policy development framework for open source software
DESCRIPTION
TRANSCRIPT
Oregon's Policy Development Framework for OSS Procurement & Use
Oregon's Policy Development Framework for OSS Procurement & Use
Bob DeVyldereOregon Water Resources DepartmentOregon Water Resources Department
Chair of Open Source Community of PracticeChair of Open Source Community of Practice
Ben BerryOregon Department of TransportationOregon Department of Transportation
Chair, Oregon CIO CouncilChair, Oregon CIO Council
15 October 20072007 Government Open Source Conference
Third Annual GOSCON, October 15-16, 2007, Portland, Oregon Third Annual GOSCON, October 15-16, 2007, Portland, Oregon
CollaborationCollaboration
Acquisition& Use
IT Procurement and Acquisition / Use Alignment is Elusive
ITProcurement
Due Diligence
• Policy
• Legality
• High Cycle Time
On-Demand Processing
• Download and Use
• Fast-Track Acquisition
• Improved Cycle Time
Acquisition& Use
Service Excellence Goals is the Driver
ITProcurement
Developing the Right Perspective is Critical!
Acquisition& Use
ITProcurement
Required
• Legality
• Process
• Compliance
Goals
• Least Cost
• Competitive Processes
• Dependable Solutions
• Improved Efficiencies
• Community Sourcing Support
A shared interest in ensuring efficiently acquired, supportable solutions that drive Best-in-Class Service Excellence and
Competitive Advantage.
Open Source Inventory
Results Survey
Community Source
Framework
Value Goal: Enable Best-in-Class Service
Delivery
State of OregonOpen Source Community of Practice
Open Source Licensing and
Acquisition
Desktop Software
Evaluation
Leverage State
Agencies
High Performance Offerings
Software Evaluation Methodology
Open Desktop Evaluation Model
Solving Barriers to Entry
Decision Tree
OSS Instances by Agency
OSS Instances by Category Type
OSS Product Distribution Pattern
Recommendation Development
State’s Strategic Thinking
Procurement Policies
Level Playing Field of Sourcing Method
Risk Management / Mitigation
So, how do we build Communities of Practice and a Culture of Collaboration?
from http://xkcd.com
So, what is a Community of Practice?
Business Problem/
Oppty
Sponsorship/
Stakeholders
Process Method/Outc
omes
Team Charge
Key Benefits
BusinessObjectives
“Groups of people who share a passion for something that they know how to do, and who interact on a regular basis to learn how to do it better”
- Etienne Wenger
Why put so much energy and resources into an OSS Community of Practice?
Oregon is a leader in open source innovation and uses Open Source Software as economic driver.
New innovative development and sharing OSS applications is a dominant 21st Century business force.
Principle of OSS is that users are provided source code IT programs, but are they really free to use, share, modify and enhance software products?
The goal is widespread interoperability, permissive incorporation into new technologies and new systems, and control over the destiny of the systems employed by users and organizations.
1.1.
2.2.
3.3.
4.4.
What is a Community of Practice?
Domain Community
Practice
Shared
Vision
Open SourceOpen SourceIn OregonIn Oregon
GovernmentGovernment
The data gleaned from the participating agencies provides a partial view of information that is
indicative of “real” usage of open source software products within State of Oregon agencies.
Participating Agencies
52%
Non-Participating
Agencies 48%
Oregon Agencies Use of Open Source Products
16
15
Open Source Consideration
Cost Reductions Customer wants IT solutions that are least cost and competitive, but dependable.
Support performance through sharing of key Open Source community resources.
Time-to-Market
Community Sourcing
Improving the efficiency of business operations through fast-track acquisition practices.
