Free and Open Source Software Overview and Preliminary Guidelines for the Canadian Forces

Similar documents
Setting the Standard in Third-party Certification

White Paper. Partners and SIs. Working in Partnership with the Defence and National Security Industry. An Esri UK White Paper

State Machine Modeling of TPED and TPPU. Mr. Ron Funk (DRDC) Mr. Rick Sorensen (Vitech Corp.) NDIA 8 th Sys Engr Conference, San Diego 27 October 2005

Speak Up! The Current State of Knowledge and Practice in Ecological Restoration

Parallelization of an Urban Microscale Flow Model (urbanstream)

Flow Research, Inc. (781) Water Street (781) (fax) Dear Marketing Manager:

Excellencies, Dear colleagues from other agencies and organizations, Ladies and Gentlemen,

Rocky Areas Project Guidance HABITAT

BUSINESS PLAN CEN/TC 250 STRUCTURAL EUROCODES EXECUTIVE SUMMARY

Chapter 1 Introduction

5. Land use database applications

New requirements for IEC best practice compliance

Philadelphia Water Department, Green Infrastructure Implementation Graduate Internship Opportunities Summer 2017

Am I safe working in this building?

Workshop on the Management of Historic Urban Landscapes of the XXth century, December 2007 Chandigarh, India

INTERMOUNTAIN WEST JOINT VENTURE Strengthening Alliances for Conservation

BUSINESS PLAN CEN/TC 239 RESCUE SYSTEMS EXECUTIVE SUMMARY

Toronto East York Community Council. Robert Freedman, Director, Urban Design

epoint.edu.vn page 2 / 5

Professional Security Officer Program(PSOP)

Graduate-Level Course List

CALGARY: City of Animals Edited by Jim Ellis

Comprehensive solutions for greater safety and security Answers for infrastructure.

From Technical Writer to Knowledge Worker

ISO/TC 211 GEOGRAPHIC INFORMATION AND GEOMATICS A FRAMEWORK AND REFERENCE MODEL

SCARBOROUGH SUBWAY EXTENSION. Scarborough Subway Extension. Final Terms of Reference

INTERNATIONAL SEMINAR

LANDSCAPE ARCHITECTURE

CATSI EDM A MILITARIZED SENSOR FOR PASSIVE STANDOFF DETECTION OF CWA

FIRE AND LIFE SAFETY EDUCATOR II NFPA 1035, Chapter 5, 2015 Edition

Historic Environment Scotland

Medical devices and electromagnetic compatibility. Addressing the requirements of IEC , 4 th Edition

Advanced Interior Design Detailing Fall 2016 (4 credits)

INNOVATION THAT LEAVES RISK BEHIND.

Achieve Success with European Medical Device Commercialization. By Russ King

Oracle Retail Distribution Management Release Notes Release October 2007

Protected Areas: Context for Planning and Management Parks Canada Perspective

Achieving Functional Safety with Global Resources and Market Reach

Oracle Retail Management System Release Notes Release Spanish. January 2008

approach to assess the status of NSDIs

Oracle Retail Management System Release Notes Release November 2007

Scottish Natural Heritage. Better places for people and nature

Monitoring for Ecological Integrity and State of the Parks Reporting

Draft Resolution XII.10

Green Infrastructure Project Guidance

Geodesign A-to-Z: Evolution of a Syllabus for Architecture and Engineering. Michele CAMPAGNA. Geodesign A-to-Z:

Lahti Circular Economy Annual Review 2018 Anni Orola (ed.) The Publication Series of Lahti University of Applied Sciences, part 40

COMPANY PROFILE. For more than 40 years, the activities of MOBIAK focused on the development of 3 main fields:

Australian Standard. Gaseous fire extinguishing systems AS (Incorporating Amendment No. 1) AS

Architectural and Engineering Specification for a Real-Time Locating System Flare

BUSINESS PLAN CEN/TC 164 WATER SUPPLY EXECUTIVE SUMMARY

Improved Lifecycle Management for BI. David Brockington SAP Business Objects, Product Management June, 2009

