US Department of Defense sets open-source policy

The U.S. Department of Defense (DOD) has issued a policy that officially authorizes the use of open-source software at the department, a move open-source pundits say opens the door to more government use of open-source software.

Open-source software within DOD is accepted as long as it complies with the same DOD policies for commercial and government off-the-shelf software and meets certain security standards, according to a memo outlining the policy written last week by John Stenbit, assistant secretary of defense and DOD chief information officer (CIO).

The policy is significant and sets an important precedent, said Tony Stanco, director of the Center of Open Source & Government and associate director of the Cyber Security Policy & Research Institute at George Washington University in Washington, D.C.

"This is the first time the federal government in the U.S. has given an official policy towards open source," he said. "The policy puts it at a level playing field with proprietary software and that is exactly the way it should be. Open source before wasn't discussed and that makes people wonder if they should use it."

Stanco heralds the DOD policy as a victory for the open-source movement and sees it as a precedent that will lead to a jump in usage of open-source software at DOD and elsewhere at government organizations worldwide.

"Open source has gone legitimate, the U.S. government was being lobbied very hard not to go this way by the software industry," he said. "This policy legitimizes the use of open source right around the world."

Breaking the silence on open source does not mean the DOD is picking favorites, said Lieutenant Colonol Ken McClellan, a Pentagon spokesman.

"This memo sets out an even-handed approach to software acquisition and that is what it has always been (at the DOD)," he said on Friday.

Lack of a policy has not held back adoption of open-source software at the DOD, according to a Mitre Corp. study released early this year. In fact, the DOD to a large degree depends on free and open-source software for infrastructure support, software development, security and research, Mitre found.

One paragraph in the short DOD memorandum is reserved for an explanation of open-source licensing, particularly General Public License (GPL) requirements. Under the GPL, the most prevalent open-source license, users have to make any changes to the source code public when distributing the software. Linux, for example, is licensed under the GPL.

Stenbit in his memo tells those in charge of acquiring software at DOD to comply with all licensing requirements and "strongly" encourages them to consult a lawyer to make sure that the implications of the license are fully understood.

One expert said the GPL should not be a major hurdle for the DOD. Confidential software code should be built on top of open-source code and not be part of the core code, circumventing the public release requirement, said Bruce Perens, an open-source advocate.

"That means that ultra-secret software should probably be a user-mode application and not be part of the kernel. Simple decisions like that need to be made when developing software," he said.

According to Perens, the DOD considered banning GPL software, but decided against doing that because it is already widely used in the DOD. Furthermore, there is a clear benefit for the DOD to have full control over the software, he said.

Microsoft Corp., the world's largest software vendor and based in Redmond, Washington, has faced increased competition from open-source products in markets around the world, especially in emerging countries. Steve Ballmer, Microsoft's chief executive officer, in a memo sent earlier this week called noncommercial software and Linux in particular a "competitive challenge."

"IBM’s endorsement of Linux has added credibility and an illusion of support and accountability, although the reality is there is no 'center of gravity,' or central body, investing in the health and growth of non-commercial software or innovating in critical areas like engineering, manageability, compatibility and security," Ballmer wrote to highlight why he thinks Microsoft's products are superior.

In a statement Thursday, Microsoft said it is "committed to working with the DOD to deliver products that meet its requirements and deliver cost effective, value-based solutions." Microsoft thinks it is "notable" that the DOD's policy says that people need to be aware of the software licenses they use. "Licensing terms are important but sometimes overlooked," according to Microsoft, which itself has been under fire from users over its licensing restrictions and cost.

A copy of Stenbit's memo can be found on the Center of Open Source & Government Web site,

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about IBM AustraliaMicrosoft

Show Comments