a:5:{s:8:"template";s:4781:"<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta content="width=device-width, initial-scale=1" name="viewport">
<title>{{ keyword }}</title>
<style rel="stylesheet" type="text/css">@charset "UTF-8";a,body,div,html,span{border:0;font-size:100%;font-style:inherit;font-weight:inherit;margin:0;outline:0;padding:0;vertical-align:baseline}html{-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}body{margin:0}footer,header{display:block}a{background-color:transparent}a:active{outline:0}a,a:focus,a:hover,a:visited{text-decoration:none} .ast-container{margin-left:auto;margin-right:auto;padding-left:20px;padding-right:20px}.ast-container::after{content:"";display:table;clear:both}@media (min-width:544px){.ast-container{max-width:100%}} html{box-sizing:border-box}*,:after,:before{box-sizing:inherit}body{color:#808285;background:#fff;font-style:normal}a{color:#4169e1}a:focus,a:hover{color:#191970}a:focus{outline:thin dotted}a:hover{outline:0}.screen-reader-text{border:0;clip:rect(1px,1px,1px,1px);-webkit-clip-path:inset(50%);clip-path:inset(50%);height:1px;margin:-1px;overflow:hidden;padding:0;position:absolute;width:1px;word-wrap:normal!important}.screen-reader-text:focus{background-color:#f1f1f1;border-radius:2px;box-shadow:0 0 2px 2px rgba(0,0,0,.6);clip:auto!important;color:#21759b;display:block;font-size:12.25px;font-size:.875rem;height:auto;left:5px;line-height:normal;padding:15px 23px 14px;text-decoration:none;top:5px;width:auto;z-index:100000}.ast-container:after,.ast-container:before,.site-content:after,.site-content:before,.site-footer:after,.site-footer:before,.site-header:after,.site-header:before{content:"";display:table}.ast-container:after,.site-content:after,.site-footer:after,.site-header:after{clear:both}::selection{color:#fff;background:#0274be}body{-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}body:not(.logged-in){position:relative}#page{position:relative}a,a:focus{text-decoration:none}a{transition:all .2s linear}.site .skip-link{background-color:#f1f1f1;box-shadow:0 0 1px 1px rgba(0,0,0,.2);color:#21759b;display:block;font-family:Montserrat,"Helvetica Neue",sans-serif;font-size:14px;font-weight:700;left:-9999em;outline:0;padding:15px 23px 14px;text-decoration:none;text-transform:none;top:-9999em}.site .skip-link:focus{clip:auto;height:auto;left:6px;top:7px;width:auto;z-index:100000}body{line-height:1.85714285714286}body{background-color:#fff}#page{display:block}.main-header-bar{z-index:1}.header-main-layout-1 .main-header-container{align-items:center}.site-header{z-index:99;position:relative}.main-header-container{position:relative}.main-header-bar-wrap{position:relative}.main-header-bar{background-color:#fff;border-bottom-color:#eaeaea;border-bottom-style:solid}.main-header-bar{transition:all .2s linear}.main-header-bar{margin-left:auto;margin-right:auto}.site-branding{line-height:1;align-self:center}.main-header-bar{z-index:4;position:relative;line-height:4}.ast-site-identity{padding:1em 0}body{overflow-x:hidden}.ast-footer-overlay{background-color:#3a3a3a;padding-top:2em;padding-bottom:2em}@media (min-width:769px){.ast-footer-overlay{padding-top:2.66666em;padding-bottom:2.66666em}}.ast-small-footer{line-height:1.85714285714286;position:relative}.footer-sml-layout-1{text-align:center}.footer-sml-layout-1 .ast-small-footer-section-2{margin-top:1em}.site-footer{color:#fff}.ast-flex{-js-display:flex;display:flex;flex-wrap:wrap}</style>
</head>
<body class="wp-custom-logo bb-njba ast-desktop ast-separate-container ast-right-sidebar astra-2.1.2 ast-header-custom-item-inside ast-mobile-inherit-site-logo ast-inherit-site-logo-transparent">
<div class="hfeed site" id="page">
<header class="site-header ast-primary-submenu-animation-fade header-main-layout-1 ast-primary-menu-enabled ast-hide-custom-menu-mobile ast-menu-toggle-icon ast-mobile-header-inline">
<div class="main-header-bar-wrap">
<div class="main-header-bar">
<div class="ast-container">
<div class="ast-flex main-header-container">
<div class="site-branding">
<div class="ast-site-identity">
<span class="site-logo-img"><a class="custom-logo-link" href="#" rel="home">{{ keyword }}</a></span> </div>
</div>
</div>
</div>
</div> 
</div> 
</header>
<div class="site-content" id="content">
<div class="ast-container">
{{ text }}
</div>
</div>
<footer class="site-footer">
<div class="ast-small-footer footer-sml-layout-1">
<div class="ast-footer-overlay">
<div class="ast-container">
<div class="ast-small-footer-wrap">
<div class="ast-small-footer-section ast-small-footer-section-2">
<div class="footer-primary-navigation">
{{ links }}</div> </div>
<div class="ast-small-footer-section ast-small-footer-section-1">
{{ keyword }} 2023</div>
</div>
</div>
</div>
</div>
</footer>
</div>
</body>
