2015 Virtual panel discussion on open source

While it originated in the context of computer software development, today the term “open source” denotes a set of values — the open source way. Open source projects, products, or initiatives are those that embrace and celebrate open exchange, collaborative participation, rapid prototyping, transparency, meritocracy, and community development. We invited a number of experts to share their views on open source and where they believe it  is heading.

Dr. Louis Coetzee, CSIR; Derek Friend, Huawei Enterprise Business Group for Eastern and Southern Africa; Barney Buchan, Dev2; Gerrie Swart, Flickswitch; Matthew Lee, SUSE; Steve Davies, Connection Telecom; Adrian Schofield, Africa ICT Alliance and Frits Kok, Adroit Technologies.

Open source is described as a development method for software that harnesses the power of distributed peer review and transparency of process.  In your experience and/or opinion what does open source deliver to both enterprise and individual computer users?

Dr. Louis Coetzee, research group leader, internet of things, Council for Scientific and Industrial Research (CSIR): “The role of open standards cannot be ignored. Open standards form the “blueprint” of an application or interface and cannot be arbitrarily changed. Thus open standards drive interoperability and also instil confidence for both developers and users. An open source solution often builds on open standards and is the realisation of that “blueprint”. On the other side of the coin, open source solutions are often built without initial standards and the uptake by the community drives adoption. In addition,  open source covers the full ICT spectrum, which includes software for operational systems (e.g. cloud, high performance computing, hosting and virtualisation software, web servers and many more), development platforms (for instance Java, Python, JavaScript and also many mature development libraries) as well as software and systems for a normal desktop user using rich office suites. This wide spectrum creates space for multiple types of users, offerings and business models. An example is RedHat, a big commercial company that leverages open source to provide a commercial offering. This is in contrast to a student writing documents and reports. The combination of components, the freedom of choice, and the interaction with communities empower both the enterprise and the individual.

“A local example is that of the CSIR. Several of the CSIR back-end systems run on Linux distributions. These back-end systems host different applications varying from a commercial solution (e.g. an enterprise database) to Open Source web servers. CSIR staff has the option of using a Linux distribution (mostly used by developers and scientists) or a Windows version which comes pre-installed with an Open Source office suite.”

Derek Friend, director, large enterprise division, Huawei Enterprise Business Group for Eastern and Southern Africa says that in terms of development open source is definitely the better option. “I use Linux on my personal computer and Windows at work, and dual boot. The fact that open source code is developed via many likeminded people collaboratively, and generates the diverse requirement publically and is community driven compared to a single company development mind set makes the software very sustainable and more appealing to me. I have played with (and used various flavours of Linux, Redhat, SUSE to name a few) worked with UNIX, Microsoft Server and Workstations starting on NT, OS. Back in 1998.  Although great, I found it very limited in its potential. I had an early start  with programming since the age of 12, c+, Delphi and then VB. Personally I  have had a love/hate relationship with all of the suppliers, specifically the stringent licensing and constant updates that have been implemented lately, however I do appreciate the business models and need for support across them all.”

Barney Buchan, CEO, Dev2 says that at an enterprise level the company implementing the open source software is given the ultimate level of control – the source code. They are able to support their own software, have control of the really fine grain details and be assured that they will have access/use of the software in perpetuity.

“Individual users are able to choose a free or more affordable open source application instead of potentially very costly proprietary software. They also have access to better support be it specific paid support or passionate community of users who offer free support. It creates a sense of trust for end users – they can look under the hood, fully understand the software in a way that can never be translated into documentation or marketing speak. It’s real and tangible… and they have the power to fix or change anything to suit their needs.”

Gerrie Swart, co-founder and programmer, Flickswitch: “Enterprise – in a word: leverage. Open source at its best taps into the combined output of groups of experts. This supercharges teams within the enterprise because you get more done when you are focusing on integrating good existing parts, and building less from scratch.  On an individual level it’s difficult to quantify the benefits of open source as it quietly and unassumingly touches a lot of the technological landscapes that we take for granted. But as an individual philosophy there is value in adopting a meritocratic, open, transparent, and secure world-view where you are more concerned with creating work than jealously guarding your ideas.”

