In 1983, Richard Stallman created a Unix-like operating system called GNU (a recursive acronym for “GNU is Not Unix”) and released it under a license that provided certain rights for use and redistribution—an open-source license. Eight years later, a graduate student at the University of Helsinki, Linus Torvalds, created another Unix-like operating system, Linux, which he also made available for free. Both Linux and GNU are still widely available, and their evolution spurred the creation of many other open-source software (OSS) programs. By 1999, a prodigious open-source software developer, Eric Raymond, published his famous treatise, comparing the development of open-source software to the market conditions found in a bazaar, and describing the development of commercial software as a secret, almost religious experience [1]. The process and culture created by Stallman, Torvalds, Raymond, and others formed the basis for the open-source software movement.

OSS refers to any software that is available for free use, modification, and redistribution, provided the terms of one of many license models are followed. Open-source software is deployed throughout the world in academic, business, and government enterprises, and plays an important role in those settings where large software budgets are not possible, particularly in underdeveloped countries and in nonprofit organizations. Collectively, thousands of individuals contribute to open-source projects, as volunteers on their own time, and frequently with the support of their employers, who may indirectly benefit.

Much of the research involving OSS does not pertain directly to the processes or artifacts of OSS itself. Instead, a great deal of research uses OSS as a convenient model of “industrial-strength” software that can be easily accessed for analysis and testing. Open-source software is also widely used in the classroom, from grades K-12 through the undergraduate and graduate levels, and many papers have been written about the use of OSS in education. However, several important lines of research pertaining specifically to OSS have emerged over the years.

Research Line 1: Open-Source Adoption Decision-Making and Business Value Proposition

Open-source software has become a critical component of the IT infrastructure for most nonprofit and many for-profit enterprises. Most companies likely have some OSS deployed, perhaps unknowingly, even if its use is forbidden. For example, many “no open-source” enterprises use the Apache Tomcat Web server or employ open-source Java libraries. Linux; the JBoss Java application server; programming languages such as PHP, Python, and Ruby; and the MySQL database are some of the most widely deployed open-source applications.

The business value proposition for using OSS focuses on access to a large amount of “free” industrial-strength code. However, uncertainty in the obligations under a particular open-source license, concerns about the vitality of the open-source community supporting a particular application, and simple misunderstanding of the model often lead organizations to choose not to use OSS. Other objections stem from an inherent distrust of OSS quality. Some research, however, has shown that OSS can achieve quality levels beyond that possible with closed-source software, although there is other research to contradict that assertion.

There are many ways to use OSS in the enterprise, ranging from a few components to single applications, suites of related applications, and complete enterprise solutions [2]. OSS projects can be found in open-source repositories, most notably SourceForge. Much of the research, therefore, with respect to the OSS adoption decision, centers around assessing the compatibility of OSS in the enterprise, and on estimating the overall risk and return on investment of using OSS. Some of this research has led to the creation of open-source readiness models, in particular, those of Capgemini, Navica, and Spikesource/Intel/Software Engineering Institute (SEI)-West.

The research offers the following conclusions in this regard:

• There is no “one-size-fits-all” version for any OSS solution.
• Organizations need to carefully access open-source projects and fit the solution to the environment (not vice versa).
• Open-source readiness models can be helpful in achieving proper alignment.

Research Line 2: Legal Issues (Licensing and Intellectual Property)

There are more than 100 licensing models, claiming to be open-source variants, with widely varying rights and responsibilities. However, four licensing models, which originated in the 1990s, are by far the most prevalent:

• general public license (GNU GPL),
• GNU lesser general public license (LGPL),
• BSD license, and
• MIT license.

The differences between these and other licenses are important and sometimes nuanced; the study of these differences provides a ripe line of research. But generally, an OSS license allows unrestricted use of the software, requiring only that any derivative works be redistributed along with the source code, and that future users of the derivative work comply with the same license. Software patents can often clash with OSS if the latter somehow includes intellectual property that belongs to another party, a situation that can occur when the technological genealogy of an open-source project is murky. Therefore, certain research in OSS focuses on the issues of intellectual property rights, licensing implications, obligations, liability, criminality, legal strategy, and case studies.

Studies in this area provide the following guidance:

• The licensing model attached to an open-source project is an important consideration when electing to use OSS.
• The decision to adopt OSS is a technical decision, a project management decision, and a legal decision. All three entities in an enterprise need to be consulted.

Research Line 3: Qualities of Open-Source Software

Open-source software is often claimed to be superior to closed-source code in many ways, including having less defects. Eric Raymond famously asserted that, “given enough eyeballs, all bugs are shallow” [1]. But the research comparing various qualities—especially security, reliability, maintainability, and testability—of open-source to closed-source code, while vigorous, is sometimes inconclusive or contradictory.

Many of the difficulties comparing open- and closed-source code arise from the very different development process models and available documentation. Open-source software is developed in a highly evolutionary (some would say “agile”) process. Open-source development communities tend to not use test plans, testing tools, or code coverage concepts and tools (a random perusal of OSS projects will confirm this fact). However, there is evidence that defects are found and repaired faster than in closed-source software [3], perhaps because of the existence of open-source defect tracking tools like Bugzilla (www.bugzilla.org).

