What are the risks of failing to consider the use of OSS components or approaches?
For the DoD, the risks of failing to consider the use of OSS where appropriate are of increased cost, increased schedule, and/or reduced performance (including reduced innovation or security) to the DoD due to the failure to use the commercial software that best meets the needs (when that is the case). It also risks reduced flexibility (including against cyberattack), since OSS permits arbitrary later modification by users in ways that some other license approaches do not. In addition, ignoring OSS would not be lawful; U.S. law specifically requires consideration of commercial software (including extant OSS, regardless of exactly which license it uses), and specifically instructs departments to pass this requirements down to contractors and their suppliers. DoD contractors who always ignore components because they are OSS, or because they have a particular OSS license they don’t prefer, risk losing projects to more competitive bidders. If that competitor’s use of OSS results in an adva
Related Questions
- An application using peered AWT components can only use logical font names. What are the advantages and disadvantages of these four approaches?
- What are the risks of failing to consider the use of OSS components or approaches?
- Can DoD Components validate information received from the private sector as PCII?