Matthew Lee, regional manager – Africa, SUSE: “When open source software (OSS) started building momentum in the late 90s, much of the arguments in favour of it revolved around the fact that it was free to implement. Today, adoption is not so much about cost, arguments tend to focus on the flexibility to customise according to company (and industry)-specific requirements. Proprietary systems simply do not offer decision-makers the capability to integrate more fluidly into existing systems.

“According to the 2015 Future of Open Source Survey 65% of survey participants reported that open source fuels the competitive advantage of their enterprise. Reasons cited included; having better features than proprietary software, providing an easier path to deployment, and giving the organisation the best opportunity to scale to meet business demand. What’s more, an always open enterprise gives businesses more control of their IT infrastructure, as well as enables the deployment of critical IT services in physical, virtual or cloud environments over highly reliable, scalable and secure server operating systems.  Al this with increased uptime, better efficiency, and accelerated innovation – reducing the risk of technological obsolescence and vendor lock-in. No matter the user – whether an enterprise or an individual user, given that open source and open standards are a collection of efforts toward a common goal of advancing the adoption of technology – it provides better interoperability and ultimately choice.”

Steve Davies, technical director, Connection Telecom: “In my view it is important to remain clear that ‘open source’ does not necessarily imply ‘software for free’. Open source is often described as ‘free as in freedom’, as opposed to ‘free as in beer’. Whilst open source software is often available without charge, some open source software is definitely not free. Users of open source software of course like to get software for free. But the key value of open source is not a matter of rands and cents.  Connection Telecom’s services are all built around open source software. Some of that software is free-as-in-beer, but key components are licensed at a significant cost. But, in this case, still with open source. We could not imagine building our services any other way – we are so accustomed to having source available that it is quite shocking when we face an issue with a closed-source product and can’t fix it ourselves.”

Adrian Schofield, vice-chairman, Africa ICT Alliance:”Without open source software, the ICT world would be a poorer, more limited environment. While there is no doubt that the proprietary vendors have produced and still produce valuable software, the proliferation of the open source methodology introduced competition and more affordable applications. In the years since the first open source programs appeared in the market, the sophistication, usability and scalability of open source products has improved in leaps and bounds.”

Frits Kok, CTO, Adroit Technologies: “Open source is both an overarching development method as well as a comprehensive term for software that is made available for free in both binary and source code formats. As a development method, open source offers an alternative or complementary development paradigm, using the ubiquitousness of the internet for information technology ventures, both to the individual and enterprise when sharing ideas, source code and even project or product experience.”

Is open source software only important for computer programmers?

“The concepts of open source have been translated into other areas: ‘creative commons’ licensing of books and similar material comes to mind. The sharing culture has grown up with open source,” says Steve Davies. “Any organisation using software – and which organisation doesn’t – has been a massive beneficiary of open source. Any technical product that you care to mention is likely to contain open source software or has been created with the aid of open source. Your flat-screen TV, your Explora, your ADSL modem, your phone, your Mac, your Windows machine, even your microwave oven – the vast majority contains a Linux operating system and other open source projects. The massive proliferation of such devices is precisely because open source projects give the manufacturers such a huge leg-up in their product development.”

Matthew Lee agrees he says “today the benefits far exceed invaluable learning and personal customising opportunities for programmers and different people/users receive a variety of benefits from open source software. In fact, general users, while not interested or technically savvy in terms of editing the source code, can still benefit from the open source community which provides rapid bug-fixing and even improved security. Extending this further – the organisation – where in many cases open source has become an integral part of their technology strategy. With the rise of cloud computing, big data, and even social networking, open source is becoming recognised as the way of the future, as not only can businesses customise the software to attain efficiency which actually suit their own practices, but they can also protect themselves from vendor lock in – this allows them to distance themselves from being at the mercy of commercial requirements and development cycles.”

