It is difficult to imagine the Federal government moving in one well-coordinated direction on any matter, and so it has been with the adoption of open source software. Some agencies were early adopters, especially the academic and research communities. As it did in universities, open source adoption in the US government originated in research settings, where sharing and collaboration were already part of the culture of pedagogy. In this way, the government had been using and creating open source software even before it was called "open source." Other agencies and departments have been more conservative, for a variety of reasons, and are only just now bringing open source software into their operations. With this in mind, the history of open source in the US government is best understood as a series of individual stories that have collectively led to the pervasive adoption of open source we see today.
It was in 1997 that open source as an enterprise computing trend emerged, and the US government was there. While Eric Raymond was writing his seminal treatise on open source, "The Cathedral and the Bazaar," a Major in the US Air Force named Justin Seiferth published "Intranet Hallways Systems Based on Linux" in the Linux Gazette. This article described a simple web-based explorer for Windows file servers built on the Linux operating system. This may be the first public acknowledgment of the US Government’s use of open source software as we know it today.
For the next several years, advocates in the private sector and cautious staff in government began to engage the questions that still confront open source today: Is it ready? Is it secure? How do we use it? In 1999, Mitch Stoltz of NetAction wrote the first persuasive essay on the topic, "The Case for Government Promotion of Open Source Software." Stoltz invokes many arguments that are still being used today: lower cost, increased flexibility, and better security. That same year, the President’s National Coordinator for Security, Infrastructure Protection, and Counter-Terrorism convened a multi-agency working group to produce "Open Source Code and the Security of Federal Systems." That report is the first official study of open source by the federal government.
While at the Air Command and Staff College, Major Seiferth returns to our history again, this time publishing a research report on the potential benefits of open source specifically in the DOD. Seiferth notes ironically that the US Government is at once reluctant to use open source, and a great creator of open source projects:
"Within the Department of Defense, the National Laboratories and Defense Advanced Research Agency have been the most visible users and producers of open licensed systems. They’ve released such advances as the original firewall and network security toolkits. As a more recent example, within the last year the National Air and Space Agency has debuted several inexpensive supercomputers. Open licensed operating systems and applications allowed the scaling of inexpensive pentium-based machines into an integrated hardware/software system. In addition to being inexpensive, these machines are among the most powerful available."
Seiferth, like Stoltz, makes a number of familiar arguments for open source, but his greatest insight is that open source is ”Commercial Off-the-Shelf” (COTS) software. This is significant, because it means that open source would be able to use the existing policy and regulations that had already been created for software more generally, rather than being treated as a special case and thus hampering its adoption. This will later become the explicit policy of the Office of Management and Budget, as well as the Department of Defense.
The very next year brings an explosion of open source activity in government. In the private sector, IBM announced that they are investing one billion dollars in the Linux project. The Open Source Software Institute was founded to aid the adoption of open source in the Federal government.
Meanwhile, government adoption continues apace. We begin to see the procurement apparatus wrestle with open source licensing in procurements. The US Air Force Scientific Advisory Board’s “Ensuring Successful Implementation of Commercial Items in Air Force Systems” is the first procurement guidance to explicitly mention open source.
Some agencies aren’t waiting, though. The National Security Agency — to the astonishment of its peers and the open source community – releases SELinux, which provided a set of strong security controls to the Linux operating system. In doing so, the NSA was taking technology that had been useful to a very small set of customers, and was therefore very expensive, and made it freely available to the general public. Innovation quickened, the software improved, and SELinux is still used in Linux today. Most recently, SELinux was ported to the Android system, where it provides mobile phone users protections against hostile applications. This wasn’t the first time the US government has released software, but it made headlines because it was an implicit endorsement of the open source process by arguably the most security-conscious intelligence agency.
This flurry of activity continues into 2001, with MITRE releasing "Making the Business Case for Open Source Software." This document, the most comprehensive treatment of open source to that point, was published as part of the larger “Open Source Software in Military Systems” study which the US Army had commissioned from MITRE. The report concludes: “Open source will benefit the government by improving interoperability, long term access to data, and the ability to incorporate new technology.” Here, we see the US Army, who is later to become one of the largest open source users in the world, taking its first exploratory steps.
The next major milestone is in 2003, with the release of the "Stenbit Memo." On May 28, the DOD CIO John Stenbit released the first DOD-wide guidance on open source software, which implicitly permits its acquisition, development, and use. Meanwhile, the Army begins to deploy the "Blue Force Tracker," running on open source software, to over 80,000 tactical vehicles. Famously, General Nicholas Justice proclaims, “When we rolled into Baghdad, we did it using open source.” Nine months later, in July of 2004, the OMB issues a memo similar to the Stenbit Memo that covers the government as a whole. At approximately the same time, NASA releases the very popular World Wind geospatial visualization project under the newly-minted "NASA Open Source Agreement." Six months later, Red Hat, the world’s largest open source company at the time, creates a US Government division and the first Government Open Source Conference (GOSCON) is held in Portland, Oregon.