</html>";s:4:"text";s:24307:"It is far better to fix vulnerabilities before deployment - are such efforts occuring? As noted in FAR 27.201-1, Pursuant to 28 U.S.C. What is more, the supplier may choose to abandon the product; source-code escrow can reduce these risks somewhat, but in these cases the software becomes GOTS with its attendant costs. The 2009 DoD CIO memo on open source software says, in attachment 2, 2(d), The use of any software without appropriate maintenance and support presents an information assurance risk. The United States Air Force operates a service called Iron Bank, which is the DoD Enterprise repository of hardened software containers, many of which are based on open source products.  In some cases, export-controlled software may be licensed for export under the condition that the source code not be released; this would prevent release of software that had mixed GPL and export-controlled software. There are other ways to reduce the risk of software patent infringement (in the U.S.) as well: Yes, both entirely new programs and improvements of existing OSS have been developed using U.S. government funds. Rachel Cohen joined Air Force Times as senior reporter in March 2021. Direct deposit form. Many OSS licenses do not have a choice of venue clause, and thus cannot have an issue, although some do. This is in addition to the advantages from OSS because it can be reviewed, modified, and redistributed with few restrictions (inherent in the definition of OSS). One way to deal with potential export control issues is to make this request in the same way as approving public release of other data/documentation. Software developed by US federal government employees (including military personnel) as part of their official duties is not subject to copyright protection in the US (see 17 USC  105). DEPARTMENT OF THE AIR FORCE HEADQUARTERS AIR FORCE SPACE COMMAND GUARDIANS OF THE HIGH FRONTIER. Before award, a contractor may identify the components that will have more restrictive rights (e.g., so the government can prefer proposals that give the government more rights), and under limited conditions the list can be modified later (e.g., for error correction). Q: Where can I release open source software that are new projects to the public? However, the public domain portions may be extracted from such a joint work and used by anyone for any purpose. The CBP ruling points out that 19 U.S.C. Note, however, that this may be negotiated; if the government agrees to only receive lesser rights (such as government-purpose rights or restricted rights) then the government does not have the rights necessary to release that software as open source software. What it does mean, however, is that the DoD will not reject consideration of a COTS product merely because it is OSS. Proprietary COTS tend to be lower cost than GOTS, since the cost of development and maintenance is typically shared among a larger number of users (who typically pay to receive licenses to use the product). No, the DoD does not have an official recommendation for any particular OSS product or set of products, nor a Generally Recognized as Safe/Mature list. Unfortunately, this typically trades off flexibility; the government does not have the right to modify the software, so it cannot fix serious security problems, add arbitrary improvements, or make the software work on platforms of its choosing. DoDIN APL is managed by the APCO |  disa.meade.ie.list.approved-products-certification-office@mail.mil. Others do not like the term GOSS, because GOSS is not actually OSS, and they believe the term can be misleading. The DoD Antivirus Software License Agreement with McAfee allows active DoD employees to utilize the antivirus software for home use. Widely-used programs include the Apache web server, Firefox web browser, Linux kernel, and many other programs.  Yes, but the following considerations apply: As stated above, software developed by government employees as part of their official duties is not subject to copyright protection in the United States. As always, if there are questions, consult your attorney to discuss your specific situation.  Indeed, many people have released proprietary code that is malicious. Thus, Open Source Intelligence (OSINT) is form of intelligence collection management that involves finding, selecting, and acquiring information from publicly available sources and analyzing it to produce actionable intelligence. OSS projects typically seek financial gain in the form of improvements. Can the DoD used GPL-licensed software? The doctrine of unclean hands, per law.com, is a legal doctrine which is a defense to a complaint, which states that a party who is asking for a judgment cannot have the help of the court if he/she has done anything unethical in relation to the subject of the lawsuit. 