There was a general consensus amongst the panel that open source benefits everyone. Dr. Louis Coetzeeput it concisely: “Open source is a comprehensive ecosystem providing components and solutions for a vendor, commercial company, enterprise and individual end-user. Two important aspects that open source provides are the freedom to choose and the freedom to innovate without boundaries. It is this combination which has led to products such as Android which is utilised by companies such as Samsung, LG and Asus to name just a few. Open source allows for innovation which can lead to products and services. Furthermore applications created with open source can often be used as drop-in replacements for commercial programs; as an example LibreOffice replacing Microsoft Word, thus containing cost. The European Telecommunications Standards Institute (ETSI) believes that standardisation and open source are complementary and not competitive.”

“It depends on the context”, says Frits Kok. “The ‘open’ part of open source can include the fact that the standards are not cast in stone. A certain open source group may prefer one standard over another, even within the same technological space i.e. the best standard for a network protocol, or the best standard for an image format. There are various standards for which different open source solutions are available – whether it is an implementation of HTTP, SSL or PNG vs GIF (in some cases the standard was not ‘open’, even if the implementation was, with GIF being a case in point that later lead to PNG).That being said, in this context, a standard is an agreement of implementation, which leads to more robust solutions for which various open source solutions can be made available. This is a good thing in my opinion.”

Derek Friend: â€œWith any game changing technology standardisation is key, and ETSI is paving the way to address these new challenges such as perceptions of open source doesn’t mean free but rather licence, and many other issues are faced by every R&D company across the world. The lines have been blurred between an open standards and open source and in my opinion, has become the field of new challenges for both private and public players. These new rules that are emerging will impact the definitions of open standards in the future.”

Adrian Schofield: “I am not even sure that this is a topic for debate, as it suggests that there might be competition between the two, when there is not. There are many environments where the adoption of mutually acceptable standards is simple good sense – which side of the road do we drive on, what voltage electricity supply we use, what frequencies are allocated for communications. However, use of the standards does not preclude the development of different tools that comply with the standards or can interface to other tools that also comply.”

Barney Buchan: â€œMany will argue that open source software is consistently better quality with fewer defects and bugs. There are many reasons for this – many sets of eyes on the code, strict coding standards for contributors and the mere fact that it’s open – people don’t want to show off badly written, poor quality code. We do contribution for an open source ESB, Warewolf ESB, and there are very tight controls on quality for a piece of outside work to be accepted into the codebase.

“In the long run, standardisation does not stand a chance if there is no support from the open source community. The more applications that are built, that support the standardisation proposal, the more dominant it will become and the greater the demand will be for other applications to conform.”

Gerrie Swart: “Measured agreement, with caveats. Truly ‘open’, collaborative, freely-available (i.e. openly published), interoperable standards can complement the open source way, but it’s not a given. Anyone can easily understand the value of standardisation because we live with its opposite daily: the gazillion incompatible types of printer-ink cartridges, vacuum cleaner bags, batteries, etc. Standards are no panacea, though. Also, some of the most widely adopted standards came about the ‘wrong’ way – by first getting things working, and then hashing out the standard when the need for it became apparent. Remember how long it took Netscape to submit JavaScript to a standards body?

“There is a continual, if glacial, shift towards openness in the wider corporate world – and to some extent I see the complementary nature of open source and standards more of an issue of our standardisation attempts learning to be accepting of open source ideals than vice versa. We need to learn how to create truly open standards that cannot be controlled by single entities or oligopolies if we want to apply the open source lessons to standardisation attempts.  Also visit: https://xkcd.com/927/.”

Is there a difference between the terminologies open source and OpenStack?

Matthew Lee says yes and no. “OpenStack is essentially open source and one of the fastest growing open source communities in the world. The only difference is that OpenStack is focused on producing open standard cloud computing platforms for both public and private clouds. So essentially, it is an open source infrastructure as a service (IaaS) initiative for creating and managing increased networking flexibility and improved operational efficiency to simplify private cloud infrastructure management.”

