EclipseCon2008: The Dod, Open Source, and OSGi as Server Infrastructure
-
Upload
kit-plummer -
Category
Technology
-
view
1.945 -
download
2
description
Transcript of EclipseCon2008: The Dod, Open Source, and OSGi as Server Infrastructure
© 2008 by Kit Plummer; made available under the EPL v1.0 | Thursday, March 20, 2008
The DoD, Open Source, and OSGi as a Server Infrastructure
Kit Plummer Gestalt, Now Part of Accenture
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
The Story
• The U.S. Department of Defense and Open Source As a Consumer As a Producer Intra-Contractor
• The Experiment(s) JBI Components rVooz Tactical SOA
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
Consuming OSS in the DoD…
• Reduced Federal budget(s) • Shortened to-field cycles • Contractor competition • Lines of Code paid for by the DoD?
~ 34 Million SLOC in SOSCOE (Future Combat Systems)
• http://en.wikipedia.org/wiki/Use_of_Free_and_Open_Source_Software_(FOSS)_in_the_U.S._Department_of_Defense
• Current policy says FOSS and COTS are the same (2003)
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
Consuming Continued
• “When we rolled into Baghdad, we did it using open source…it may come as a surprise to many of you, but the U.S. Army is “the” single largest install base for Red Hat Linux. I'm their largest customer.” [General Justice, U.S. Army]
• Is this really that exciting – from an Open Source perspective?
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
Producing OSS for the DoD…
• Ball Aerospace’s BallForge.net Opticks
• Delta3D (Naval Postgraduate School/Alion) • Foremost (USAF) • SELinux (NSA) • Hmmn. That’s it?
Yep, at least that are public about their sponsorship
Take a cue from NASA: http://opensource.arc.nasa.gov/
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
Who owns the software developed by U.S. dollars?
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
Government Purpose License Rights
• http://www.dtic.mil/dtic/submitting/copyright.html
3) Is this a document produced by work done under Government contract? If yes, the contractor usually owns the copyright and the Government has certain rights to the work. Generally the Government has unlimited or Government purpose rights and may reproduce and distribute the work.
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
Software Reuse Inside (Company Walls)
• Breaking down stovepipes Reference architectures Open standards
• Cross-contract reuse
• DYK, technologies are not encouraged to be reused once contracts are awarded? Some projects/programs must be implemented from scratch, by contract.
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
Why Not For …
• Future Combat System (FCS) System of Systems Common Operating Environment
(SOSCOE)
a modular, open-architecture approach "that allows us to incrementally develop, test and validate software capability as we go.” says Dennis Muilenburg, GM of FCS at Boeing.
How much do you think Boeing is getting paid for those 34 millions lines?
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
U.S. Income Tax Payers?
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
Government Spending Stats (2007)
Source: http://www.usaspending.gov/fpds/fpds.php?reptype=a&database=fpds&mod_agency=M97&mod_fund_agency=&PIID=&psc_cat=D&psc_sub=All&contractor_type=&descriptionOfContractRequirement=&compete_cat=&dollar_tot=&fiscal_year=2007&first_year_range=&last_year_range=&detail=-1&datype=T&email=
• 3% of DoD Budget Spent on DPS
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
3% == $8,500,000,000
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
More numbers… Source:� http://www.usaspending.gov/fpds/fpds.php?
reptype=p&database=fpds&mod_agency=M97&mod_fund_agency=&PIID=&psc_cat=&psc_sub=1430&contractor_type=&descriptionOfContractRequirement=&compete_cat=&dollar_tot=&fiscal_year=2007&first_year_range=&last_year_range=&detail=-1&datype=T&email=
• $55,000,000 On Guided Missile Remote Control Systems
Source: http://www.usaspending.gov/fpds/fpds.php?reptype=p&database=fpds&mod_agency=M97&mod_fund_agency=&PIID=&psc_cat=&psc_sub=All&contractor_type=&descriptionOfContractRequirement=Software&compete_cat=&dollar_tot=&fiscal_year=2007&first_year_range=&last_year_range=&detail=-1&datype=T&email=
• $1,250,000,000 • On Software-centric contracts
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
Open Source and
National Security?
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
Security? • It is true that many DoD software projects are “classified”.
Why? Is the entirety of that 34 million lines worth protecting? And, from whom are you protecting it?
• Jim Stogdill asked at a DoD Open Technology Conference: “Are you prepared for the moment when open software, developed under government contract, is forked by the Chinese for their use?”
• It is, without a doubt, a hard problem for anyone to understand – let alone resolve.
Thanks Jim for being bold. http://www.slideshare.net/jstogdill/open-source-in-the-dod-build-it
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
Open Technology Development
• Roadmap http://www.acq.osd.mil/jctd/articles/OTDRoadmapFinal.pdf Open standards Open architecture Open source?