SUSTAINABLE CONSERVATION SYSTEMS FOR PRESERVATION OF MONUMENTS, SITES IN THEIR SETTINGS

HMI of the Future with Experion Orion Console and Experion Collaboration Station Andrew Stuart & Annemarie Diepenbroek, Honeywell

BOISE HP Inc. CAMPUS PROJECT OVERVIEW

PED Workshop Nicosia, 3-5 October, 2005

Securing a Better Future Securing a Better Job The IGS Security Academy guide to careers in the private security industry

Knowledge Based Expert System Computer Aided Climate Responsive Integrated Approach to Architectural Design

Welcome to Everyone. Kia ora koutou katoa

ATSP3. Advanced Technology Support Program III. Comprehensive Solutions for Obsolescence and Performance Issues:

HÜBNER Photonics Coherence Matters.

Manitoba. Round Table. for Sustainable. Development

Construction Products Regulation (EU) No 305/2011

Biodiversity Action Plan Background Information for discussion purposes

Introducing The Reliance 200 and 250 Glassware Washing Systems.

HÜBNER Photonics Coherence Matters.

G4S Americas May 2012

Review of Sign Standards

Resolution XII NOTING also that with the increasingly rapid urbanization, wetlands are being threatened in two principle ways:

Type 5 Certifications:

Transforming Library Services in the digital information environment

A New Approach to ESB Migration Building a foundation for Digital Business

The potential of labelling in landscape management

Industry Perspective on the Globalization of Health Technology Assessment

DGE 2 EUROPEAN UNION. Brussels, 20 September 2017 (OR. en) 2016/0287 (COD) PE-CONS 28/17 TELECOM 158 FC 54 CODEC 1008

Course Catalogue. An evolution of excellence. Welcome to the UTC Fire and Security EMEA Lenel OnGuard Training Catalogue for Value Added Resellers

RE-INTRODUCING: THE BUREAU OF RAILWAY ECONOMICS COLLECTION

M E M O R A N D U M. Please do not vote negatively because of editorial errors. However, please bring such errors to my attention for action.

Community based tourism development in EU Regions. INTERREG EUROPE Brokerage Session 15 th April 2015

USER APPROVAL OF SAFETY INSTRUMENTED SYSTEM DEVICES

Inspiring Technovation

PUBLIC SPACES MASTER PLAN UPDATE (POPS) Crystal City Citizen s Review Council October 24, 2018

CHAPTER 2: PLANNING PRINCIPLES

Principles of Recreation Resource Planning

Because Safety is not found in a Box

SEVENTH SESSION. (Strasbourg, May 2000) Resolution 98 (2000) 1 on historic towns in Europe

Q order intake and sales

Health Technology Assessment (HTA) in Croatia

NEW YORK AND CONNECTICUT SUSTAINABLE COMMUNITIES. Fair Housing & Equity Assessment & Regional Planning Enhancement

BUSINESS PLAN CEN/TC 121 WELDING AND ALLIED PROCESSES EXECUTIVE SUMMARY

DeltaV Analyze. Introduction. Benefits. Continuous automated DeltaV System alarm system performance monitoring

HERITAGE ACTION PLAN. Towards a renewed Heritage Conservation Program. What is the Heritage Action Plan? Key areas of work. A Collaborative Approach

Directorate of the National Archive of Monuments

Chapter 1 Introduction

GGB Learning & Teaching Program:

FORT MYERS BEACH FIRE DEPARTMENT JOB DESCRIPTION

Prereq: FOD 131 or Instructor Permission

DRAFT NFPA 805 TRANSITION PILOT PLANT OBSERVATION GUIDANCE

How To Get the Development You Planned

ENHANCED ODOR-DETECTION SYSTEMS. A Patented System Developed by K-9 Search on Site (K-9 SOS)

Transcription:

Free and Open Source Software Overview and Preliminary Guidelines for the Canadian Forces David Demers Robert Charpentier, Richard Carbone R et D pour la défense Defence R&D