Derek Friend: “OpenStack software controls large pools of compute, storage, and networking resources throughout a datacentre, managed through a dashboard or via the OpenStack API. OpenStack works with popular enterprise and open source technologies making it ideal for heterogeneous infrastructures, such as cloud computing which is undeniably reshaping the computing and Internet landscapes. With breakthroughs being made in relevant service and business models, more cost-effective capacity, owing to innovation, cloud collaboration and the pooling of ideas among key players, people and companies will connect in better ways and we are only seeing the tip of the iceberg in development of IOT with this exciting mix we truly in for a connected exciting environment.

“Organisations initially bought full-priced software and prepared the necessary resources for the software, regardless of it being used or not. A good example of local open source software is Ubuntu software. Huawei is preparing to launch an operating system for the internet of things that’s just 10 kilobytes in size. “LiteOS” is the “lightest” software of its kind and can be used to power a range of smart devices — from wearable’s to cars. In the communications world what role can open source play in network virtualisation (NFV) and software defined networking (SDN).”

Gerrie Swart: “Open source software in the SDN and NFV space allows the telecoms industry to reduce its reliance on proprietary hardware. Having less rapidly-ageing monotasking boxes in your data centre means less support staff, less power requirements, and greater flexibility. Being vendor-agnostic allows networks to easily scale horizontally on demand and we’ll see an increase in this kind of elasticity and a move away from ‘building for peak capacity’. This in turn allows networks to balance cost reduction with agility. OSS projects like OpenContrail looks at cloud network service automation and is already used to provide virtualised SGSN/MME solutions running on X86 servers. Also, abstracting away the infrastructure can dramatically lower the complexity of building large-scale applications, so we will see an increasing focus on being application-centric and application-aware in our open virtualisation platforms, and there are already a number of open-source initiatives cognisant of the need to be application-aware. As performance increases and resource orchestration get better we will increasingly see network-centric OSS-based IaaS services: think mobile applications, video on demand, and so forth.”

Matthew Lee: “Many―if not most―major enterprises are experiencing enormous increases in the demand for storage and computing power. Few – if any – will have the budget to meet rising requirements that continue to outpace the growth in their budgets. This raises a difficult question for IT teams everywhere: how long is the usual approach of managing the install, upgrade, retire and replace cycle going to work? By now it should be obvious to all that the strategy of ‘build the data centre of the past’ isn’t going to deliver the data centre of the future. As a result, new models and approaches around NFV and SDN are being embraced and open source software and commodity hardware is playing a critical role here.  As the changes come through there is considerable risk for IT teams, who will need to be at pains to squeeze every penny from existing investment, make sound choices with new ones and wisely navigate the gap between vendor marketing messages, analyst hype and reality. In this foggy world though three things are clear:

• In the future a proportion of your compute power is going to be in public clouds, one way or another, sooner or later.
• Storage growth is massive and unsustainable. You are going to need to find a better, cheaper way of doing it, and that way is going to need to work in harmony with your compute decisions.
• Vendor lock-in is never a good idea. In a world where business models change, discovering you’re locked into a cloud provider might be one of the most unpleasant discoveries of your life.

“In 2015, a catalyst for the acceleration of enterprise adoption of software defined networking and network virtualisation will be driven by open source suites. The bottom line is that the general availability of open-source-based, software defined solutions from Linux vendors, like SUSE, marks the beginning of a new era of much more agile, scalable and cost effective options that will replace the traditional models of today.”

Derek Friend: “Over the past few years we have seen advances in technology and high-performance processing, organisations can now directly use the software SDN solutions to control network devices and allowing them to be controlled by a central platform. This application function (as-a-service) provided in the cloud without any awareness of the back-end infrastructure involved. Network functions virtualisation (NFV) is a network architecture concept that proposes using the technologies to virtualize entire classes of node functions into building blocks that may be connected to create communication services. Software defined networking (SDN)  is an approach to computer networking that allows network administrators to manage an cloud network services recently found in cloud /virtualised data centre environments.  NFV is highly complementary to SDN network functions virtualisation and can be implemented without a SDN being required, although the two concepts and solutions can be combined.”

