Nearly all publicly-available open source software (OSS) is commercial software. Unfortunately, many government officials and contractors fail to understand this. This misunderstanding can result in higher costs, longer delivery times, and reduced quality for government systems. There are also legal risks: government officials and contractors who do not understand this, yet influence the selection or use of software, will probably fail to comply with U.S. law and regulations on commercial software. Finally, such government officials and contractors do not understand the modern commercial software marketplace, and thus are destined to make poor decisions about it.
This article explains why it is important to understand that OSS is commercial; explains why nearly all OSS is commercial software per U.S. law, regulation, and DoD policy; and shows why open source software is commercial even beyond the “letter of the law” because it has all the usual earmarks of commercial practice. But first, we must define the term OSS.
Defining Open Source Software
As the official DoD policy on OSS states, “Open Source Software is software for which the human-readable source code is available for use, study, reuse, modification, enhancement, and redistribution by the users of that software” [DoD2009]. Other definitions for OSS (also called Free Software, Free/Libre/OSS, and FLOSS) include the Free Software Foundations’ “Free Software Definition” and the Open Source Institute’s “Open Source Definition.” Successful OSS is typically co-developed and maintained by people from multiple organizations working together. For general OSS information, see “Open Source Software (OSS) in U.S. Government Acquisitions” (Software Tech News, Vol. 10, No. 2) and [Wheeler2007].
Why is this important?
Acquirers (both government and contractors) risk much by failing to understand that OSS is commercial.
First, they risk ignoring the best possible alternatives that they are required by law to consider. As [DoD2009] attachment 2 part 2 notes, “Executive agencies, including the Department of Defense, are required to conduct market research when preparing for the procurement of property or services by 41 USC Sec. 253a … (see also FAR 10.001…). Market research for software should include OSS when it may meet mission needs.” The Federal Acquisition Regulations (FAR) part 12 requires agencies to “Conduct market research to determine whether commercial items or nondevelopmental items are available that could meet the agency’s requirements.”
Second, they risk failing to comply with U.S. law and regulations that require preference for commercial software (see 10 USC 2377) and a maximal use of commercial software (where practicable). FAR part 12 states that agencies must “(b) Acquire commercial items or nondevelopmental items when they are available to meet the needs of the agency; and (c) Require prime contractors and subcontractors at all tiers to incorporate, to the maximum extent practicable, commercial items or nondevelopmental items as components of items supplied to the agency.”
Finally, there is the risk of paralysis. There are many regulations and local rules about commercial items. Someone who doesn’t realize that nearly all OSS is commercial won’t know what rules to follow, and can become effectively paralyzed. Once they realize that nearly all OSS is commercial, they can usually follow the well-understood rules for commercial software.