• U.S. Navy & SHARE “The Navy will acquire only systems based on open
technologies and standards. “ Vice Adm. Mark Edwards, deputy chief of naval operations for communications stated March 6, 2008
https://acc.dau.mil/GetAttachment.aspx?id=135208&pname=file&lang=en-US&aid=26859
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
Government Funded OSS / Collaboration
• Literal Open Technology Development
• Producing Open Source Solutions Cross government – commercial collaboration Learn what the affects of Patents and IP-constraints are
Community is a positive byproduct
• So, we’ve received permission to experiment
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
A Few Experiments…at Gestalt
• Objective: socialize “producing” Open Source as a standard practice for systems with common attributes (Open Technology Development)
• Started Simple JBI Components for OpenESB and ServiceMix
XMPP Binding Component RSS Binding Component
• Community Contributions OpenESB / JCP
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
Results
• Cultural shifts Agile Methods (Scrum) Blogging Participating in Open Source projects (personal
time) - Contributing
• Retention tool
• The Air Force is now competing with Google for hires.
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
From Scratch Open Source
• On the U.S. Government’s Nickel • The Same Deliverables as a proprietary path • We maintain copyright (via accepted OSS licenses)
• The Problem: Contextual Collaboration A priori knowledge of those with a shared interest How to cross system interfaces Communication types Manage security policies and parameters
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
rVooz Operational View
TOC
JFC
AOC
rVooz Service
TCP/IP
Target/Geo Location
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
Non-Defense Use Cases
• Eclipse plugin Project/file/code linking
• Ridesharing Geo linking
• Consumer information collaboration Product linking
• Search engine extension Research linking
• Medical/Patient diagnosis/symptmn repository Symptom – solution linking
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
rVooz is Born
• A “server” platform Modularity to support n-types of different context
Geo String XML
• Java Existing frameworks
Spring ESBs (ServiceMix, OpenESB)
• Name is a silly play on “rendezvous”
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
System Components
• Clients Apps that generate and register context
• Gateway Server-side front-end
• Matching Engines Search for matches, produce a product (Contextion)
• Voozers Apps that consume the Contextion Can be plugins to systems
XMPP, VoIP, IRC Or, can be the same Client that registered the context
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
OSGi?
• Seems like the perfect opportunity • Server-side evolution • Equinox, Felix, or Knopflerfish? • Or, All the above?
• Dynamic loading (hot-swap) • Extensible • Service registry
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
External Interfaces?
• HTTP • JMS
Ultimately gave up on
• Jetty Servlet provides context registration Servlet provides match fetch interface
• XSDs for Context and Contextions JAXB
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
Internal Interfaces
• Bundles Context Processor (a gateway) Geo Matching Engine String Matching Engine
• OSGI Service Registry Java interfaces
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
Reality Check
• Data life • Data store • Scalability • Security (HTTP, really Jetty)
• Development Process Pains Eclipse Maven Bundles Testing
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
Requirements and Options
• Software as a Service • Internet scalability • Security
• Languages • Frameworks • Architectures
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
Redirect
• Ruby on Rails Too much free stuff to not take
• Web app -> Service Maintain modularity with REST Interfaces “Tierless”
• Web 2.0ish User facing services Developer facing services (programmable web) & APIs
• We’ll release a live service as soon as we deliver the “goods” to our customer.
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
SOA is the holy grail of buzzphrases in the DoD tech-space.
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
SOA penetration in the DoD
• Pretty good buy-in to the hype. • Web services in Net-Centric Operations • Only in sanctuary data centers
• But, If SOA is about exposing data…
• Where is the data in this domain?
• The “Edge”.
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
OSGi on the Server Side?
• Obviously yes…simply based on the presentations here
• What if every “device” is a server? • Even more obvious, if you ask me. This is the “Edge”.
• Return to OSGi’s “embedded” roots with the Server in mind.
• Might be a bit of a different direction for the mainline.
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
Exposing Devices
• Pretty easy Web services (SOAP) REST XML-RPC
• Keep in mind that these devices might be resource constrained
• More importantly the transport/network will be constrained
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
Modularity
• Not just software
• Component-based hardware is right there too
• BUG Labs – style interfaces between the hardware and software
• Have to be careful as modularity complicates accreditation and certification
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
What will it take?
• Security, Security, Security MILS/MLS
Auditing - Policies DO-178B
Standard for life-critical systems • Realtime Java?
• Successes – on any scale
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
Open Source and the DoD?
Imagine a Java and OSGi-based environment, with applications development by “Us”, running on the Distributed Targeting Processor of an F18.
The DoD, Open Source… | © 2008 by Kit Plummer; made available under the EPL v1.0
Questions?