Because it is “open” are open source software and systems more vulnerable to security breaches. How are security compromises detected and who has the responsibility of solving them?

Steve Davies: “I feel that security is a swings-and-roundabouts area. In principle, since many developers can review an open source project’s source, security minded developers can spot security issues and put them right. A correction will follow and be contributed to the project. Developers are less likely to attempt short cuts since their peers will pull them up. Security researchers can also find issues and report them. Since a bug report is generally welcomed in an open source project it will usually be fixed by a community member. Users of open source are always able to fix the issue themselves in the source and that is in a way the social contract implicit in open source – that the responsibility for the source is carried jointly. Many users of open source who do not have the capability to see to the source maintenance do contract separately with organisations who specialise and who take on responsibilities in this area. Open source projects may have a challenge in deploying the security fix if their source has been widely adapted into products or other projects. In this case many projects may need to be updated. The community has a well-developed process by which ‘patches’ are pushed upstream and downstream to get fixes where they need to go. It’s worth considering what could happen in a closed source context:

• Security issues will not be detected by code reviews.
• Security issues may be found by researchers or customers. In this case, if they are reported to the vendor then the fix will quite likely be rolled into the next version. The vendor doesn’t feel the pressure since the issue probably isn’t publicly known.
• Customers or researchers may use public disclosure to pressure the vendor into a quick fix. This may be effective, but the quality of the fix cannot be independently reviewed.”

Barney Buchan: “Security is important for everyone. Developers who spend their lives writing code are probably more in touch with the issues, workarounds, best practices and general do’s and don’ts when it comes to security that most of us. Do you need to be aware that the code you are writing is open source and the public key you want to store in some random looking registry hive is available for everyone to find – yes. When you are writing closed source, do you need to be aware of the same thing – yes. Security is a mindset first and foremost. I think that a well-supported open source program is more secure than a closed source one that did the same thing. Simply because of all the eyes that have been on it, more compromises will be detected. As for who should fix it, well that’s simple, it’s yours if you found it.

Dr. Louis Coetzee:” “All systems are vulnerable. However, open source provides an opportunity where the community can continuously peruse the code and potentially identify vulnerabilities before an exploit occurs. Similarly, if an exploit has been made public, the community can contribute fixes and potentially have the exploit neutralised very rapidly.”

Adrian Schofield: “Sadly, we live in a world where people with evil intent devote their skills to the criminal destruction or appropriation of assets designed for the benefit of ‘ordinary’ citizens. The digital world is no different. As open source software has become more widely adopted, so the attempts to pervert its value have increased. I do not believe there is any greater or lesser vulnerability in open source versus proprietary but there is the same responsibility on the users to mitigate risk by implementing sensible precautions and to employ the available tools to detect and neutralise breaches.”

How do you see the future of open source?

Frits de Kok : “As an important, relevant and growing presence in the global Information Technology arena offering another alternative to the Individual and Enterprise when searching for software value.”

Gerrie Swart: “I see continued (and accelerating) adoption and acceptance of open source by enterprise. Increasing participation and use of open source software will see open source projects mature at a remarkable pace. Philosophically, I hope that some of the underlying tenets of open source will become accepted in the wider world. Open source shows us that there are no completely unique ideas – when you have large groups of bright people staring at the same data and same challenges, similar ideas for solutions form. That shows us that the value is not in an idea but in its execution. A worldview based on openness, transparency, and action rather than on fear of loss of control can only be good for us all.”

Derek Friend: “Despite the dynamic telecommunications market in Africa still being in its early stages of development, it is also one of the is one of the fastest-growing markets in the world, owing to progressive technological  and open source solutions. As with any game-changing solution, the ever-increasing shift into tomorrow’s network will require a host network savvy experts whose skills and knowledge will maintain and strengthen growth and development of the internet”.

