How open source development provides a roadmap for digital trust, security, safety, and virtual work

365

Introduction

During COVID-19, we’ve all seen our daily lives, and those of many of our colleagues, friends, and family around the world completely changed. Many are adjusting to working from home and homeschooling their children, or caring for family and those with the virus. At the same time, billions worldwide are connected, sharing, and working together virtually despite their daily routines and working arrangements changing drastically. 

While there’s no disputing that the pandemic will dominate our collective attention for months to come, it’s a natural time to reflect on what is essential. It’s also a natural time as open source developers to consider how we should prioritize the most impactful work, and collaborate on technology development that can influence our world, for the better, after COVID-19. 

We’ve seen an uptick in interest around open source, in particular, as a means of helping humanity through these challenging times. What better way to solve a problem that affects all of us, collectively, than to share and build solutions to our problems, together? 

Here we outline the trends we’re seeing shape technology development in this unprecedented time. We believe this can also provide insight into what a post-COVID world may look like. 

Open collaboration embraces remote work and provides a guide for others

Open source developers have always fostered a sense of adaptability. It’s always been a critical skill needed to work on any open source project — we’re ready to meet the challenges of this moment. All of us hope for a quick return to normalcy, but we know that it will likely be months (hopefully not years). 

The Linux Foundation is also conscious of the economic reality facing the world as economists and accountants tally the cost of this pandemic. Like our communities, we are seeking to optimize for a new reality, but also working to redeploy and transition employees into new areas to fill in gaps where they can be most helpful to our communities. 

Open source communities during this time have been resilient. Open source software development by its very nature happens, and thrives, amongst a distributed group around the world. Many individuals in our communities are already working in a distributed virtual environment on their open source collaboration efforts.

Open source communities are still moving forward. As the world quickly migrated to virtual work environments, the online developer communities familiar with working together virtually had a pretty smooth transition, or in some cases, no disruptions at all. We are seeing many open source communities push forward despite all the challenges around them at home and in their local communities. Given their experience working in virtual environments, many open source community members and organizations are sharing their best practices and helping others adapt to working virtually. 

Developers helping coronavirus response with open source software and hardware solutions

It’s uplifting to see so many in our community contributing to the fight against this virus, whether it be providing supercomputer access to scientific researchers, open source personal protective equipment (PPE), offering bots to help people assess their symptoms, empowering doctors with access to diagnostic tools, supporting families struggling to transition to work and school from home, or contributing to relief efforts. We’ve also seen the medical industry and open source coming together to solve problems, such as an OpenLung project. As locals are starting to “reopen,” contact tracing will become critical, and we’re seeing communities form to address contract tracing application needs.

Governance and trust through applied open source governance models

We believe that the broader technology industry can use open source governance models to address more widespread industry challenges that could not be as easily solved with more traditional, proprietary solutions. Many blockchain open source software projects have arisen over the last few years that are now ready to support industry ecosystem and utility networks. We see early adopters moving beyond just software to addressing challenges with trust and verification in blockchain systems in our recently announced Trust over IP project.

In open source software communities, many organizations leverage nonprofits like the Linux Foundation to have a neutral home for an open governance model that no one company in the industry controls. We see a trend that those same principles apply in the case of the governance of an industry service built on blockchain technology with nodes contributed by multiple organizations. 

We expect to see initial governance communities emerge in 2020, focusing on identity and tracking and tracing use cases. Those initial communities will likely enable new applications and innovations that can be built on top of these industry and ecosystem platforms.

Open source at the edge of the network to address security, safety, and growth challenges

We’re also seeing trends of open source technologies becoming critical systems that are often viewed as the “last mile.” 

With open source becoming pervasive, we now have to think about these technologies as they support critical infrastructures. LF Energy and LF Networking are becoming more focused on economic and financial systems (see FINOS), and also safety systems (see ELISA).

Many other critical infrastructure systems have a severe impact if they fail. With open source software underpinning these critical systems, we need to figure out how to manage these systems. To succeed, our members started with identifying and tracking what software is in a system (see SPDX) and how to maintain software over a very long lifespan (see  Civil Infrastructure Platform). 

Additionally, LF Networking & LF Edge are seeing a significant uptake in Developer contribution as 5G, Edge, IoT, and Network Automation become increasingly crucial in the enterprise.

Securing the software supply chain

Beyond identifying the software (open source or not) in a system, the software supply chain deserves more security attention. We started exploring this issue within our Core Infrastructure Initiative and its Census I and Census II studies, and the practical challenges of managing supply chains in our OpenChain project. Looking out through the end of the year, we expect to explore the problem from the perspective of maintainers. We hope to see additional resources to help fix broken projects, increase the adoption of standards, and help address the entire challenge’s entirety. A challenge this large requires the community to come together and focus its efforts on solving security problems, together. We think the industry is ready and able to take this on.

Embracing and creating open standards

The fourth trend we’re looking at this year is a convergence of standards and open source. This trend has been increasing over the past few years, but we’re now at a point where organizations better understand where standards play a role and where open source plays a role. Standards development is a collaboration that can happen with open source implementations, often trailing an open source implementation, open source software development has turned conventional standards development upside down — and inside out. 

Within the Linux Foundation ecosystem, we have open technical communities building software and specifications. We also have communities that have identified interoperability points, processes, or frameworks for technology or managing technologies, that all benefit from being formally written as specifications. Standards are a natural next step in their journey as ecosystems coalesce around a common specified way of doing things. This year started with the Joint Development Foundation (JDF) being approved as an ISO PAS Submitter, making it possible for our communities to go from a specification repository to an international standard. We expect to see many more communities forming that is focused on a hybrid of standards and open source development. 

In addition to its work with the JDF, LF Networking also has a great collaboration with other established standards development organizations to ensure harmonization of specifications and code in the open source projects that facilitate deployment for carriers globally. 

Conclusion: Life after defeating the virus

Finally, the last trend we wish to highlight goes back to the beginning of this article — we see a pattern of our communities adapting to help society move forward in the face of a pandemic. I’ve already covered some of the COVID-19 response initiatives above, but this is a different point.  

We’re seeing a shift to virtual events, remote work cultures, virtual “happy hours,” and other means of productively working together, virtually. Many of these practices will stick with us post-pandemic. Our organization is already exploring how to use virtual events to augment future physical events (yes, they will exist again). 

Virtual conferences may be a great path to offering more inclusive events where those of us unable to travel to an event physically can still find a way to participate at some level. We’re seeing the impact of virtual training and certifying professionals in freely available open source technologies — and it has a real impact on job prospects and employment. Virtual testing proctors have become an effective way to certify professionals. Similarly, virtual platforms can help facilitate mentorship and enable less experienced developers to find and connect with more skilled developers willing to lend a hand.

The coronavirus has opened the world’s eyes to the needs of systems and plans for pandemic situations. This year we will likely see technology communities and organizations adapt and develop the “playbook” for how the world does business in the face of a pandemic. But many of those practices will likely stay with us long after we defeat COVID-19. 

The post How open source development provides a roadmap for digital trust, security, safety, and virtual work appeared first on The Linux Foundation.