U.S. Defense Department Promotes Open Source

The DoD needs to take faster steps at increased care and maintenance of its software infrastructure, where open source provides a marked advantage, according to acting DoD chief information officer David M. Wennegren in his recent memo to defense entities. In it he asserts that knowledge gaps and misunderstanding have prevented effective use of open source in the DoD. His "Clarifying Guidance Regarding Open Source Software (OSS)" addresses joint chiefs of staff, the defense secretariat and other decision-makers in IT, acquisitions and related entities, and includes some enlightening material.

The memo recommends taking a good look at open source software to determine which market products can best address a stated task. Wennegren states his case with seven arguments for open source: its (1) broad peer review provides stability and reliability, (2) adaptability to changing conditions, (3) independence from single developer reliance, (4) unrestricted licensing, (5) cost growth mitigation, (6) shared maintenance opportunities and (7) rapid prototyping and experimentation opportunities.

Wennegren's memo goes on to dash some current misconceptions among DoD folks about open source. For example, he clarifies that "many open source licenses permit the user to modify OSS for internal use without being obligated to distribute source code to the public. However, if the user chooses to distribute the modified OSS outside the [DoD], then some OSS licenses (such as the GNU General Public License) do require distribution of the corresponding source code to the recipient of the software." In other words, if further developed open source code is to be used only internally (is classified), the source code need not be distributed externally.

The six-page document dates from October 16, 2009 and is available off the DoD FOSS webpage, which also includes the FAQ and a document from 2003 that Wennegren claims resulted in some misconceptions he wanted to resolve with the current memo. The older document likewise targeted OSS in the DoD, but focused almost entirely on compliance with policies instead of providing clarification.