David A. Wheeler's Blog

Fri, 16 Sep 2011

Off-the-Shelf (OTS) Software Maintenance Strategies

Off-the-shelf (OTS) software is simply software that is ready-made and available for use. Even when you need a custom system, building it from many OTS components has many advantages, which is why everyone does it. OTS works because you can save money and time, increase quality, and increase innovation through resource pooling.

However, people can get easily confused by the many different ways that off-the-shelf (OTS) software can be maintained. Terminology varies, and there hasn’t been an obvious way to describe how these different approaches are related. In 2010 I chatted with several others about how to make this clearer, and then created a picture that I think clarifies things. My thanks to helpful critiques from Heather Burke and John Scott. So here’s the picture, followed by a discussion on what it means.

Off-the-Shelf (OTS) Maintenance Strategies

If OTS software is commercial, it’s commercial OTS (COTS) software. By U.S. law, any software is commercial if it is (1) sold, licensed, or leased to the public, and (2) has a non-governmental use. There are two kinds of COTS software: Open Source Software (OSS) and proprietary software. OSS, put briefly, is software whose licenses give users the freedom to run the program for any purpose, to study and modify the program, and to redistribute copies of either the original or modified program (without having to pay royalties to previous developers). Yes, practically all OSS is commercial.

OTS can also be retained and maintained internally by an organization. For example, the U.S. government develops and maintains some software internally. In the U.S. government world, such software often called government OTS (GOTS). This figure shows things from the point of view of the U.S. government, but if you work with some other organization, you can think of this figure with your organization in the place of the U.S. government. (Maybe this should be called “internal off-the-shelf” or “IOTS” instead!) The idea here is that any organization can have software that it controls internally, and view as internal OTS software, as well as the COTS software that is available to the public.

There are various reasons why the government should sometimes keep certain software in-house, e.g., because sole possession of the software gives the U.S. a distinct advantage over its adversaries. However, there is also considerable risk to the government if it tries to privately hold GOTS software within the government for too long. Technological advantage is usually fleeting. Often there is a commercially-developed item available to the public that begins to perform similar functions. As it matures, other organizations begin using this non-GOTS solution, potentially rendering the GOTS solution obsolete. Such cases often impose difficult decisions, as the government must determine if it will pay the heavy asymmetrical cost to switch, or if it will continue “as usual” with its now-obsolete GOTS systems (with high annual costs and limitations that may risk lives or missions).

Either COTS or GOTS may be maintained by a single maintainer or by a community. In community maintenance there is often a single organization who determines if proposals should be accepted, but the key here is that the work tends to be distributed among those affected. An Open GOTS (OGOTS) project is a GOTS project which uses multiple-organization collaborative development approaches to develop and maintain software, in a manner similar to OSS. Some people use the term “Government Open Source Software” (GOSS) instead of OGOTS (in particular, GOSS for Govies uses the term GOSS instead).

GOTS (including OGOTS) is basically a special case of “gated software” with development inside a government. However, governments are bigger than most companies, and (in democracies) they are supposed to serve all of their citizenry, and those factors make them rather different than most other gated communities. Community development of proprietary software (“gated software”) outside governments is less common, but it can happen (historically some parts of Unix were developed this way). The term Open Technology Development (OTD) involves community development among government users (in the case of government developers), and thus it includes both OSS and OGOTS (aka GOSS).

I should note that I have a broad view of maintenance. I’ve often said that there is only one program — “Hello, World” — and that the rest is maintenance. That’s overstated for effect, but I believe there is a lot of truth in that statement.

This figure, and some of the text above, is in section 1.3 of the paper Open Technology Development (OTD): Lessons Learned & Best Practices for Military Software (also available via MIL-OSS), which is released under the Creative Commons BY-SA license. If you’re interested in more, please see the paper! The figure and some of the text are also part of “Software is a Renewable Military Resource” by John Scott, Dr. David A. Wheeler, Mark Lucas, and J.C. Herz, Journal of Software Technology, February 2011, Vol. 14, Number 1.

I hope this figure makes it easier to understand the different approaches for maintaining off-the-shelf (OTS) software.

path: /oss | Current Weblog | permanent link to this entry