Compliance Management, Government Regulations

White House requires agencies to share custom code with open-source community

The White House has released for public comment a draft of its Source Code Policy, which establishes rules for sharing customized software between federal agencies, in the hopes of improving government access to applications and reducing development costs. 

As part of this policy, the Obama Administration will also launch a pilot program that will require federal agencies to release at least 20 percent of third-party-developed custom coding as open source software, making it fully accessible to external developers within the open-source community.

“Through this policy and pilot program, we can save taxpayer dollars by avoiding duplicative customer software purchases and promote innovation and collaboration across federal agencies,” said Tony Scott, U.S. CIO, in an online blog post last week. “We will also enable the brightest minds inside and outside of government to review and improve our code, and work together to ensure that the code is secure, reliable and effective in furthering our national objectives.”

The Administration unveiled the policy in order to fulfill its commitment to adopt a government-focused open-source software policy, as originally proposed in its Second Open Government National Action Plan. The new doctrine establishes open sharing guidelines for any new custom software built for U.S. government websites and systems, whether developed internally or through contracted third-party vendors — with the notable exception of cybersecurity software.

Under the new policy, before agencies can officially commission a new custom software development project, it must first perform a thorough “alternatives analysis” to determine if there is already an existing software solution at another agency whose source code can shared for the necessary task at hand. Agencies will also be required to evaluate and consider any off-the-shelf software solutions that might be available, before commissioning a custom project.

Moreover, when contracting with a third-party vendor to develop a new custom software program, agencies must now require said vendor to hand over the product's underlying source code, as well as build instructions, automated test suites and all other pertinent documentation. The agency must also secure unlimited rights to the custom code, so that other agencies across the federal government can potentially leverage or build off the same code, rather than waste money contracting with other vendors for their own custom projects.

Although the new guidelines do not apply to software programs that were contracted out to third parties prior to the publishing of the Source Code Policy, the policy strongly encourages agencies to take steps to make those applications available for shared interagency use as well, if possible.

A key part of the new policy is a pilot program that requires agencies to release at least 20 percent of its third-party-created custom code as open-source software. All new custom code that is developed internally by agency employees will be released to the public as well, except when doing so would compromise security or national interests.

The policy notes that “releasing code as open source can benefit Federal agencies by allowing professional communities of practice to develop around software libraries and Application Programming Interfaces (APIs). This collaborative atmosphere makes it easier to conduct software peer review and security testing, to reuse existing solutions, and to share technical knowledge.”

Within 120 days of the publication of the policy, the U.S. Office of Management and Budget (OMB) will develop metrics to assess the impact of the pilot, to help determine if the program should be expanded.

Tony Wasserman, a director with the Open Source Initiative and Professor of Software Management Practice at Carnegie Mellon University - Silicon Valley, said in a blog post that the new policy is the “next logical step” in the White House Administration's ongoing efforts to promote open-source coding and “deliver digital government solutions using modern software development practices.”

Wasserman said that government websites still feature “a lot of expensive, low-quality code out there, hidden from public view, but on which we are all dependent on a daily basis.” However, he added, “People in the Obama Administration have been aware of this problem, and of the merits of open-source software” to remedy this situation.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.