Survey on the Future of Open Source, and Lessons from the Past

Quality and security drive adoption, but community is rising fast

I recently talked to two managers of Black Duck, the first company formed to help organizations deal with the licensing issues involved in adopting open source software. With Tim Yeaton, President and CEO, and Peter Vescuso, Executive Vice President of Marketing and Business Development, I discussed the seventh Future of Open Source survey, from which I’ll post a few interesting insights later. But you can look at the slides for yourself, so this article will focus instead on some of the topics we talked about in our interview. While I cite some ideas from Yeaton and Vescuso, many of the observations below are purely my own.

The spur to collaboration

One theme in the slides is the formation of consortia that develop software for entire industries. One recent example everybody knows about is OpenStack, but many industries have their own impressive collaboration projects, such as GENIVI in the auto industry.

What brings competitors together to collaborate? In the case of GENIVI, it’s the impossibility of any single company meeting consumer demand through its own efforts. Car companies typically take five years to put a design out to market, but customers are used to product releases more like those of cell phones, where you can find something enticingly new every six months. In addition, the range of useful technologies—Bluetooth, etc.—is so big that a company has to become expert at everything at once. Meanwhile, according to Vescuso, the average high-end car contains more than 100 million lines of code. So the pace and complexity of progress is driving the auto industry to work together.

All too often, the main force uniting competitors is the fear of another vendor and the realization that they can never beat a dominant vendor on its own turf. Open source becomes a way of changing the rules out from under the dominant player. OpenStack, for instance, took on VMware in the virtualization space and Amazon.com in the IaaS space. Android attracted phone manufacturers and telephone companies as a reaction to the iPhone.

A valuable lesson can be learned from the history of the Open Software Foundation, which was formed in reaction to an agreement between Sun and AT&T. In the late 1980s, Sun had become the dominant vendor of Unix, which was still being maintained by AT&T. Their combination panicked vendors such as Digital Equipment Corporation and Apollo Computer (you can already get a sense of how much good OSF did them), who promised to create a single, unified standard that would give customers increased functionality and more competition.

The name Open Software Foundation was deceptive, because it was never open. Instead, it was a shared repository into which various companies dumped bad code so they could cynically claim to be interoperable while continuing to compete against each other in the usual way. It soon ceased to exist in its planned form, but did survive in a fashion by merging with X/Open to become the Open Group, an organization of some significance because it maintains the X Window System. Various flavors of BSD failed to dislodge the proprietary Unix vendors, probably because each BSD team did its work in a fairly traditional, closed fashion. It remained up to Linux, a truly open project, to unify the Unix community and ultimately replace the closed Sun/AT&T partnership.

Collaboration can be driven by many things, therefore, but it usually takes place in one of two fashions. In the first, somebody throws out into the field some open source code that everybody likes, as Rackspace and NASA did to launch OpenStack, or IBM did to launch Eclipse. Less common is the GENIVI model, in which companies realize they need to collaborate to compete and then start a project.

A bigger pie for all

The first thing on most companies’ minds when they adopt open source is to improve interoperability and defend themselves against lock-in by vendors. The Future of Open Source survey indicates that the top reasons for choosing open source is its quality (slide 13) and security (slide 15). This is excellent news because it shows that the misconceptions of open source are shattering, and the arguments by proprietary vendors that they can ensure better quality and security will increasingly be seen as hollow.

Going beyond these considerations is an important sign of strength for an open source project: the creation of a community that extends the project. OpenStack has clearly reached this stage, with so many new contributions that hardly anyone can keep track of them. Drupal offers another stunning success in this regard.

Users are starting to recognize the value of crowdsourcing for development. Note the interest both in using APIs and in offering APIs to code the users have produced themselves (slides 22 and 23). Two-thirds of open source developers surveyed work for a large company (IBM, Ford, etc.) and get paid to do open source coding.

Ultimately, the increased interoperability and community input lead to open source’s best contribution: it makes a bigger pie to divide up than proprietary technologies.

Cloud computing is an excellent example. Pretty much since Amazon launched AWS—a fine product that has altered the hosting equation for thousands of companies—analysts and business leaders have been warning of lock-in in the cloud. Other issues, such as security, performance, and SLAs, come up regularly too, but potential cloud customers are fundamentally driven away by the fear that data will be lost or the cloud provider will simply go out of business. OpenStack addressed this fear by guaranteeing that data and compute instances could be moved freely between providers. Although other services emulating AWS have come into being, no proprietary provider could give the same guarantee as an open source platform. And consequently, an open platform will hugely expand the customer base for cloud computing.

Open development may be the key to breaking the logjam in the market for electronic health records, most of which are priced so astronomically that only major institutions can afford them. (SaaS providers such as athenahealth and Practice Fusion are filling the gap, but they are not open source and therefore suffer some of the problems of cloud computing.) The Department of Veterans Affairs’ VistA software has gotten a lot of praise for health care management, a notable feat in a field where users slam proprietary offerings as difficult and unfriendly. Although VistA was released many years ago to the public, it was slow to catch on, partly because three or four companies took it in different directions and made incompatible platforms while fighting each other for a small market. VistA was nominally open, but was not being developed in an open manner like Linux or Drupal.

Finally, a couple years ago, the VA set VistA on a firmer open ground by putting it under the care of an independent non-profit organization, OSEHRA. Part of their mandate is to develop community, the importance of which I’ve already discussed. In particular, they’re trying to get all the companies to develop VistA-based products to work together on a common code base. OSEHRA, incidentally, collaborated on the Future of Open Source survey.

The survey

A few other intriguing results from the Future of Open Source survey include:

  • Government is the largest adopter of open source, ahead of any particular industry (slide 11)

  • The number of healthcare open source projects is rapidly increasing, although the slides don’t indicate how widespread their use is (slide 12)

  • SaaS is on its way to becoming the preferred way to deliver open source software (slide 41)

I spent a good deal of time asking Yeaton and Vescuso how the survey was conducted, to find out how diverse the respondents were. Thirty of Black Duck’s collaborators distributed the survey to their customer base, and broad input was sought through social media and mention by Forrester Research. Many of the 800 respondents came through an appeal by open source vendors. Two-thirds of the respondents were companies who were mainly consumers of open source. So I would guess that a large proportion of respondents were happy users of open source, but that the field of software users as a whole were reasonably well represented.

tags: , , , , , ,

Get the O’Reilly Programming Newsletter

Weekly insight from industry insiders. Plus exclusive content and offers.