75th Anniversary Article. See GPL FAQ, Who has the power to enforce the GPL?. Examine if it is truly community-developed - or if there are only a very few developers. The United States Air Force operates a service called &quot;Iron Bank&quot;, which is the DoD Enterprise repository of hardened software containers, many of which are based on open source products. Q: Does releasing software under an OSS license count as commercialization? MEMORANDUM FOR ALL MAJCOMs/FOAs/DRUs . The release of the software may be restricted by the International Traffic in Arms Regulation or Export Administration Regulation. See also DFARS subpart 227.70infringement claims, licenses, and assignments and 28 USC 1498.  Navy - 1-877-418-6824. Colleges &amp; Your Majors. Note that enforcing such separation has many other advantages as well.  Q: How does open source software relate to the Buy American Act? Open standards make it easier for users to (later) adopt an open source software program, because users of open standards arent locked into a particular implementation. Thus, components that have the potential to (eventually) support many users are more likely to succeed. OpenSSL - SSL/cryptographic library implementation, GNAT - Ada compiler suite (technically this is part of gcc), perl, Python, PHP, Ruby - Scripting languages, Samba - Windows - Unix/Linux interoperability. Others can obtain permission to use a copyrighted work by obtaining a license from the copyright holder. OGOTS/GOSS software is often not OSS; software is only OSS if it meets the definition of OSS. No. See the licenses listed in the FAQ question What are the major types of open source software licenses?. Public Law 115-232 defines OSS defines OSS as software for which the human-readable source code is available for use, study, re-use, modification, enhancement, and re-distribution by the users of such software. As explained in detail below, nearly all OSS is commercial computer software as defined in US law and the Defense Federal Acquisition Regulation Supplement, and if it used unchanged (or with only minor changes), it is almost always COTS. Fundamentally, a standard is a specification, so an open standard is a specification that is open. If the OSS is intended for use on Linux/Unix systems, follow standard source installation release practices so that it is easier for users to install. However, the required FAR Clause 52.212-4(d) establishes that This contract is subject to the Contract Disputes Act of 1978, as amended (41 U.S.C. Indeed, because a calculation of damages is inherently speculative, these types of license restrictions might well be rendered meaningless absent the ability to enforce through injunctive relief. In short, it determined that the OSS license at issue in the case (the Artistic license) was indeed an enforceable license. Air Force ROTC is offered at over 1,100 colleges and universities in the continental United States, Puerto Rico and Hawaii. Although the government cannot directly sue for copyright violation, in such cases it can still sue for breach of license and, presumably, get injunctive relief to stop the breach and money damages to recover royalties obtained by breaching the license (and perhaps other damages as well). U.S. law governing federal procurement U.S. Code Title 41, Chapter 7, Section 103 defines commercial product as a product, other than real property, that- (A) is of a type customarily used by the general public or by nongovernmental entities for purposes other than governmental purposes; and (B) has been sold, leased, or licensed, or offered for sale, lease, or license, to the general public . Other laws must still be obeyed. Yes, extensively. Many governments, not just the U.S., view open systems as critically necessary. Some more military-specific OSS programs created-by or used in the military include: One approach is to use a general-purpose search engine (such as Google) and type in your key functional requirements.  These prevent the software component (often a software library) from becoming proprietary, yet permit it to be part of a larger proprietary program. Commercially-available software that is not open source software is typically called proprietary or closed source software. This does not mean that existing OSS elements should always be chosen, but it means that they must be considered. This formal training is supplemented by extensive on-the-job training and accumulated hands on experience gained throughout the Service member&#x27;s career. It is usually far better to stick to licenses that have already gone through legal review and are widely used in the commercial world. Also, since there are a limited number of users, there is limited opportunity to gain from user innovation - which again can lead to obsolescence. It is impossible to completely eliminate all risks; instead, focus on reducing risks to acceptable levels. The Office of the Chief Software Officer is leading the mission to make the Digital Air Force a reality by supporting our Airmen with Software