Dr. Louis Coetzee: “Open source’s influence will continue to expand. Its model of openness and the freedom to innovate is continuously creating new opportunities and strengthening existing offerings. Open source is entrenched and is a key enabler for expansion of ICT and the internet. This in turn drives grass-roots contributions and innovation for all spheres of society and the market. As an example, cloud offerings were mostly proprietary with their associated costing model which in some cases were limiting. Through OpenStack (an open source offering), enterprises now have the ability to create private clouds and when needed move to public clouds, thus controlling their own expenditure. Furthermore, the expectation to create and make open source solutions is increasing. As an example, the European Union Horizon 2020 programme drives the release of research outputs as open source. These outputs contribute to a rich and diverse research community, able to build on prior work and thus create new solutions in a more rapid fashion. I anticipate that vendors will also increasingly use open source which in turn can drive their commercial offerings. From my viewpoint I believe that open source will continue to be a disruptive force, driving innovation and thus creating new opportunities.”

Adrian Schofield: “Open source software has become a mainstream method of developing applications in the 21st Century. Several of the established proprietary brands have accepted the role it plays and have adopted it as a development tool in some way. The consumers of software need to recognise that it takes time and effort to develop applications, for which some reward or remuneration must be paid to the developers. The open source environment does not remove this obligation, although it may change the framework of licencing and support agreements.”

Barney Buchan: “Open source is the future. The win-win philosophy of open source makes so much sense. Why not make everything available? We can all contribute and make it better for all of us to share in. When anyone in the world can bring their experience, wisdom and skills to a project then innovation simply happens naturally.”

Steve Davies: “From where I sit our experience is that open source is by far the dominant model for software development. I believe that it will continue and that open source will carry on winning ground over traditional closed source methods.”

Mathew Lee:”Well let’s just look at the stats: the market for Linux server operating systems is expected to grow 15% 1  annually to $2,2-billion by 2017; the market for Linux virtualisation and cloud software is expected to grow 22% 2 annually to $2-billion by 2017; the market for core storage software is expected to grow 6% 3 annually to $2,8-billion by 2017 and the Linux systems management software market is expected to grow 18% 4 annually to $1,1-billion by 2017.

These statistics are indicative of the fact that the growth trajectory of open source is expected to increase significantly in the next two to three years and there is no escaping or denying the impact that open source is having in the enterprise. Open source gives enterprises control of their IT infrastructure. By providing the option of best of breed solutions for heterogeneous environments, freeing enterprises from vendor lock-in with open technologies – it gives enterprises the smarter innovation they need to succeed. I believe open source will help companies compete more effectively, today and tomorrow.”

I trust that you enjoyed reading our panellists’ comments and views as  much as I enjoyed putting them together. Amongst the experts, Open source coupled with Open standards is clearly the preference.  What is your view on this?  Email me on hans.vandegroenendaal@ee.co.za.

Thank you to the panellists for sharing their views and experiences with EngineerIT readers. Your contribution is much appreciated.

[1] IDC WW Software Tracker and IDC Software Forecaster, May 2013; WW Linux Client and Server Operating Environments 2013-2017 Forecast and 2012 Vendor Share, IDC #242635, August 2013
[2] Worldwide Virtual Machine and Cloud System Software 2013 to 2017 Forecast, IDC #245085, Dec 2013; Worldwide Virtual Machine and Cloud System Software 2012 Vendor Shares, IDC #243087,Sept 2013
[3] Forecast: Storage Software Markets, Worldwide, 2010-2017, 4Q13 Update, Gartner, 16 Dec 2013
[4] Worldwide Change and Configuration Management Software 2014 to 2018 Forecast, IDC #247254, Mar 2014; Worldwide Change and Configuration Management Software 2012 Vendor Shares, IDC #241100, May 2013.

 Full article at 

https://www.ee.co.za/article/virtual-panel-discussion-open-source.html