List of Contents Administrative summary (5min) Objectives Study strategy and review process Report overview (10 min) Executive introduction to FOSS Proposed way-ahead for GoC Guidelines to assess FOSS Summary and perspectives for the CF (5 min) FOSS : Free and Open Source Software GoC: Government of Defence R&D Valcartier # 2

Study Context Challenging Context A very complex reality with many biased perspectives Changing very rapidly Huge diversity in the target audience Defence R&D Valcartier # 3

Summary Report on FOSS Synthesis High-level vision Systematically referring to credible, up-to-date, rigorous reports 3-Cycle validation process Cycle 1 DRDC Valcartier Cycle 2 DRDC Corporate HQ Cycle 3 DND/CF and OGD DRDC: DND/CF: OGD: Defence R&D Department of National Defence / Canadian Forces Defence R&D Valcartier # 4 Other Government Departments

DRDC- Advisory Team on FOSS Robert Charpentier, Richard Carbone, Paul-André Côté, David Demers, Martin Salois, Lt Stéphane Fortin, Dr Denis Poussart (U. Laval), Max Blanchet (CGI), Bertrand Couture (DMR) Defence R&D Valcartier # 5

Archive & Report Status Archive : ~ 287 technical reports evaluated Reports : ~ 124 references used in the report ~ 17 topics discussed (~ 59 main statements) ~ 394 selected FOSS introduced Defence R&D Valcartier # 6

Software Free (Gratis Libre) Proprietary (Cost Restricted) Open Source Closed Source Corporate Development Collaborative Development Ex. Eclipse Mature Ex. Apache Risk In-development Defence R&D Valcartier # 7

Report Overview Part #1 Executive Introduction to FOSS R et D pour la défense Defence R&D

FOSS Evolution Approximately 115,000 projects registered more than half of them are inactive (or duplicates) 115-150 software applications on the secure/mature lists Collaborative development evolved in a very efficient process Well-structured Systematic code review and testing Very fast bug fixing Defence R&D Valcartier # 9

FOSS Benefits Mature FOSS repeatedly suggested many benefits Huge diversity of software High flexibility and scalability through code editing High reliability and security through code review One-order of magnitude faster release rate than COTS products Rapid customizing through code reuse High degree of compliance with open standards Lifetime extension of FOSS-based systems without lock-in COTS: Commercial-Off-The-Shelf Defence R&D Valcartier # 10

Current Concerns Version control may be more complex (evolving) System maintainability requires more local resources Higher technical skill needed from system administrators May offer less integration between applications and less userfriendliness (evolving) Defence R&D Valcartier # 11

FOSS around the World European Union is actively adopting FOSS United Kingdom policy and partial migration plan Germany, France & Sweden policy and migration up to desktop 24 countries reviewing policies (as of June 2003) Latin American, African, Oceanian and Asian countries are also moving toward FOSS in varying degrees Main motivations: Direct cost savings Less economic losses at the national level compared with COTS imports Improve national IT expertise in software IT: Information Technology Defence R&D Valcartier # 12

FOSS in the USA FOSS originated largely in the USA and is still strong Many large American corporations contribute to FOSS IBM, Hewlett-Packard, Sun Microsystems, Silicon Graphics etc Some US government initiatives contribute to FOSS NSA offered SE Linux (Security Enhanced Linux) NTA sponsored an impressive Geomatics project (OSPR) NASA used collaborative FOSS development for Mars exploration. Adopting a strong FOSS policy could be problematic for the US Government since the software industry strongly supports the US economy NSA = National Security Agency Defence R&D Valcartier NTA = National Technology Alliance # 13 OSPR = Open Source Prototype Research = Geomatics

FOSS in appeared to be behind the curve in FOSS adoption Some comprehensive initiatives can be found in the education and health sectors GoC position on FOSS adopted on 17 th May 2004 No barriers to procurement Ensuring that GoC staff are aware of the options available Collaboration between departments is encouraged GoC: Government of Defence R&D Valcartier # 14

FOSS and Software Security Access to source code greatly eases security enforcement Other key advantages include: «Leaner and meaner» software systems Possible source code enrichment Increased code diversity in software ecosystem Increased risks to manage: Internal expertise to develop and maintain Lack of imputability when software is developed via internet collaboration Defence R&D Valcartier # 15

