« Previous | Contents | Next »
Listen
Considerations
Procurement
28. The procurement legislation and guidance which the Scottish public sector operates to applies equally to FLOSS as to the more traditional proprietary software purchased in Government. However, FLOSS has distribution routes independent of normal procurement routes and much FLOSS is distributed "free" over the Internet. The licence model attached to FLOSS usually makes this free distribution and use perfectly legal. There is however a large number of differing FLOSS licences, and in some instances these can contain numerous obligations on its use. Legal advice should therefore be sought on the terms of use of any FLOSS software to ensure compliance with what can be complex licensing provisions.
29. Notwithstanding the fact that FLOSS can be acquired independently of traditional procurement routes, the same issues of ownership and use; standardisation; support and maintenance; risk management; asset registration and control which apply to proprietary software need to be addressed.
30. Organisations should review their current infrastructure and applications well in advance of any planned procurement or renewal, and determine whether current technologies and ICT policies inhibit future choice; and if so consider what steps should be taken to prevent future lock-in.
Security
31. FLOSS is not intrinsically more or less secure than proprietary software. Open source does affect the security balance in a number of ways, but the influence of these effects very much depends on the specific circumstances involved. Open source projects rarely have the rigid infrastructure required for quality programs such as ISO 9000 implementation, but many of the methods used to implement ISO 9000 quality programs for software are amenable to automation and many large open source projects and several open source support sites have automated methods for running such tests. The freedom to change in FLOSS also allows security specific customisation to be undertaken; an example being the Security Enhanced Linux project, undertaken by the USA's National Security Agency. This provided a significantly larger set of security features, at the price of significantly higher maintenance and operating overhead.
32. Security of Scottish public sector ICT systems is a major concern but properly configured FLOSS can be at least as secure as proprietary systems and FLOSS is currently subject to fewer internet based attacks.
Skills
33. All Scottish public sector bodies should consider the need for open source development, deployment and operational skills within their organisation, and review the availability of such skills in their partner or outsourced ICT service providers. Opportunities for more joint and collaborative working on FLOSS projects within the Scottish public sector, to build on existing experience and skills, should also be considered.
34. Using FLOSS means a change in culture from both the end user and technical specialist.
35. The use of open source applications can require a greater understanding of the systems they interact with. Some ICT specialists, perhaps used to a scripting (4th generation language) development technology, will need to acquire different skills to develop in a FLOSS environment. The end-user experience can also require greater support as an unfamiliar interface means an extra learning effort.
36. Opportunities for more joint and collaborative working on FLOSS projects within the Scottish public sector, to build on existing experience and skills, should be considered. The establishment of a central repository for public sector software developments is one way this could be achieved.
Support for Assistive Technologies
37. Integration with assistive technology ( AT) - software and hardware that is used by people with disabilities to enable them to work more easily and effectively with computers - is still an issue with desktop FLOSS offerings such as StarOffice and OpenOffice.org. Microsoft's market leading position means that most of the widely used assistive technologies available today are designed to work with Windows and Microsoft Office. The vendors have tightly scripted their products to integrate with Office and Internet Explorer, hooking into the Windows environment, picking up output to the screen, keyboard and mouse. Work is ongoing to improve this situation; Sun have created an API (application programming interface) that exposes all of their user interface to assistive technology. However, until the situation improves it is likely Microsoft Office will continue to be needed for people who use JAWS, HAL or Supernova screen-readers, or the Dragon Naturally Speaking range of voice recognition software.
38. Open sourcing offers great potential for AT software users, however currently there are a number of barriers that stop its use in AT situations. It is generally difficult to find on the internet and there are no specific areas dedicated to developing or downloading AT software. FLOSS can also be unfriendly to install, often obliging the user to download many different packages before it can be used. The Open Source Assistive Technology Software ( OATS) 9 pilot project set out to raise the profile and remove these barriers to open source AT software. The OATS consortium have developed a new and unique website-based "repository" of AT software and a "forge" to promote and develop new AT open source project.
Availability
39. Whilst the flexibility and freedom of open source allows organisations to select a combination of software applications specific to their needs from the range of open source products available there is currently considerable confusion within the public sector as to what FLOSS products are available and from where.
Licensing
40. The Open Source Initiative's 10 license proliferation committee was set up in 2005 in response to the growing concern that license proliferation was harmful to the success of open source, and with the aim of reducing the number of open source licenses. The first draft of the committee's report is now available 11 and reveals that it has been more difficult than anticipated to reduce the number of open source licenses in common usage. "It became apparent that there is no one open source license that serves everyone's needs equally well", stated the report. Instead of officially recommending specific licenses, the committee has instead separated the licenses into more descriptive categories: "licenses that are popular and widely used or with strong communities", special purpose licenses, licenses that are redundant, non-reusable licenses, and other/miscellaneous.
« Previous | Contents | Next »