Capture & Correlate Event/Exception
Integrated Services
Composite Events
Virtualization
Application Services
Communication & Collaboration
Content Management
Process Management
Development Environments
Enterprise Applications
Oregon’s Open Source Software Inventory Project
Inventory
Start
ODOT Open Source SolutionsDifferentiator Products Maturity
Application Servers 3 176 3 176 3 13 1
•• PerlPerl•• Jboss Java Server for Adobe and FileNetJboss Java Server for Adobe and FileNet
Collaboration•• OpenOfficeOpenOffice•• JavaMailJavaMail API Version 1.2API Version 1.2
DBMS•• MySQLMySQL•• jTDSjTDS JDBC Driver version 1.2JDBC Driver version 1.2
Development Tools
•• Apache Axis Web Services Version 1.1 1021 Apache Axis Web Services Version 1.1 1021 •• Apache Tomcat Version 4.1Apache Tomcat Version 4.1•• Apache XML Security Version 1.0.5D2Apache XML Security Version 1.0.5D2•• BlueJBlueJ•• Castor XML Data binding Library Castor XML Data binding Library VerVer 9.5.2/9.5.4 9.5.2/9.5.4 •• Jakarta Tomcat Connector 1.2.15Jakarta Tomcat Connector 1.2.15•• Java API for Java API for ServletsServlets Version 2.3.1Version 2.3.1•• Java Run Time Environment (JRE) 1.4 Java Run Time Environment (JRE) 1.4 •• XML Parser required by Axis XML Parser required by Axis VerVer 2.5.0 (2.5.0 (XercesXerces))•• Eclipse IDE (Java development)Eclipse IDE (Java development)•• GnomeGnome•• Java Development Kit (JDK 1.4.2_07)Java Development Kit (JDK 1.4.2_07)•• jEditjEdit•• PHPPHP•• PythonPython
Integration Service•• OpenSTAOpenSTA•• JMagickJMagick Version 5.5.7 Q8 JNI APIVersion 5.5.7 Q8 JNI API
Presentation•• FireFox BrowserFireFox Browser•• Paint .NET & GIMP:Paint .NET & GIMP: Image editingImage editing•• ThunderbirdThunderbird
Instances
2 22 22 12 1
2 7 2 7 2 12 1
5 15 15 795 794 14 14 24 21 341 345 15 15 15 15 4,500+5 4,500+5 15 15 165 164 14 15 1815 1814 34 33 63 64 4324 4321 11 11 11 1
Operating System •• LinuxLinux 1 681 681 971 972 22 22 12 1
1=Low; 5=High
Plus Mainframe Linux PartitionPlus Mainframe Linux Partition
ODOT Open Source SolutionsDifferentiator Products Maturity
Application Servers 3 176 3 176 3 13 1
•• PerlPerl•• Jboss Java Server for Adobe and FileNetJboss Java Server for Adobe and FileNet
Collaboration•• OpenOfficeOpenOffice•• JavaMailJavaMail API Version 1.2API Version 1.2
DBMS•• MySQLMySQL•• jTDSjTDS JDBC Driver version 1.2JDBC Driver version 1.2
Development Tools
•• Apache Axis Web Services Version 1.1 1021 Apache Axis Web Services Version 1.1 1021 •• Apache Tomcat Version 4.1Apache Tomcat Version 4.1•• Apache XML Security Version 1.0.5D2Apache XML Security Version 1.0.5D2•• BlueJBlueJ•• Castor XML Data binding Library Castor XML Data binding Library VerVer 9.5.2/9.5.4 9.5.2/9.5.4 •• Jakarta Tomcat Connector 1.2.15Jakarta Tomcat Connector 1.2.15•• Java API for Java API for ServletsServlets Version 2.3.1Version 2.3.1•• Java Run Time Environment (JRE) 1.4 Java Run Time Environment (JRE) 1.4 •• XML Parser required by Axis XML Parser required by Axis VerVer 2.5.0 (2.5.0 (XercesXerces))•• Eclipse IDE (Java development)Eclipse IDE (Java development)•• GnomeGnome•• Java Development Kit (JDK 1.4.2_07)Java Development Kit (JDK 1.4.2_07)•• jEditjEdit•• PHPPHP•• PythonPython
Integration Service•• OpenSTAOpenSTA•• JMagickJMagick Version 5.5.7 Q8 JNI APIVersion 5.5.7 Q8 JNI API
Presentation•• FireFox BrowserFireFox Browser•• Paint .NET & GIMP:Paint .NET & GIMP: Image editingImage editing•• ThunderbirdThunderbird
Instances
2 22 22 12 1
2 7 2 7 2 12 1
5 15 15 795 794 14 14 24 21 341 345 15 15 15 15 4,500+5 4,500+5 15 15 165 164 14 15 1815 1814 34 33 63 64 4324 4321 11 11 11 1
Operating System •• LinuxLinux 1 681 681 971 972 22 22 12 1
1=Low; 5=High
Plus Mainframe Linux PartitionPlus Mainframe Linux Partition