Research into open-source software quality is mixed. Some shows that OSS models can lead to improvement in certain software qualities. Some studies reach the opposite conclusion, and some are inconclusive. Evaluate OSS projects for quality on a case-by-case basis, and do not rely on generalities.

Research Line 4: Open-Source Community Characteristics

Raymond has compared the development of OSS to a bazaar, where large numbers of interested individuals congregate to contribute (code contributors are called committers) or to provide peer review of the wares in the market (in this case, testing and new feature recommendations for the software in the repositories [1]). A great deal of research, then, has focused on what motivates individuals to join such communities, how they are organized, the group dynamics, and governance structures. For example, Scacchi asserts that open-source communities form a highly adaptive but loosely coupled virtual enterprise, organized in a “layered meritocracy” with a usual team critical mass of five to 15 people [4]. OSS community cultures have even been likened to those of wasps and other swarming insects, in terms of the social network interactions [5].

The collective research in open-source community dynamics implies that the nature of the open-source community is important with respect to defect resolution rate, rate of new releases, and responsiveness to the user community. Open-source communities need to be evaluated when making the decision to adopt an open-source solution in the enterprise.

Research Line 5: Source Code Structure and Evolution

Because of the availability of source code, often over many years of releases, OSS repositories provide a convenient laboratory for examining relatively large and mature systems over time. For example, longitudinal studies of code structure evolution using any combination of dozens of metrics can be conducted [3]. Recent research has focused particularly on important projects such as Linux and Apache, but there is interesting work available on the evolution of games and other utilities.

Other artifacts, such as developer logs, bug reports, users manuals, and other documentation, can be studied (an approach termed “software archeology”) in order to discern interesting properties about the software or the community [6]. Data in public repositories make interesting research possible—for some projects, such at NetHack, a popular first-person Dungeons and Dragons-type of game, versions of the source code go back more than 20 years.

The research in open-source code structure and evolution is a mixed bag. Some shows that software structure becomes entangled over time, while other research shows that code structure actually improves over time. Again, do not rely on generalities with respect to the code structure qualities of OSS.

Research Line 6: Tools for Enabling OSS and Applications

Important software development tools have thrived in the OSS arena, including the scripting languages Perl, Python, PHP, and Ruby. Other useful developer tools released as open source include Ant and Maven for building applications; Hibernate, which acts as an object-oriented persistence layer for databases; xUnit for testing; CVS and Subversion for source code control; and Eclipse and NetBeans as integrated development environments. Software engineers also use the open-source Struts, which provides a framework in which an application can be built quickly using the model-view-controller architecture, and Swing, which provides a layered structure for managing (typically) business objects. The very nature of the collaborative “bazaar” has led to an unprecedented movement toward the creation of tools and libraries that are open to extension and highly interoperable [7].

Most of the research surrounding open-source tools mostly comprises case studies and project application reports of new tools. Some studies involve an analysis of the code structure, evolution, or community of the tool itself.

Research Line 7: Philosophical and Ethical Issues

The underlying proposition that software should be free to all raises philosophical and ethical issues surrounding software ownership, personal motivations, societal rights and obligations, and more. Several groups exist today that promote the development and sharing of OSS, notably the Open Group and the Free Software Foundation. While some for-profit companies have found ways to leverage free software to their advantage, other companies, primarily software vendors, either turn a willful blind eye to the importance of OSS, or outright attack it. Some have looked at the effects of OSS on the software industry itself [8]. The intersection of those issues for for-profit software vendors and the open-source community provides an interesting field for informed discussion and research.

As in any philosophical endeavor, the research in this area is diverse, including arguments promoting the open-source model (and its application in related areas, such as open access journals) or against the notion of using OSS in certain application domains.

Conclusion

There are more than 250,000 open-source projects, ranging from simple academic pursuits to games, programming languages, tools, and enterprise-level applications. Clones of many well-known desktop and enterprise applications are available in open source, and these have become important to small businesses, nonprofit entities, and even governments of small and poor nations. Clearly, OSS has important worldwide economic value, but OSS also presents a number of challenging and philosophical issues. It is definitely changing the way that software engineers think about software.

Future research in open-source systems is going to be needed to resolve many of these issues and challenges. Questions that need to be answered by research include: Is the economic incentive to contribute to open-source projects sufficient to drive innovation at a level attractive to for-profit enterprises? Will OSS remain largely in the purview of academicians and free software proponents? What are the motives for participating in open-source communities and can these be reconciled with loyalty to company and country? Is the security and reliability proposition for OSS strong enough for commercial applications and even secure government deployment? Is the quality of OSS better, worse, or the same as closed-source software? Will the for-profit companies that have sprung up around the open-source movement be able to survive and grow, or are they simply a momentary phenomenon?

Open-source software is always going to exist, but its technological role remains unresolved. OSS is too important to ignore, even in the commercial software world. Stay tuned for more changes to come.

Table 1: OSS terminology

Created: July 15 2008 Last updated: Apr 3 2011 Archived: Feb 6 2013