Enterprise Capabilities.We are enabling adoption of innovative software best practices, cyber security solutions, Artificial Intelligence and Machine Learning technologies across AF programs while removing impediments to DevSecOps and IT innovation. Failing to understand that open source software is commercial software would result in failing to follow the laws, regulations, policies, and so on regarding commercial software. Questions about why the government - who represents the people - is not releasing software (that the people paid for) back to the people. The usual DoD contract clause (DFARS 252.227-7014) permits this by default. In some cases access is limited to portions of the government instead of the entire government. The project manager, program manager, or other comparable official determines that it is in the Governments interest to do so, such as through the expectation of future enhancements by others. When the software is already deployed, does the project develop and deploy fixes? Q: Is open source software the same as open systems/open standards? A protective license protects the software from becoming proprietary, and instead enforces a share and share alike approach between parties. An OTD project might be OSS, but it also might not be (it might be OGOTS/GOSS instead). The MITRE study did identify some of many OSS programs that the DoD is already using, and may prove helpful. According to the U.S. Patent and Trademark Office (PTO): For more about trademarks, see the U.S. Patent and Trademark Office (PTO) page Trademark basics.  But what is radically different is that a user can actually make a change to the program itself (either directly, or by hiring someone to do it). If the project is likely to become large, or must perform filtering for public release, it may be better to establish its own website. Software might not infringe on a patent when it was released, yet the same software may later infringe on a patent if the patent was granted after the softwares release. Look at the Numbers! Delivers the latest news from each branch of the U.S . can be competed, and the cost of some improvements may be borne by other users of the software. Thus, complex license management processes to track every installation or use of the software, or who is permitted to use the software, is completely unnecessary. For advice about a specific situation, however, consult with legal counsel. This is not merely theoretical; in 2003 the Linux kernel development process resisted an attack. There is no DoD policy forbidding or limiting the use of software licensed under the GNU General Public License (GPL). Her work has appeared in Air Force Magazine, Inside Defense, Inside Health Policy, the Frederick News-Post (Md. Q: Is there a name for software whose source code is publicly available, but does not meet the definition of open source software? Under the current DoD contracting regime, the contractor usually retains the copyright for software developed with government funding, so in such cases the contractor (not the government) has the right to sue for copyright violation.  The following organizations examine licenses; licenses should pass at least the first two industry review processes, and preferably all of them, else they have a greatly heightened risk of not being an open source software license: In practice, nearly all open source software is released under one of a very few licenses that are known to meet this definition. At a high-level, DoD policy requires commercial software (including OSS) to come with either a warranty or source code, so that the software can be maintained when necessary by the supplier or the government. Since both terms are in use, the rest of this document will use the term OGOTS/GOSS. Perhaps more importantly, by forcing there to be an implementation that others can examine in detail, resulting in better specifications that are more likely to be used. Similarly, delaying a components OSS release too long may doom it, if another OSS component is released first. Some protocols and formats have been specifically devised and reviewed to avoid patents; using them is more likely to avoid problems. 