ODOT Open Source SolutionsDifferentiator Products Maturity
Application Servers 3 176 3 176 3 13 1
•• PerlPerl•• Jboss Java Server for Adobe and FileNetJboss Java Server for Adobe and FileNet
Collaboration•• OpenOfficeOpenOffice•• JavaMailJavaMail API Version 1.2API Version 1.2
DBMS•• MySQLMySQL•• jTDSjTDS JDBC Driver version 1.2JDBC Driver version 1.2
Development Tools
•• Apache Axis Web Services Version 1.1 1021 Apache Axis Web Services Version 1.1 1021 •• Apache Tomcat Version 4.1Apache Tomcat Version 4.1•• Apache XML Security Version 1.0.5D2Apache XML Security Version 1.0.5D2•• BlueJBlueJ•• Castor XML Data binding Library Castor XML Data binding Library VerVer 9.5.2/9.5.4 9.5.2/9.5.4 •• Jakarta Tomcat Connector 1.2.15Jakarta Tomcat Connector 1.2.15•• Java API for Java API for ServletsServlets Version 2.3.1Version 2.3.1•• Java Run Time Environment (JRE) 1.4 Java Run Time Environment (JRE) 1.4 •• XML Parser required by Axis XML Parser required by Axis VerVer 2.5.0 (2.5.0 (XercesXerces))•• Eclipse IDE (Java development)Eclipse IDE (Java development)•• GnomeGnome•• Java Development Kit (JDK 1.4.2_07)Java Development Kit (JDK 1.4.2_07)•• jEditjEdit•• PHPPHP•• PythonPython
Integration Service•• OpenSTAOpenSTA•• JMagickJMagick Version 5.5.7 Q8 JNI APIVersion 5.5.7 Q8 JNI API
Presentation•• FireFox BrowserFireFox Browser•• Paint .NET & GIMP:Paint .NET & GIMP: Image editingImage editing•• ThunderbirdThunderbird
Instances
2 22 22 12 1
2 7 2 7 2 12 1
5 15 15 795 794 14 14 24 21 341 345 15 15 15 15 4,500+5 4,500+5 15 15 165 164 14 15 1815 1814 34 33 63 64 4324 4321 11 11 11 1
Operating System •• LinuxLinux 1 681 681 971 972 22 22 12 1
1=Low; 5=High
Plus Mainframe Linux PartitionPlus Mainframe Linux Partition
Oregon State GovernmentOpen Source Inventory Process Map
End
Acquire tool or formulate other
way of doing inventory
Determine listof products for
search
Search for Open Source inventory
Produce report;, send to Project
Team forcollection
Project to reportto CIO Council
Yes
CIO Council Approves Project
inventory tool?
Agency has No
The Open-Source Stacks: Growing Up
SugarCRM, Compiere, OhioedgeEnterprise Applications
Zope, phpBB, Nukes, PostNukeCollaboration
Linux, FreeBSDOperating System
Security Snort, Nessus
Virtualization Xen
OpenLDAPDirectory Services
MySQL, PostgreSQL, Firebird, IngresRDBMS
JBoss, JonAS, Application Servers
Enterprise Service Bus Celtix, ServiceMix
OpenadaptorIntegration Services
Eclipse, NetBeans, PHP, Perl, Struts, Hibernate, Spring
Development Tools
OpenflowProcess Management
Lucene, ht://DigSearch
Jetspeed, Gluecode, Zope, uPortal, LiferayPresentation
Midgard, OpenCMS, Lenya, Typo3, Red HatContent Management
Products Maturity
Open-Source SW Instancesby Oregon Reporting Agency
Gartner Open Source Categories
AGENCY App
licat
ion
Ser
vers
Col
labo
ratio
nC
onte
nt M
anag
emen
t
Dev
elop
men
t Too
lsD
irect
ory
Serv
ices
Ent
erpr
ise
App
licat
ions
Inte
grat
ion
Ser
vice
sO
pera
ting
Sys
tem
Pre
sent
atio
nP
roce
ss M
anag
emen
t
RD
BM
S
Sea
rch
Sec
urity
Virt
ualiz
atio
nG
rand
Tot
al
Admin Services 2 6 10 1 3 7 2 4 35Consumer & Bus. Serv. 7 2 1122 2 21 10 2 1166Corrections 15 18 2 154 9 2 2 202Education 1 10 11Employment 10 400 3 1728 54 5 1 2201Environmental Quality 1 1 12 1 15Human Resources 34 30 48 15247 9 2984 3 101 340 221 7 19024Lottery 22 14 1 19 6 77 1 49 29 1 5 53 277PERS 4 6 2 1 1 1 15Public Safety 113 113Revenue 11 1 1 157 61 3 21 31 11 1200 1497State Data Center 8 8 2 25 2 15 18 7 5 52 142State Police 28 6 2016 14 42 27 50 4 1 55 20 2263Transportation 82 2 5355 1 68 101 8 5617Water Resources 1 4 3 3 8 19Grand Total 221 483 67 25853 34 3181 14 370 710 10 246 3 185 1220 32597
Open-Source SW Instances by Agency
1
10
100
1000
10000
100000
Admin Services
Consumer & Bus. Serv.
