Open minds on open source

NASA programmers might raise a few eyebrows by converting their electronic

posting system for business opportunities from an Oracle Corp. relational

database to an open source counterpart, mySQL.

On Nov. 6, a team at NASA's Marshall Space Flight Center finished the

transition of the NASA Acquisition Internet Service to mySQL with barely

a hitch, said Dwight Clark, computer systems analyst and project leader

for NAIS. NAIS sends e-mail notifications to users based on specified interests

and enables users to query the Web site (nais.nasa. gov) for updated opportunities.

"We noticed an increase in [speed of] performance" since the change

and have not experienced any problems with the product, Clark said. "We

kept waiting for the other shoe to fall from the time we started investigating

mySQL, but it never did."

Open-source software is still an unconventional option for most federal

agencies, but support is building for its use as many federal agencies enjoy

the benefits of fast, low-cost systems such as Linux.

The President's Information Technology Advisory Committee recommended

in September that the federal government encourage open-source software

as an alternative for software development for high-end computing and allow

open-source development efforts to compete on a "level playing field" with

proprietary solutions in government procurements.

The PITAC Panel on Open Source Software for High End Computing believes

open-source software will give agencies the opportunity to get better software

at a lower cost, said Susan Graham, co-chairwoman of the panel.

The NAIS team already was investigating open-source relational database

software when Oracle started to restructure its license agreements with

NASA in a way that would be cost-prohibitive for the organization, said

John Sudderth, senior computer scientist with Computer Sciences Corp., a

contractor for NAIS. NAIS' annual budget is about $300,000.

Faced with software they couldn't afford, Sudderth and his colleagues

decided to switch to open source — and found mySQL (www.mysql.com) to be

the most robust product available.

Critics of open source say security is a problem because a community

of developers with unknown intentions distributes the software. But supporters

counter that such a community will help find vulnerabilities and bugs and

will respond more quickly than private firms to patch holes.

"This is clearly not a topic where there's any unanimity of opinion,"

said Robert Borchers, director for advanced com-putational infrastructure

and research at the National Science Foundation.

"There is a long tradition in the [Energy Department] of the labs sharing

source code," said Borchers, who was part of the PITAC panel. "I don't think

there are any stories like that within NSF yet."

Now that companies that support Linux are appearing, such as Red Hat

Inc. (see story, Page 38), open source should take off, he said. Linux recently

has been used at DOE and the Commerce Department's National Institute of

Standards and Technology and National Oceanic and Atmospheric Administration.

The problem with open-source code is that it accelerates the learning

curve of a cyberterrorist because access to the source code is free and

readily available, said Scott Hissam, who leads an open-source research

and development project at Carnegie Mellon University's Software Engineering

Institute.

Government "should embrace any software technology they can use to get

their job done, but don't embrace it blindly," Hissam said.

Open-source software also doesn't fit neatly into traditional federal

procurement methods because some license agreements require users to submit

modifications to developers for consideration in future releases. If a software

change is made that is government-specific, it may not be accepted by the

developers and will have to be cut into each new version used by an agency,

he said.

Open source' defined

"Open source" is a term for software that is openly distributed, often

under conditions specified in a licensing agreement. Two critical characteristics

are:

* Users are given access to the source code, which allows them to modify,

study or augment the software's functionality.

* Any licensing agreement allows distribution of the initial software

and redistribution of that software in a modified form. If users make changes

to the software, they may submit them to the community of developers for

possible inclusion in future versions.