 13, 2011 at 9:52 pm #119946
Thanks John! I’m really pleased the original data collected from the federal agencies is being shared too. Cheers to the agencies should go for participating in the report which was of course voluntary.
January 27, 2011 at 3:28 pm #119944
I do not think the timing is a question, as this memo is a direct result of the Microsoft injunction. The rate of protests is on the rise, and the fact that poorly trained acquisition workers, combined with the ability of industry to protest at will, can only create an environment where mistakes, or fear of them, will also rise. Following source selection procedures and ensuring proper documentation are the most effective means of preventing these issues from occurring, but bias and lack of accountability seem to be pervasive instead. Combined with this environment, and a proposed spending freeze by the president, we can expect these incidents to rise as well.
You must be logged in to reply to this topic.