Corrections
Education
Employment
Environmental Quality
Human Resources
Lottery
PERS
Public Safety
Revenue
State Data Center
State Police
Transportation
Water Resources
Open-Source SW Instancesby Category Type
Oregon Reporting Agencies
SOFTWARE CATEGORY A
dmin
Ser
vice
sC
onsu
mer
& B
us. S
erv.
Cor
rect
ions
Edu
catio
nE
mpl
oym
ent
Env
iron
men
tal Q
ualit
y
Hum
an R
esou
rces
Lotte
ry
PER
S
Pub
lic S
afet
yR
even
ue
Sta
te D
ata
Cen
ter
Sta
te P
olic
eTr
ansp
orta
tion
Wat
er R
esou
rces
Gra
nd T
otal
Application Servers 2 7 15 10 1 34 22 11 8 28 82 1 221Collaboration 2 18 1 400 1 30 14 1 8 6 2 483Content Management 6 2 3 48 1 4 1 2 67Development Tools 10 1122 154 10 1728 15247 19 6 157 25 2016 5355 4 25853Directory Services 9 6 2 14 3 34Enterprise Applications 2 2984 77 61 15 42 3181Integration Services 1 3 1 2 3 1 3 14Operating System 3 21 54 101 49 21 18 27 68 8 370Presentation 7 10 9 12 340 29 1 113 31 7 50 101 710Process Management 1 5 4 10RDBMS 2 2 2 5 221 5 1 8 246Search 2 1 3Security 4 1 1 7 53 1 11 52 55 185Virtualization 1200 20 1220Grand Total 35 1166 202 11 2201 15 19024 277 15 113 1497 142 2263 5617 19 32597
Open-Source SW Instances by Type
1
10
100
1000
10000
100000
Admin
Serv
ices
Consu
mer &
Bus.
Serv
.
Corre
ctio
ns
Educatio
n
Emplo
yment
Enviro
nmenta
l Qualit
y
Hum
an R
esourc
es
Lottery
PER
S
Public S
afety
Reve
nue
State
Data
Cente
r
State
Polic
e
Transp
ortatio
n
Wate
r Reso
urces
Application Servers
Collaboration
Content Management
Development Tools
Directory Services
Enterprise Applications
Integration Services
Operating System
Presentation
Process Management
RDBMS
Search
Security
Virtualization
State of OregonOpen-Source SW Products
Top 20 Open Source Products
Other 6.6%
Red Hat Linux 0.2%
TortoiseCVN/SVN 0.2%
OpenSSH 0.1%
Apache Tomcat 0.4%
PuTTY 0.6%
Perl 0.7%
FileZilla 0.7%
MySQL 0.8%
Java Development Kit1%
Mozilla Firefox 1.9%
Python 2.0%7-ZIP 2.6%
Sun Java 3.1%
Open Office 1.4%
UltraVNC 3.8%
PDFCreator 6.3%
VNC 8.4%
Java Runtime Environment 63.9%
Appache HTTPServer 0%
Misc 1.5%
Linux 0.2%
State of Oregon Open-Source SW Products1 Product Total % Product Total % Product Total % Product Total %2 Java Runtime Environment 20515 63.8% 45 Ad Aware 13 0.0% 89 VIM 4 0.0% 133 DHCP 1 0.0%3 VNC 2709 8.4% 46 Subversion 13 0.0% 90 WinSCP 4 0.0% 134 Dia 1 0.0%4 PDFCreator 2014 6.3% 47 Wireshark 12 0.0% 91 CD Burner XP Pro 3 0.0% 135 Diki Wiki 1 0.0%5 UltraVNC 1214 3.8% 48 Cygwin 11 0.0% 92 CVS 3 0.0% 136 Drupal 1 0.0%6 Sun Java 1000 3.1% 49 NetBeans IDE 11 0.0% 93 Fedora Core 3 0.0% 137 FireWall Builder 1 0.0%7 7-ZIP 834 2.6% 50 GAIM 10 0.0% 94 GNU Grep 3 0.0% 138 Gnome 1 0.0%8 Python 636 2.0% 51 Mozilla Thunderbird 10 0.0% 95 ImageMagick 3 0.0% 139 GNU Aspell 1 0.0%9 Mozilla Firefox 604 1.9% 52 Open SSH 10 0.0% 96 kde 3 0.0% 140 Gnu Make 1 0.0%
