Open source software
The Power of Working in the Open
18F has committed to working with open source software because developing in the open has real benefits, especially for the public sector. The 18F Open Source Policy explains the benefits of open source and answers many common questions about security, licensing, distribution, and exceptions. Our policy is itself open source, which means it can be adapted for state use.
If you’re hoping to get start on open source you may need to make the case for open source software within your office or agency. To that end, you might reference Play 13 (“Default to Open”) in The United States Digital Services’ Playbook; the White House’s published Federal Source Code policy, which mandates that at least 20% of new, custom-developed software be open source code; and 18F’s own open source policy. At the very least, you’ll need to ensure it’s okay for your office or agency to create or contribute to a publicly visible open source software project.
- Our blog entry on facts about publishing open source code in government dispels some common myths about open source software.
Using open source software makes it easier to secure our systems and helps mitigate risks.
It is our belief — generally accepted among a number of security researchers, government officials (including federal CIOs and CTOs) — that well-managed, well-written open source software can be just as secure as closed source software, if not more so.
The Department of Defense Memo on Open Source Software has a great explanation of why hiding source code does not automatically make source code more secure.
Open source software allows defenders, researchers, and IT providers to follow best practices and work together to make the software as secure as possible.
Open source systems are maintained much like closed source systems, but with more options for community support.
Government open source systems — like closed source systems — are maintained by skilled software developers who ensure that applications, operating systems, middleware, and libraries are up-to-date and secure.
In closed source systems, there are limited choices for continued development and support (often within one or several companies).
We work to ensure that an open source solution can be adopted by a larger group in the open source community, to support its ongoing development with the help of a wider community.
When you employ open source software, you are responsible for ensuring it meets your needs — just like closed source software.
Open source software requires quality review and ongoing maintenance, just like closed source software. Without the appropriate expert review, the risk of unknowingly receiving buggy software is the same for both open and closed software.
All software needs to be maintained and updated to continue to function, especially as technology, compliance requirements, and processes change.
As with any government IT solution, closed- or open-source, the burden of ensuring the functionality, security, and operability of the solution ultimately rests with government. Open source software can provide more transparency about the health of government software, and expand options for maintenance. Working in the open can also make vendors more accountable to the software development community because their work is visible.
Open source software supports your team’s technical skill development.
If your internal team needs to develop the technical skills to evaluate, customize, and maintain modern software systems, open source solutions can provide opportunities for workforce development by ensuring access to code. This grounds technical training and talent acquisition in the actual products and processes that are used.