FOR FEDERAL AGENCIES Vicki E. Allums Associate General Counsel for Intellectual Property Defense Information Systems Agency (DISA) Department of Defense June 20, 2012
¡ How does OSS differ from other Commercial Software? ¡ Can Federal Agencies own the Copyright in Software? ¡ What are the FAR and DFARS? ¡ What are some of the Common OSS licenses and their distribution schemes?
16 October 2009 “http://cio-nii.defense.gov/sites/oss” l Supersedes DoD CIO Memo 28 May 2003 ¡ Department of Navy CIO Memo “http://www.doncio.navy.mil/PolicyView.aspx? ID=312 ¡ The Open Technology Development Roadmap, 7 June 2006 “http://www.acq.osd.mil/jctd/articles/ OTDRoadmapFinal.pdf” ¡ US Army Regulation 25-2, Paragraph 4-6.h “http://www.army.mil/uspa/epubs/pdf/r25_2.pdf” ¡ OMB Memorandum “http://www.whitehouse.gov/omb/memoranda/fy/04/ m04-16.html”
“http://cio-nii.defense.gov/sites/oss” ¡ CENDI Frequently Asked Questions About Copyright and Computer Software “ http://www.cendi.gov/publications/ 09-1FAQ_OpenSourceSoftware_FINAL_11010 9 .pdf” ¡ NASA Open Source Software and NASA Procedural Requirements 2210.A-External Release of NASA Software ¡ Federal Deposit Insurance (FDIC) Corporation
“In almost all cases, OSS meets the definition of “commercial computer software” and shall be given appropriate statutory preference in accordance with 10 USC 2377 (reference (b)) (see also FAR 2.101(b), 12.000, 12.101 (reference (c)); and DFARS 212.212, and 252.227-7014(a)(1) (reference (d)).”
Research ¡ Positive Aspects of OSS l Continuous and broad peer-review l Unrestricted ability to modify software source code l Reliance on a particular software developer or vendor may be reduced l OSS license do not restrict who can use software l Cost advantage l Suitable for rapdid prototyping and experimentation
Is the Government obligated to distribute the source code of any modified OSS to the public? Does this issue present a problem for use in classified or other sensitive DoD systems?
(1) DoD employees as part of official duties; (2) A vendor, acting on DoD’s behalf (procurement or other award instrument) (3) DoD employees or vendors, acting on their behalf, which include commercial OSS components
modify, reproduce, release, perform, display, or disclose computer software or computer software documentation in whole or in part, in any manner and for any purpose whatsoever, and to have or authorize others to do so.” DFARS 252.227-7014(a)(15)
reproduce, release, perform, display, or disclose computer software or computer software documentation within the Government without restriction; “Release or disclose computer software or computer software documentation outside the Government and authorize persons to whom release or disclosure has been made to use, modify, reproduce, release, perform, display or disclose the software or documentation for United States government purposes.” DFARS 252.227-7014(a)(10)
the United States Government is a party, including cooperative agreements with international or multi-national defense organizations or sales or transfers by the United States Government to foreign governments or international organizations. Government purposes include competitive procurement, but do not include the rights to use, modify, reproduce, release, perform, display, or disclose computer software or computer software documentation for commercial purpose or authorize others to do so.” DFARS 252.227-7014(a)(11)
developed or regularly used for nongovernmental purposes which— (i) Has been sold, leased, or licensed to the public; (ii) Has been offered for sale, lease, or license to the public; (iii) Has not been offered, sold, leased, or licensed to the public but will be available for commercial sale, lease, or license in time to satisfy the delivery requirements of this contract; or (iv) Satisfies a criterion expressed in paragraph (a)(1) (i), (ii), or (iii) of this clause and would require only minor modification to meet the requirements of this contract. (DFARS 252.227-7014(a)(1) ¡ Minor modification means a modification that does not significantly alter the nongovernmental function or purpose of the software or is of the type customarily provided in the commercial marketplace. (DFARS 252.227-7014(a)(12)
Goals l Acquire Commercial Open Source Software v. other Commercial Software ¡ Pitfalls of Using OSS l Licensing Scheme l Can the Government live with the licensing terms? (e.g. Redistribution of modified code)
Assessment – Technical and Information Technology Security Personnel l Compliance with: ¡ National Security Telecommunications and Information Systems Security Policy Number 11 ¡ Federal Information Security Management Act (FISMA) l Questions: 1) Will the code be used in classified systems? 2) Is there prompt identification and repair of defects?
(Case 2010-001) l See PGI & line-in/line-out at DFARS Pub. Notice 20100927: http://www.acq.osd.mil/dpap/dars/change_notices.html l Comments due 11/26/10 ¡ DoD Industry Meeting (January 2012)
l DISA-led activity designed to improve ability of DoD to rapidly deliver dependable software, services and systems in support of net-centric operations and warfare. l Family of Services ¡ SoftwareForge ¡ ProjectForge
U.S. military l DoD Government civilians and DoD contractors (authorized government use) l Requires Common Access Card or PKI certificate issued by a DoD Approved External Certificate Authority
Agreement l DoD Community l Unique Nature of Project l Terms ¡ Use of Services ¡ Licensing and Other Terms ¡ Copyrights and other DoD Community Source Usage Rights
nasa
hirosatogamo
fujiwara3
oracle4engineer
abemii
iotengineer22
sonatard
toridori_dev
sinsoku
oztick139
blueb
geeforr
tammyeverts
lauravandoore
bermonpainter
bluesmoon
erikaheidi
trallard
phodgson
chrislema
colly
hatefulcrawdad
![32 QUESTIONS? Contact Information: Vicki E. Allums Email: [email protected] Phone:](https://files.speakerdeck.com/presentations/504a3b1f2fc8e1000200d6d0/slide_31.jpg){kind=link}