10 Open Office 463 1.4% 53 Password Safe 10 0.0% 97 Nagios 3 0.0% 141 GnuWin32: Bison 1 0.0%11 Java Development Kit 319 1.0% 54 StarUML 10 0.0% 98 PostGreSQL 3 0.0% 142 Helix 1 0.0%12 MySQL 244 0.8% 55 Struts 10 0.0% 99 RSSOWL 3 0.0% 143 IRM Inventory 1 0.0%13 FileZilla 230 0.7% 56 True Crypt 10 0.0% 100 WINMERGE 3 0.0% 144 Jabber 1 0.0%14 Perl 222 0.7% 57 Apache Ant 9 0.0% 101 BIND 2 0.0% 145 Jakarta Tomcat Connector 1 0.0%15 PuTTY 178 0.6% 58 Exadel 9 0.0% 102 CopSSH 2 0.0% 146 JBoss Portal 1 0.0%16 Apache Tomcat 141 0.4% 59 R for Windows 9 0.0% 103 Crimson Editor 2 0.0% 147 Jmagick 1 0.0%17 Linux 76 0.2% 60 Selenium 9 0.0% 104 CruiseControl 2 0.0% 148 jTDS JDBC Driver 1 0.0%18 Appache HTTP Server 67 0.2% 61 TestNG 9 0.0% 105 FWTK 2 0.0% 149 Nedi 1 0.0%19 Red Hat Linux 65 0.2% 62 The Grinder 9 0.0% 106 GNU Privacy Guard 2 0.0% 150 Net Disco 1 0.0%20 TortoiseCVN/SVN 56 0.2% 63 GIMP 8 0.0% 107 GNUCC 2 0.0% 151 NetDisco 1 0.0%21 OpenSSH 45 0.1% 64 nmap 8 0.0% 108 GnuWin32: GSAR 2 0.0% 152 Netscape 1 0.0%22 MRTG 41 0.1% 65 SendMail 8 0.0% 109 GnuWin32: GZIP 2 0.0% 153 NTOP 1 0.0%23 AppExceptionHandler 40 0.1% 66 Snort 8 0.0% 110 ICSharpCode 2 0.0% 154 Open NMS 1 0.0%24 Eclipse 38 0.1% 67 SSH 8 0.0% 111 IPTables 2 0.0% 155 OpenSUSE 10.2 1 0.0%25 Castor XML 34 0.1% 68 tcpdump 8 0.0% 112 JBoss Application Server 2 0.0% 156 Opera 1 0.0%26 Exodus 30 0.1% 69 gzip 6 0.0% 113 Junit 2 0.0% 157 Ophcrack 1 0.0%27 PHP 28 0.1% 70 Nessus 6 0.0% 114 krdc 2 0.0% 158 Postfix 1 0.0%28 SUSE Linux 27 0.1% 71 OpenLDAP 6 0.0% 115 Lucene 2 0.0% 159 Process Explorer 1 0.0%29 EtherReal 23 0.1% 72 OpenSSL 6 0.0% 116 MediaWiki 2 0.0% 160 RUBY 1 0.0%30 GTK+ 21 0.1% 73 RedMon 6 0.0% 117 NOTEPAD++ 2 0.0% 161 Scrutinizer 1 0.0%31 ORMAP Toolbar 20 0.1% 74 Spark Instant Messenger 6 0.0% 118 OpenNMS 2 0.0% 162 sed 1 0.0%32 WinPCap 20 0.1% 75 VMS Server 6 0.0% 119 Asset Navigator 1 0.0% 163 SISSy 1 0.0%33 PrimoPDF 19 0.1% 76 Audactiy 5 0.0% 120 Atutor 1 0.0% 164 Stunnel 1 0.0%34 Hibernate 15 0.0% 77 Fedora Linux 5 0.0% 121 Awk 1 0.0% 165 SysInternal 1 0.0%35 Jasper Reports 15 0.0% 78 GCC 5 0.0% 122 Base 1 0.0% 166 TCL/TK 1 0.0%36 JSF 15 0.0% 79 KDIFF3 5 0.0% 123 Big Brother 1 0.0% 167 WeatherMapRRD 1 0.0%37 Log4J 15 0.0% 80 OpenSTA 5 0.0% 124 Blat 1 0.0% 168 Web Services - Axis 1 0.0%38 Spring 15 0.0% 81 Samba 5 0.0% 125 Bugzilla 1 0.0% 169 Webalizer 1 0.0%39 WinCVS 15 0.0% 82 SugarCRM 5 0.0% 126 Bview 1 0.0% 170 WeebleFM 1 0.0%40 ActivePerl 14 0.0% 83 BlueJ 4 0.0% 127 Cake 1 0.0% 171 Wildfire 1 0.0%41 AFPL GHOSTSCRIPT 14 0.0% 84 GNU Ghostscript 4 0.0% 128 CheckStyle 1 0.0% 172 WS FTP 1 0.0%42 LDAP 14 0.0% 85 jEdit 4 0.0% 129 Core FTP Lite 1 0.0% 173 Xerces 1 0.0%43 Rsync 14 0.0% 86 Joomla 4 0.0% 130 CUPS 1 0.0% 174 Xming Server 1 0.0%44 Spybot 14 0.0% 87 Open VPN 4 0.0% 131 CVSNT 1 0.0% 175 Zend 1 0.0%
88 Request Tracker 4 0.0% 132 DB Visualizer 1 0.0% 176 Grand Total 32133 100.0%
