Open Source Software (OSS) Transparency for DoD Acquisition
Nancy Mead, Carol Woody, Scott Hissam
TL;DR
This paper discusses the importance of transparency in open source software (OSS) for Department of Defense (DoD) acquisition, highlighting challenges in obtaining project information and proposing a framework to improve OSS transparency for consumers.
Contribution
It introduces a framework for assessing OSS transparency, addressing the lack of information about OSS projects used in defense acquisitions.
Findings
Identifies key transparency challenges for OSS consumers.
Proposes a structured framework to evaluate OSS project transparency.
Highlights the need for improved OSS transparency in defense contexts.
Abstract
Caveat emptor, or let the buyer beware, is commonly attributed to open source software (OSS)-the onus is on the OSS consumer to ensure that it is fit for use in the consumer's context. OSS has been compared to an open market bazaar where consumers are free to browse all the source code and take a copy. In this paper, we observe challenges for the OSS consumer to obtain information about the process(es), project(s) used to produce a product and the protection(s) employed by those projects. We discuss the need for more transparency by OSS projects, where possible and introduce a framework for reasoning about those OSS projects and their products for use by the OSS consumer.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsDistributed and Parallel Computing Systems