According to Amanada Brock, there are some common misperceptions about open-source software that risk undermining its development, underutilising its creators and may lead to public and private sector IT estate becoming a “siloed wasteland”.
The CEO of OpenUK, a not-for-profit which supports open source collaboration and technologies, wants pundits, commentators, policymakers, regulators and governments to start seeing the bigger picture.
The first widely held inaccuracy, she says, is that the only requirement for a project to become open source is for it to be shared on GitHub or another well-known repository.
“All this does is stick code in a publicly available environment. Real open source requires you to take contributions so that you build a healthy community that will build longevity. It needs documentation and community builders and a whole ecosystem of people,” she adds.
And this ecosystem comes at a cost – which blows away the second misperception: that open-source is free.
“Open source is not free, it just looks that way because people with deep knowledge lend their spare time to developing software – but there’s a value in that, and that value is high – the value of the economic output that is generated by it is worth billions,” she says.
Open-source software has become an important part of many enterprise IT strategies because it allows companies to create code without starting from scratch and to tailor it to their specific needs.
Highly paid software developers working for big tech companies might work on a project for a specific use case (often in their spare time) and decide that this could be useful for others.
They log the code from this project in a repository such as GitHub and allow the software to be freely used, modified and shared.
The gold standard open-source software licence, according to Brock, is the Open-Source Initiative’s OSI licence, which requires the code to go through the initiative’s open source review process.
According to OpenUK, around 96% of all software has dependencies on open-source and three quarters of all software stacks are now OS. You can find OS software across the NHS while challenger banks such as Starling and Monzo are built entirely on OS systems.
Open source has also become an invisible yet important part of our every day lives. It’s embedded in mammogram machines, air traffic control systems and weather forecasting technology.
But part of the problem, according to Brock, is that open source has become a victim of its own success: business leaders know they need to be investing in open source, because it has become a buzz word and, most importantly, it’s cheaper than paying for a proprietary licence. But, she argues, they’re not going about it in the right way.
“The scale of adoption, the creation of GitHub and digital transformation of a mass scale has meant that suddenly people were able to bring this stuff into their companies – but this has not been matched by the scale of understanding,” she says.
As a case-in point she reflects on a recent study OpenUK was involved in for the NHS, looking at several open-source projects.
“I found things that were supposed to be open source being built in silos. There were five competing companies all working on the same project,” she claims.
While these firms might have been working to the same legal definition of open-source, and they might come with an OSI-approved license, they are open-source in name only, Brock claims.
“One person I interviewed involved in an NHS open-source project told me they were on three-year contract: now that’s proprietary software, not open source, it’s open source in name only. That’s the issue,” she says.
The main reason people use OS software is because it’s cheaper, and Brock acknowledges this. But, she argues, if organisations such as the NHS don’t use it in the right way, it could prove a false economy.
“What they want to do is to create code that is recycled and reused. So that when they commission code it’s not for a one-off and that will allow it to go across the sector and other areas.
“But that’s not happening in the wasteland they are creating with their commissioning. They are not getting the right people,” she warns.
OpenUK’s solution, which it will push at its second annual conference The State of Open Con 2024 this week, is for a better criterion to assess what makes something open source; a better definition, policies and procedures that back that up and a process around the funding and commissioning of code “at a more granular level”.
One ask is to revisit the public sector’s use of open source. “Most governments around the world are moving towards open source, but they are not doing it properly,” says Brock.
Many organisations embracing open source have set up an Open-Source Program Office – a cross functional team that dictates its open-source strategies and policies. But these aren’t working as they should in the public sector, Brock argues.
“What we want is investment to help us demonstrate why they don’t work and to show them what does work, and to build a minimum viable product for that,” she says.
“I’m going to use the term ‘curation’ as well as recommend good technical hygiene documentation processes. Gatekeeping, checking that a project has a community and knowing that a project is going to have longevity before you use it are all key technical things as well as good governance,” she adds.
To be clear, Brock adds, the processes that they are suggesting are not biblical in length – “there are just a couple of pages of policy requirements.”
But why does she think that the focus on the public sector is key when OS software is so prevalent now in enterprise?
“Most people wouldn’t agree with me on that, but I think if you can persuade the [UK] government to build this well, it should – in my view – shift to private.
“If the public sector can build the right future of OS infrastructure, if we create a centralisation then we can build something that can be useful for UK and overtime will influence enterprise.”
Another ask at the conference will be to formalise and support the UK’s ‘hidden’ open-source talent. A recent study by OpenUK revealed that the country remains an untapped resource when it comes to open-source talent. There are 3.2m Github accounts in the UK, which equates to 4.5% of the population. Over 30,000 UK contributions to open-source projects have been made with 1,700 new contributors adding their knowledge in the last 12 months.
Brock believes that this is an opportunity for the UK government to support a community that is likely to have a significant impact on the economy.
OpenUK, she claims, can given untrained software contributors guidance to get into significant projects and become highly paid developers – but funding is needed.
“We want to be the next Silicon Valley, the next Bay Area. But to do that we need more skills and a lot more of them. Individuals across the UK need the opportunity to hone their skills.
“This free work they do – commonly known as ‘contributions’ – builds them a CV on GitHub, a CV that can be seen globally. And if we can help them to get into the right projects, so that they are ready for newer people, it means they will be contributing to significant projects,” she says.
OpenUK’s third ask in its manifesto is to make the UK a place that “is receptive to AI openness”
“The only way we are going to have an AI future in the UK is if we open it up,” says Brock. “That goes back to people understanding the nuance of open source.”
For these asks, OpenUK is asking for between £1-2million “to do the work that others would charge multiples for,” Brock adds.
There are many different flavours of open source, and the community itself isn’t united on its approach. Some firms – such as HashiCorp – have controversially switched away from open source to a “source-available” licensing model for its infrastructure-as-code tool Terraform.
Others, such as Confluent, MongoDB, Elastic and Docker also include licensing restrictions for commercial usage of its code, although non-production use remains free.
Criticisms of this model come in two form. Firms who previously used these tools for free have built infrastructure around them, yet now feel as if they are being held to ransom.
There’s also a wider business model question. As open source supremo Ashley Hightower pointed out recently – is it fair that firms like HashiCorp might struggle with their business model while major multimillion-pound cloud providers capitalise on freely available code?
Brock’s view is surprisingly open on this issue: things are complicated enough, and in-fighting will only lead to further misunderstandings, she says.
“I will always advocate for open-source, but I think we’ve reached a point where, as people who believe in sharing and collaboration, fighting among ourselves isn’t going to do us any good, when we’ve got the rest of the world trying to undermine us because they don’t understand what it is.
“We need to create consistency and be certain in what we are saying to the rest of the world so that we can make it as simple as possible for them, to protect our own future.
“The way we do that, I think, is to accept that there are shades are openness and the ultimate as open source, is the best, but that there are other kinds of ‘opens’ which need to be categorised so that people understand the different between them.”
State of Open Con runs from 6-7th February at The Brewery, London
Subscribe to our Editor's weekly newsletter
Newsletter
Share