Authors Synthesis FOSS should not be considered as a panacea -- but appears to be a credible and productive approach Cost-effective in many instances Offering a good maturity, flexibility, high productivity Defence R&D Valcartier # 16

Report Overview Part # 2 Proposed Way-Ahead for GoC R et D pour la défense Defence R&D

Guiding Principles for a Way-Ahead FOSS represents a real and credible opportunity for GoC Diversity in supplies is preferable (Custom Software, COTS and FOSS) Open Standards and specifications lead to system interoperability Evaluation of FOSS must be done on a case-by-case basis COTS: Commercial-Off-The-Shelf FOSS: Free and Open Source Software Defence R&D Valcartier # 18

Proposed Way-Ahead for GoC Promote progressive FOSS adoption in GoC Inform project leaders of potential FOSS benefits Provide navigation aids to help identify suitable FOSS Provide guidelines to assess FOSS in context Train personnel to interpret licenses and estimate cost Consider FOSS-based solutions in some RFP and Choose «best value on the market» with technology neutrality http://publiservice.cio-dpi.gc.ca/fap-paf/oss-ll/foss-llo/foss-llo00_e.asp RFP: Request for proposal Defence R&D Valcartier # 19

Report Overview Part # 3 GoC Guidelines to Assess FOSS R et D pour la défense Defence R&D

Recommended Evaluation Steps Define the application context Identify candidates (FOSS and COTS) Compare side-by-side the 3-4 best options Perform an in-depth code analysis if needed Seek approval from local management and client Document the lessons learned An evaluation spreadsheet is proposed A simple cost model is offered http://publiservice.cio-dpi.gc.ca/fap-paf/oss-ll/foss-llo/foss-llo00_e.asp Defence R&D Valcartier # 21

Ingredients for Success A good working product Led by commited leaders Providing a general community service Supported by developers who are also its users Defence R&D Valcartier # 22

Report Overview Part #4 Catalogue of Selected FOSS R et D pour la défense Defence R&D

High-Quality FOSS Lists GRAS: Generally Recognized As Secure (115 FOSS MITRE / DoD) GRAM: Generally Recognized As Mature (39 FOSS - Wheeler) IDA: Interchange Data Administrations (multiple FOSS - EU) DRDC: Includes scientific FOSS (± 394 FOSS DRDC) Defence R&D Valcartier # 24

Summary and Perspectives for the Canadian Forces R et D pour la défense Defence R&D

Summary Importance of FOSS will be increasing for most Government departments including DND/CF Pratical guidelines proposed for comparing FOSS and COTS software in project context Numerous navigation aids included in the report French version available Defence R&D Valcartier # 26

Next Steps Quality and Security assessment of FOSS Tools and methodologies to verify & validate C and C++ software Report for GoC project leaders and security architects Tools and methodologies to verify & validate Java software Report for GoC project leaders and security architects FOSS licenses and other legal issues Practical information needed to support FOSS adoption in GoC Cost estimation Practical information needed to support FOSS adoption in GoC Defence R&D Valcartier # 27

Issues Requiring Some Attention by the GoC Expertise for system development and maintenance i.e. more reliance on internal resources often scarce Lack of imputability when software is developed via internet collaboration Fragmentation of our computer base compatibility with existing systems and databases to maintain Duplication of certification efforts centralized software certification and GoC pre-qualified list of FOSS Defence R&D Valcartier # 28

Issues Requiring Some Attention by the CF Good technology in some cases; criteria to clarify Maintain interoperability with our allies moving to FOSS List of trusted sources in preparation Assess threat of FOSS having offensive capabilities List of offensive FOSS being built Defence R&D Valcartier # 29

For comments : FOSS@drdc-rddc.gc.ca http://www.cio-dpi.gc.ca/fap-paf/oss-ll/oss-ll_e.asp Defence R&D Valcartier # 30

2024 © homedocbox.com Privacy Policy | Terms of Service | Feedback