923, is in 31 U.S.C. an Air Force community college and on 9 November 1971, General John D. Ryan, Air Force Chief of Staff, approved the establishment of the Community College of the Air Force. As of Jan. 21, the Air Force has administratively separated 111 active duty Airmen. Even where there is GOTS/classified software, such software is typically only a portion of the entire system, with other components implemented through COTS components. However, there are advantages to registering a trademark, especially for enforcement. OSS-like development approaches within the government. The red book section 6.C.3.b explains this prohibition in more detail. It states that in 1913, the Attorney General developed an opinion (30 Op. MEMORANDUM FOR ALL MAJCOMs/FOAs/DRUs . These licenses include the MIT license, revised BSD license (and its 2-clause variant), the Apache 2.0 license, the GNU Lesser General Public License (LGPL) versions 2.1 or 3, and the GNU General Public License (GPL) versions 2 or 3. Approved software is listed on the DCMA Approved Software List. Spouse&#x27;s information if you have one. References to specific products or organizations are for information only, and do not constitute an endorsement of the product/company. Headquartered in Geneva, Switzerland, it has six regional offices and 150 field offices worldwide.. Even when the original source is necessary for in-depth analysis, making source code available to the public significantly aids defenders and not just attackers. Consider anticipated uses. In that case, the U.S. government might choose to continue to use the version to which it has unlimited rights, or it might use the publicly-available commercial version available to the government through that versions commercial license (the GPL in this case). First of all, being a US firm has little relationship to the citizenship of its developers and its suppliers developers. The real challenge is one of education - some developers incorrectly believe that just because something is free to download, it can be merged or changed without restriction. OSS licenses can be grouped into three main categories: Permissive, strongly protective, and weakly protective. The term Free software predates the term open source software, but the term Free software has sometimes been misinterpreted as meaning no cost, which is not the intended meaning in this context. Thus, avoid releasing software under only the original (4-clause) BSD license (which has been replaced by the new or revised 3-clause licence), the Academic Free License (AFL), the now-abandoned Common Public License 1.0 (CPL), the Open Software License (OSL), or the Mozilla Public License version 1.1 (MPL 1.1). Numbered Air Forces. If it is an improvement to an existing project, release it to the main OSS project, in whatever format they prefer changes. DoD ESI is pleased to announce the Cybersecurity Multi-Award Blanket Purchase Agreements (BPAs) for Appgate, CyberArk, Exabeam, Fidelis Security, Firemon, Forcepoint, Fortinet, Illumio, LogRhythm, Okta, Ping Identity, Racktop Systems, RedSeal, Sailpoint, Tychon and Varonis Systems. The regulation is available at. (See also Free Software Foundation License List, Public Domain), (See also GPL FAQ, Question Can the US Government release improvements to a GPL-covered program?). Choose a widely-used existing license; do not create a new license. Patent examiners have relatively little time to review each patent, and do not have effective access to most prior art in software, which may lead them to grant patents for previously-published inventions or obvious inventions. The Secretary of the Air Force approved the activation plan on 25 January 1972 and the college was established 1 April 1972 at Randolph AFB, Texas.  Around the Air Force: Accelerating the Legacy, Expanding Cyber Resiliency, Poppy Seed Warning. Air Force - (618)-229-6976, DSN 779. The term has primarily been used to reflect the free release of information about the hardware design, such as schematics, bill of materials and PCB layout data, or its representation in a hardware description language (HDL), often with the use of open source software to drive the hardware. Even if an OTD project is not OSS itself, an OTD project will typically use, improve, or create OSS components. The DDR&E, Advanced Capabilities Modular Open Systems Approach web page also provides some useful background. An agency that failed to consider open source software, and instead only considered proprietary software, would fail to comply with these laws, because it would unjustifiably exclude a significant part of the commercial market. Contractors for other federal agencies may have a different process to use, but after going through a process they can often release such software as open source software. Q: Isnt OSS developed primarily by inexperienced students? Bases. For more discussion on this topic, see the article Open Source Software Is Commercial. Wikipedias Comparison of OSS hosting facilities page may be helpful in identifying existing hosting facilities, as well as some of their pros and cons. Peterson AFB CO 80914-4420 . However, if the GPL software must be mixed with other proprietary/classified software, the GPL terms must still be followed. OTD depends on open standards and interfaces, open source software and designs, collaborative and distributed online tools, and technological agility. However, often software can be split into various components, some of which are classified and some of which are not, and it is to these unclassified portions