Hype Cycle for Open Source Software 2007
Shared
Vision
Open SourceOpen SourceSoftware & Use Software & Use in Oregon State in Oregon State
GovernmentGovernment
“A Formal Enterprise Policy for Acquisition and Use of Open-Source Software in Oregon State Government May Be Essential to Effectively Satisfy Enterprise and Agency Business Objectives and Applicable Legal and Procurement Requirements.”
“A Formal Enterprise Policy for Acquisition and Use of Open-Source Software in Oregon State Government May Be Essential to Effectively Satisfy Enterprise and Agency Business Objectives and Applicable Legal and Procurement Requirements.”
COMMERCIAL VALUE
REQUIRED POLICY DEVELOPMENT
STATE AUTHORITY
INTELLECTUAL PROPERTY
INTENT
• State to acquire, maintain SW as valuable “IP”.• Critical component of information del. strategy.• Acquired with applicable law, regulation & policy.
• State intends to acquire and use OSS as appropriate for projects and enterprise business objectives, while in legal compliance.
• Currently there is no formal policy of OSS acquisition, use & distribution.
• Intent is to modify current policies to create fair competitive arena for Best Value.
• OSS has commercial value and is typically available via acquisition in conjunction with a reciprocal SW license.
• State applies a Total Cost of Ownership to assess price, i.e., full life cycle cost.
• State has authority to engage Closed & Open Source software providers.
• State’s 1-7 sourcing procurement methods apply.
Oregon’s Open Source Strategic Thinking
Small Procurement
Intermediate Procurement
Competitive Sealed Bidding
Competitive Sealed Proposals (RFP)
Sole Source Procurement
Emergency Procurement
Special Procurement
Acquisitions
$5K or less, or Gift
$150K or less
Open
Open
Open
Open
Open
Financial Authority
Non Competitive, Direct purchase, Single supplier
Informal Competition
Low Cost Selection
Perceived Value Selection
Single Source, Product or both
Normal competition requirements Relaxed
or Suspended
Special process when other sourcing will not
work effectively
Sourcing Methods
Seven (7) Types of Sourcing Methods
Current Acquisition and Use of OSS
The typical OSS Distribution Model involves a simple “no-cost” download of software from the Internet; but growing Business-centric OSS Distribution Models include:
OSS and Services, i.e., OSS at no initial cost and related Service and Support at cost;
OSS Mixed, i.e., OSS with OS code base and Closed Source or Proprietary add-ons;
Proprietary OSS, i.e., applications available with a more traditional proprietary license that authorizes users to modify the application without having to redistribute code changes to the public;
Integrated OSS, i.e., diverse OSS already integrated into more consumable units; and
Hardware and OSS, i.e., Hardware manufacturers using OSS as a foundational component in system operation.
