I was recently asked about the history of the Ozone Government Open Source Software Advisory Board, AKA “The GOSS Board”.<\/p>\n
Below are my recollections… Many of the source documents (such as the meeting briefings and minutes of the board meetings) are on Intelink at https:\/\/intellipedia.intelink.gov\/wiki\/OWF_GOSS<\/a> , which many government folks can able to access with a PIV certificate. (Intelink is a shared service for the Defense, Intelligence, Homeland Security, Foreign Affairs, and Law Enforcement communities, and is not available to the general public.)\u00a0 I found at least one other public blog<\/a> that covers some of the same history, albeit with a different focus.<\/p>\n NSA first developed the “Ozone Widget Framework” (OWF) circa 2009.\u00a0 OWF is a web application that acts as a framework for small, user-composable, web apps which we called “widgets”.\u00a0 Around 2010, NSA was giving away (compiled) copies at Intelligence Community events.\u00a0 People liked it.\u00a0 Other agencies used it in various ways.<\/p>\n Around 2010, my boss gave me a task to go build a proof-of-concept web “storefront”, or apps store for DoD.\u00a0 Knowledgeable people suggested that I should consider OWF.\u00a0 It met many of my requirements, but I assumed that I would need to customize it in some way, so I convinced NSA leadership to share the source code with other federal agencies and (in theory) to accept patches.\u00a0 Essentially, they agreed to adopt an open-source-like collaboration model, with the caveat that the code would not be shared outside the Federal government.<\/p>\n I coined the term “Government Open Source Software”, or GOSS.\u00a0 Personally, I would have preferred to make it plain-old OSS, but I was limited by what I could get NSA and other gov’t agencies to accept at the time.\u00a0 The code was made available to any federal agency.\u00a0\u00a0 In doing this, we also created a multi-agency governance board called the OWF GOSS (Gov’t Open Source Software) Advisory Board.\u00a0 The four founding members were from NSA, DoD CIO, CIA and ODNI.\u00a0 Over the next few years, the board grew to include representatives from DISA, NGA, 2 organizations in the Navy, DIA, 2 organizations in the Army, maybe others. (as best I can recall)<\/p>\n The original charter for the board included responsibilities to determine when to release the code to the public as “real” open source software, and also to disband itself if it wasn’t useful any longer.<\/p>\n The board met quarterly for years (2010-2014), hosted by NSA. (Mostly at their contractor’s offices)\u00a0 At those meetings, participating agencies would prioritize work on the software.\u00a0\u00a0 The meetings were face-to-face (mostly) and generally lasted all day.\u00a0 In the morning we would generally talk about strategic direction and membership, and in the afternoon we reviewed and prioritized the specific feature requests.\u00a0\u00a0\u00a0 It slowed down around 2013-2014, because the NSA gov’t lead proposed to refactor the whole thing, so work on the day-to-day software updates was reduced while the refactoring effort was underway.\u00a0 After a false start (remember OWF 8, OSGi ?), the refactoring effort eventually became the “Ozone Platform<\/a>“, (OZP) which currently powers the Intelligence Community’s “AppsMall”.\u00a0 Interestingly, OZP was always<\/em> open source – it was developed in the open from the very inception.<\/p>\n Because OWF was a GOSS project, if some agency had a feature request that the broader community did not consider a priority, (and therefore was not in the work queue for the main developer) that agency was always encouraged to develop the enhancement with their own people and submit it back as a patch.\u00a0 This happened a few times, and some of those features did eventually make it into the baseline, but most of the development was done by the core team that was on contract to NSA.<\/p>\n Section 924 of the 2012 National Defense Authorization Act directed the DoD CIO (my organization) to make it really<\/em> open source<\/a>.\u00a0 We called this the GOSS-to-FOSS transition.\u00a0 This process took about a year; the code had to be reviewed for release, some portions of the code were proprietary 3rd-party modules, and needed to be removed, licenses had to be chosen, a CLA developed<\/a>, etc.\u00a0\u00a0 During the transition (and afterwards), the GOSS board kept meeting.<\/p>\n The GOSS board worked well, partly because ODNI had set aside funding for the NSA core team to work on community requirements.\u00a0\u00a0 That money ran out eventually (FY2016), and about the same time NSA stopped using the software internally (in favor of the refactored version called “Ozone Platform”.\u00a0 NSA announced that they were no longer going to maintain OWF, which created much discontent for the other community members who found themselves using “unsupported” software.\u00a0\u00a0 NSA responded to the discontent by signing a CRADA with the software vendor (Next Century, Inc.) to make them the custodian of the both OWF and Ozone Platform and run the GOSS board themselves.<\/p>\n The DoD users of OWF (50+ programs, 11 of which are major acquisitions) have since banded together to form a “DoD GOSS Advisory Board (DGAB)” to pool requirements to a DoD custodian (Navy’s SPAWAR System Center-Pacific), where DoD users can send funding to support DoD Requirements.\u00a0 I suspect that SPAWAR might consider contracting back to Next Century to either make enhancements or integrate patches from the community.\u00a0\u00a0 One might argue that Next Century is uniquely well-qualified to maintain OWF (since they’ve been doing it since at least 2009), but certainly they are not the only<\/em> qualified agent to do so.<\/p>\n Part of the hard challenge for collaborative development in a government context is that even if a varied set of agencies or offices all are contributing, some central agent has to evaluate the patches and integrate the changes. (i.e. the custodian or maintainer)\u00a0 This can work until the custodial agency has a shift in focus, and wants to step down, leaving a void in the community.\u00a0 This is hard in non-gov’t projects too<\/a>.\u00a0 The Ozone transition has been ugly, but hopefully it’s starting to turn the corner.\u00a0\u00a0 I don’t think the story is quite done yet; the relationship between the CRADA partner (the “commercial” custodian) and the government custodian is still evolving at this time.<\/p>\n That said, I like to point out that the process worked pretty well for 5 years, which is a pretty good run.<\/p>\n Also, the concept and rhetoric of the GOSS Advisory Board was adopted by the DoD Command-and-Control community for another piece software called “Agile Client Framework”, but I don’t know much about it.\u00a0 (They call is the “GAB”, short for “GOSS Advisory Board”.)<\/p>\n","protected":false},"excerpt":{"rendered":" I was recently asked about the history of the Ozone Government Open Source Software Advisory Board, AKA “The GOSS Board”. Below are my recollections…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,12],"tags":[],"class_list":["post-1515","post","type-post","status-publish","format-standard","hentry","category-oss","category-work"],"_links":{"self":[{"href":"https:\/\/risacher.org\/jfdi\/wp-json\/wp\/v2\/posts\/1515","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/risacher.org\/jfdi\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/risacher.org\/jfdi\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/risacher.org\/jfdi\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/risacher.org\/jfdi\/wp-json\/wp\/v2\/comments?post=1515"}],"version-history":[{"count":15,"href":"https:\/\/risacher.org\/jfdi\/wp-json\/wp\/v2\/posts\/1515\/revisions"}],"predecessor-version":[{"id":1533,"href":"https:\/\/risacher.org\/jfdi\/wp-json\/wp\/v2\/posts\/1515\/revisions\/1533"}],"wp:attachment":[{"href":"https:\/\/risacher.org\/jfdi\/wp-json\/wp\/v2\/media?parent=1515"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/risacher.org\/jfdi\/wp-json\/wp\/v2\/categories?post=1515"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/risacher.org\/jfdi\/wp-json\/wp\/v2\/tags?post=1515"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}