In 2006, Sue Peyton, the Air Force Assistant Secretary of Defense for Acquisition, commissioned the "Open Technology Development Roadmap," which goes beyond the simple benefits of open source, and describes how it can be put to productive use in the context of the DOD’s Net-Centric doctrine, which was in fashion at the time. This is the first effort to align the principles of open source with an overall agency strategy, demonstrating how savvy open source advocates inside the government have become.
In 2007, the US Navy commissioned Raytheon, IBM, and Red Hat to add “real-time” features to the Linux kernel, which it required for the new destroyer it was building. Significantly, the Navy ensured that the software is released into the open source community. Shortly thereafter, the US Navy CIO Robert Carey releases the Navy Open Source Memo, which explicitly classifies open source as COTS software. This is a significant change in tone from the Stenbit memo and OMB memos of 2004, which only implicitly provide this same guidance.
Open source use subsequently explodes. By September of 2008, the Microsoft-funded Open Source Census was reporting that open source use in government was higher than any other industry. The Federal Open Source Alliance’s Federal Open Source Referendum study reported that, 71% of agency executives believed they could benefit from open source and 58% said they were likely to consider open source.
The Obama Administration’s first act on taking office was to issue the Open Government Memo, which articulated a general policy of "transparency, collaboration, and participation." Subsequent agency initiatives prominently featured open source software as a means to achieve those goals. Open source policies began to pour out of governments at the federal, state and local level. NASA, in particular, made open source software and the open source development process a cornerstone of their open government plan. In the private sector, Open Source for America was founded. This coalition of industry, advocates, and individuals is meant to be a central resource for advocates of open source software in government. That August, Macon Phillips, the White House New Media Director who would later release portions of the software for whitehouse.gov, called open source “…the most concrete form of civic participation.” Clearly, open source and open government became inextricably related.
In October of 2009, the “DOD Open Source Memo” is released by David Wennergren, the DOD CIO. This memo got headlines around the world, and remains the single most influential government policy document on open source today. The memo itself is simple, and following the Navy’s declaration two years earlier, reminds procurement officials that open source software is COTS. The appendices to the memo, however, go into much more detail about the potential advantages and risks of open source software. The memo specifically encourages the DOD to take advantage of its ability to modify software to suit a mission’s need.
Later in 2009, CENDI, an organization of government managers, issues a FAQ on copyright and open source to help agency lawyers understand open source licensing and the sometimes confusing intellectual property questions that they pose. A few months later, for the first time since 2004, OMB refreshes its open source guidance with the “Technology Neutrality” memo, reminding agencies that competition in software is important, and that they are forbidden from discriminating against software based on its development method. Once this memo was published, most of the barriers to open source adoption had been diminished or eliminated in the US government.
Unburdened, open source continued its growth in 2011. Sue Peyton’s Open Technology Development Roadmap from 2006 receives a “Lessons Learned” sequel, which makes recommendations to DOD programs interested in releasing their own software. Eben Moglen, one of the most prominent open source lawyers in the country, and head of the Software Freedom Law Center, releases “Government Computer Software Acquisition and the GNU General Public License,” which explains the provisions of that very popular open source license in the context of government procurement regulations. Clearly, the government’s understanding of open source had grown more sophisticated since its first tentative forays a decade before. A survey conducted by Lockheed Martin at this time found that 69% of government contractors and 40% of federal agency respondents were already using open source. The survey also found that 66% of all respondents said that they would be using more open source in the next 12-18 months.
With this increased comfort, 2011 also saw the release of more open source software from the government than ever before. The White House released portions of the code for whitehouse.gov, the code for the Federal CIO’s IT Dashboard, and the data.gov platform. At the end of 2011, the Federal CIO announced a draft “Shared First” policy, which mandates re-use and sharing of IT resources amongst civilian agencies, and specifically mentions that agencies should collaborate on software development. Also, NASA releases code.nasa.gov, a landmark project to centralize all the source code released by NASA in one citizen-friendly web site.
So we see the adoption of open source in the Federal government as an evolution: the first furtive steps in the late 1990s and early 2000s, manifested in persuasive essays and studies. From there, certain organizations like NASA and the Army take leadership roles in open source adoptions. From 2003 to 2009, a series of policies institutionalize its use throughout the government. By the close of the first decade, the White House, NASA, the Office of Management and Budget, and other agencies are not just using open source, but creating and releasing open source software of their own.
Did I miss a major event? A major code release? Let me know in the comments.
[This is a writeup I did as a companion to the History of Open Source in Government Timeline. Karl Fogel and I will be presenting more findings from the timeline at OSCON this year.]
2 Comments