Current Acquisition and Use of OSS
State OSS Usage. Despite not having a formal, enterprise-level OSS acquisition and use policy, State Government has acquired and uses OSS.
Staff OSS Downloads. Over time, the products have appeared through multiple avenues in diverse agencies. The typical acquisition scenario may be a technician’s perceived “no-dollar” cost download of particular OSS ( or Freeware or other procured software with embedded OSS) for some specific operational need.
Vendor Bundling OSS. Vendors have also bundled OSS with their closed source solution sets. This is another way the organizations discover they already are using OSS.
OSS Perceived Value. OSS has remained because of perceived business or technical value in its use.
State Accountability. The State must account for its existing OSS inventory in order to develop effective policies around current and future OSS acquisition and use.
Current Acquisition and Use of OSS
State’s Risk Management. In reaping OSS benefits value, the State must remove or minimize its risk attendant to random acquisition and use of the software, e.g.:
OSS License compliance issues;
Inefficient maintenance and support;
Inconsistent “buy” decisions;
Maverick products that don’t integrate and interoperate within the established architecture and enterprise;
Failure to fully realize cost savings;
Incomplete or non-existent technical, business and legal review; and
Violation of applicable law, regulation and policy.
Procurement
OSS as Gift? Most staff have likely perceived the typical OSS transaction of a no-cost download as a “free” gift, which does not implicate formal or even informal procurement considerations.
License Acceptance. In particular, where the transaction ends with the staff member’s acceptance of an accompanying Software License, this assessment may not be supported by applicable law.
Intellectual Property. The OSS constitutes valuable intellectual property. Acceptance of the accompanying license is valuable consideration in exchange for use of the downloaded software.
Procurement
Exchange Agreement. The parties have each benefited and sacrificed in their mutual agreement to exchange valuable items – the essence of a “contract.”
Recognition of Gifts. Moreover, the State’s current law does not recognize the concept of “gift” separately from the concepts of “purchase” or “procurement.” ORS 71.2010(32), ORS 279A.010(u), and ORS 279B.050.
Acceptance of Software License. The simple download of OSS in exchange for acceptance of a Software License implicates procurement issues and considerations for resolution.
Oregon’s Findings To Date
OSS as Viable Solutions. OSS development and distribution provide viable information systems solutions.
OSS Maturity. OSS is maturing in its diversity of offerings and technical functionality, and is having a growing impact and increasingly noticeable effect on the Software industry.
OSS as Competitive Alternative. Open-Source solutions will increasingly compete with a broad range of Closed-Source products in all markets.
OSS is valuable IP, and is increasingly becoming a critical component of information enterprise strategies and infrastructures in local, state, national and global venues – including the State of Oregon.
Oregon’s Findings To Date
Procurement Event? The acquisition of OSS should likely be regarded as a procurement event.
Legality Process. The inherent value in OSS acquisition and use far outweighs the attendant risks; provided OSS is consistently acquired and used in consonance with applicable law, regulation and established policy.
Usage. The State should acquire and use OSS as appropriate for specific project and enterprise business objectives; but should do so only in compliance with applicable law, regulation and established policy.
Oregon’s Findings To Date
Maximize OSS Utility. Development and implementa-tion of formal acquisition and use policies for OSS will maximize the utility of OSS use in all respects, including without limitation:
Functionality;
Integration;
Interoperability;
Management of acquisitions through a common efficient process;
Efficient management of acquired assets;
Ensuring license compliance; and
Ensuring compliance with governmental enterprise business objectives and public procurement law.