that this text addresses. Factors that greatly reduce this risk include: Typically not, though the risk varies depending on their contract and specific circumstance. You can support OSS either through a commercial organization, or you can self-support OSS; in either case, you can use community support as an aid. Examples of OSS that are in widespread use include: There are many Linux distributions which provides suites of such software such as Red Hat Enterprise Linux, Fedora, SUSE, Debian and Ubuntu. If you claim rights to use a mark, you may simply use the TM (trademark) or SM (service mark) designation to alert the public to your claim of ownership of the mark. Open source software is also called Free software, libre software, Free/open source software (FOSS or F/OSS), and Free/Libre/Open Source Software (FLOSS). Some have found that community support can be very helpful. .  Certification Report Security Target. 1.1.4. These formats may, but need not, be the same. Under the same reasoning, the CBP determined that building an object file from source code performed a substantial transformation into a new article. In particular, U.S. law (10 USC 2377) requires a preference for commercial products for procurement of supplies or services. This strengthens evaluations by focusing on technology specific security requirements. Thus, if there is an existing contract, you must check the contract to determine the specific situation; the text above merely describes common cases. February 9, 2018.  No, although they work well together, and both are strategies for reducing vendor lock-in.  1342, Limitation on voluntary services, US Government Accountability Office (GAO) Office of the General Counsels Principles of Federal Appropriations Law (aka the Red Book), the 1982 decision B-204326 by the U.S. Comptroller General, How to Evaluate Open Source Software / Free Software (OSS/FS) Programs, Capgeminis Open Source Maturity Model (OSMM), Top Tips For Selecting Open Source Software, Open Source memo doesnt mandate a support vendor (by David Perera, FierceGovernmentIT, May 23, 2012), Code Analysis of the Linux Wireless Teams ath5k Driver, DFARS subpart 227.70infringement claims, licenses, and assignments, Prior Art and Its Uses: A Primer, by Theodore C. McCullough, this NASA Jet Propulsion Laboratory (JPL) project became a top level open source Apache Software Foundation project in 2011, Geographic Resources Analysis Support System (GRASS), Publicly Releasing Open Source Software Developed for the U.S. Government, CENDIs Frequently Asked Questions About Copyright, GPL FAQ, Question Can the US Government release a program under the GNU GPL?, Free Software Foundation License List, Public Domain, GPL FAQ, Question Can the US Government release improvements to a GPL-covered program?, Publicly Releasing Open Source Software Developed for the U.S. Government by Dr.David A. Wheeler, DoD Software Tech News, February 2011, U.S. Code Title 41, Chapter 7, Section 103, follow standard source installation release practices, Open Source Software license by the Open Source Initiative (OSI), Free Software license by the Free Software Foundation (FSF), Many view OSS license proliferation as a problem, Serdar Yegulalps 2008 Open Source Licensing Implosion (InformationWeek), Open Source Initiative (OSI) maintains a list of Licenses that are popular and widely used or with strong communities, licenses accepted by the Google code hosting service, Producing Open Source Software: How to Run a Successful Free Software Project by Karl Fogel, Open Technology Development (OTD): Lessons Learned & Best Practices for Military Software, Recognizing and Avoiding Common Open Source Community Pitfalls, Releasing Free/Libre/Open Source Software (FLOSS) for Source Installation, GNU Coding Standards, especially on the release process, Wikipedias Comparison of OSS hosting facilities page, U.S. Patent and Trademark Office (PTO) page Trademark basics, U.S. Patent and Trademark Office (PTO) page Should I register my mark?, Open Technology Development Lessons Learned, Office of the Director of National Intelligence (ODNI) Government Open-Source Software (GOSS) Handbook for Govies, Military - Open Source Software (MIL-OSS) DoD/IC discussion list, Hosted by Defense Media Activity - WEB.mil, Open source software licenses are reviewed and approved as conforming to the, In practice, an open source software license must also meet the, Fedora reviews licenses and publishes a list of, The Department of Navy CIO issued a memorandum with guidance on open source software on 5 Jun 2007. ";s:7:"keyword";s:37:"air force approved software list 2021";s:5:"links";s:195:"<a href="https://dbstart.co.uk/nc8uuvof/punta-gorda-condos-for-sale-by-owner">Punta Gorda Condos For Sale By Owner</a>,
<a href="https://dbstart.co.uk/nc8uuvof/sitemap_a.html">Articles A</a><br>
";s:7:"expired";i:-1;}