Open-source invasion requires defense contractors to form strategic plans

Sun Microsystems Federal President and Chief Operating Officer Bill Vass discusses the challenges and implications of open-source software deployments at the Defense Department.

Open-source technology has gained more than a foothold in the Defense Department. Between the Defense Information System Agency’s Forge.mil open-source software development initiative and a host of other programs using open-source technology for enterprise and battlefield systems, it’s more like a full-scale invasion.

Bill Vass, president and chief operating officer of Sun Microsystems Federal, said he sees open source as a natural fit for the defense community. Sun’s Java, MySQL database and OpenSolaris operating systems, including the TrustedSolaris secure operating system, are all licensed as open-source software, and the company has worked with DISA to make them available on Forge.mil.

With Oracle in the process of acquiring Sun, observers are waiting to see how seriously Oracle will take Sun’s open-source efforts. Vass would not discuss details of how the deal will affect Sun’s presence in the federal and defense markets. But he pointed out the security benefits of open-source software compared to some proprietary commercial software, including Oracle’s.

The Homeland Security Department “has assigned risk levels to IT products based on the severity of the risk and on deployment of the products,” he said. “For example, it just so happens [to show that] the most risky product you can run is the product Microsoft Office. And it isn’t just Microsoft,” he said. There is an argument that can be made, he said, that VMware is “many times more risky to run than RunServer or ZenSource; Oracle Database is many times more risky to run than MySQL; and Microsoft Windows is much more risky to
run than Open Solaris,” he said.

Vass said open source has become an important part of how systems integrators pull together defense projects. But it’s also causing some confl ict in the systems integrator community that serves DOD.

“More and more, we're seeing that DOD is putting into contracts where they want the systems integrators to contribute their code to open-source communities so that it can be reused across the department,” he said. “And that's going to be a huge change, because for the first time, [DOD is] saying — which I think is a smart thing to do — ‘Hey, we paid you to write this code, so we own it, and we want you to open-source it so others can use it.’"

“I think you're going to see a lot of interesting discussions over the next few years with the systems integrators,” Vass said, adding those discussions are likely to generate a certain amount of angst.

“I've been to quite a number of meetings with [systems integrators] where the meetings have started out very excited about this new thing the government's doing and how it's going to facilitate and speed things up, and then their mood swings to, ‘Oh, [no], what does this mean for the rest of our business?’ So there's going to be a lot of business model challenges along with procurement and policy challenges as this evolves,” Vass said.

Regardless, Vass said he believes that a number of open-source technologies are emerging that could have significant impact on defense systems. One of the prime areas, he said, is for geospatial systems. “The Defense Department used to buy a lot of proprietary, very expensive, unique geospatial tools,” Vass said. Now, “you have things like World Wind, [a software project at NASA], and a whole bunch of others that are being developed that are all open source.”