Shared
Vision
Desktop Desktop Software Software
EvaluationEvaluation
1 Software Evaluation Methodology
2 Open Desktop Evaluation Model
3 Solving Barriers to Entry
4 Decision Tree
Desktop Software Evaluation
Open Desktop Evaluation ModelFour Layers of Hierarchical Impact
O
the
rs
So
laris
Win
do
ws
XP
o
r Vis
ta
Lin
ux
(S
use/R
edh
at)
MA
C
OS
Infrastructure LayerDatabases – Network – Servers - Mainframes.
Applications LayerMS Office – Open Office – Terminal Emulators
and Others!
Applications LayerMS Office – Open Office – Terminal Emulators
and Others!
EndEndUserUser
ExperienceExperience
EndEndUserUser
ExperienceExperience
Desktop Operating Sys.Desktop Operating Sys.
The Open Source Desktop initiative highlights the need for an unbiased approach to evaluating software for the desktop. The methodology used needs to encompass all of the normal business criteria, the work flow a user would follow to perform their job and the platform best suited for this type of work. Our work focuses on
In-Scope: The technical feasibility of instituting an
open source desktop.
Out of Scope: Total cost of ownership, administrative desire,
political will, and procurement and other legal issues will be
addressed as follow on or parallel studies.
Conceptual FrameworkHolistic Approach to Desktop PC Product Evaluation
Software Evaluation Methodology. While considering Open Source Software for the Desktop, one should separate the reviewing and testing portion of the open source software (OSS) applications from the reviewing and testing of the operating system.
By doing so, allows a two prong approach to evaluating the feasibility of incorporating the OSS application independent of the operating system.
The advantage of this approach is in helping agencies determine the viability of OSS applications in their current IT environment, while avoiding the possibility that an open source operating system may have compatibility issues with a well establish IT infrastructure
Conceptual FrameworkHolistic Approach to Desktop PC Product Evaluation
Conceptual FrameworkHolistic Approach to Desktop PC Product Evaluation
Solution Selection Criteria
Evaluates total cost of ownership elements to reveal ongoing savings.
Evaluates total cost of ownership elements to reveal ongoing savings.
SolvingBarriers to Entry
• Switching costs - End user training - Support staff training - Do apps work with new OS?
• If you have to buy closed source SW to enable open source SW, this changes the value proposition.
• Smooth integration to heterogeneous environment
• Need to remove dependency of additional back office solutions to make things work! (Suse /Zenworks)
• End user experience can be fragmented if more than one OS is needed.
• Switching costs - End user training - Support staff training - Do apps work with new OS?
• If you have to buy closed source SW to enable open source SW, this changes the value proposition.
• Smooth integration to heterogeneous environment
• Need to remove dependency of additional back office solutions to make things work! (Suse /Zenworks)
• End user experience can be fragmented if more than one OS is needed.
Decision Tree
• Switching Costs
• Functionality
• Usability
• Reliability
• Productivity
• Supportability
• End User Experience
• Switching Costs
• Functionality
• Usability
• Reliability
• Productivity
• Supportability
• End User Experience
Open Source Community of Practice
Ask yourself, do we have a Culture of Collaboration?
Conclusions
Desktop Evaluation Methodolo
gy
Open SourceSoftware Use in Oregon State Government
Start with a Software Evaluation
Methodology
Include an Open Desktop
Evaluation Component
Encountered Barriers can
influence Decision
Open Source Inventory
Improved efficiency of business operations via fast-track acquisition practicesOSS software
arrives via Technical Staff downloads and Vendor product
bundling
Customers want IT solutions that are least cost and competitive, but dependable
Most CIO’s can discover their OSS
install base by network PC and
server scanning!
The Goals:Best-in-class
Services,Technologies, Processes and
People in support of our
Customers
State intends to acquire and use OSS as appropriate for projects and enterprise business objectives
For risk management, OSS must be acquired with applicable law, regulation & policy
Intent is to modify current policies to create fair
competitive arena for
Best Value
Thank You!Thank You!
Third Annual GOSCON, October 15-16, 2007, Portland, Oregon Third Annual GOSCON, October 15-16, 2007, Portland, Oregon
Bob DeVyldereOregon Water Resources DepartmentOregon Water Resources Department
Chair of Open Source Community of PracticeChair of Open Source Community of Practice
Ben BerryOregon Department of TransportationOregon Department of Transportation
Chair, Oregon CIO CouncilChair, Oregon CIO Council
CollaborationCollaboration