@conference {Hissam, title = {On Open and Collaborative Software Development in the DoD}, booktitle = {Seventh Annual Acquisition Research Symposium, {NPS} Proceedings -}, volume = {1}, number = {1}, year = {2010}, month = {04/2010}, pages = {219{\textendash}235}, publisher = {Naval Postgraduate School}, organization = {Naval Postgraduate School}, address = {Monterey, California}, abstract = {The US Department of Defense (specifically, but not limited to, the DoD CIO{\textquoteright}s Clarifying Guidance Regarding Open Source Software, DISA{\textquoteright}s launch of Forge.mil and OSD{\textquoteright}s Open Technology Development Roadmap Plan) has called for increased use of open source software and the adoption of best practices from the free/open source software (F/OSS) community to foster greater reuse and innovation between programs in the DoD. In our paper, we examine some key aspects of open and collaborative software development inspired by the success of the F/OSS movement as it might manifest itself within the US DoD. This examination is made from two perspectives: the reuse potential among DoD programs sharing software and the incentives, strategies and policies that will be required to foster a culture of collaboration needed to achieve the benefits indicative of F/OSS. Our conclusion is that to achieve predictable and expected reuse, not only are technical infrastructures needed, but also a shift to the business practices in the software development and delivery pattern seen in the traditional acquisition lifecycle is needed. Thus, there is potential to overcome the challenges discussed within this paper to engender a culture of openness and community collaboration to support the DoD mission.}, keywords = {collaborative development, open source software, reuse, software engineering}, url = {http://www.acquisitionresearch.net/cms/_files/FY2010/NPS-AM-10-037.pdf}, author = {Hissam, S. A. and Weinstock, C. and Bass, L.} } @article {Hissam, title = {Trust and vulnerability in open source software}, journal = {Software, {IEE} Proceedings -}, volume = {149}, number = {1}, year = {2002}, month = {02/2002}, pages = {47{\textendash}51}, chapter = {47}, abstract = {Software plays an ever increasing role in the critical infrastructures that run our cities, manage our economies, and defend our nations. In 1999, the Presidents Information Technology Advisory Committee (PITAC) reported to the United States President the need for software components that are reliable, tested, modelled and secure supporting the development of predictably reliable and secure systems that underscore our critical infrastructures. Open source software (OSS) constitutes a viable source for software components. Some believe that OSS is more reliable and more secure than closed source software (CSS)-due to a phenomenon dubbed {\textquoteright}many eyeballs{\textquoteright}-but is this truly the case? Or does OSS give the cyber criminal an edge that he would likewise not have? We explore OSS from the perspective of the cyber criminal and discuss what the community of software developers and users alike can do to increase their trust in both open source software and closed source software}, keywords = {closed source software, community of software developers, critical infrastructures, cyber criminal, open source software, PITAC, predictably reliable systems, predictably secure systems, software components, trust, users, vulnerability}, issn = {1462-5970}, doi = {10.1049/ip-sen:20020208}, author = {Hissam, S. A. and Plakosh, D. and Weinstock, C.} }