UNCLASSIFIED Increasing Market Share with Open Source Solutions

UNCLASSIFIED Increasing Market Share with Open Source Solutions April 04, 2014 Authors: § § § Marcus D. Edwards, Systems Architect Christopher J. Morris, Software Engineer Dustin D. Baumgartner, Engineer Janine M. Brown, Systems Architect Robert D. Siegel, Fellow Engineer UNCLASSIFIED

UNCLASSIFIED Acknowledgements • We wish to thank the Northrop Grumman Corporation for its continued support and guidance through the years. 2 UNCLASSIFIED

UNCLASSIFIED Agenda • Increasing Market Share with Open Source Solution (OSS) Overview • OSS Case Studies • OSS Information Assurance (IA) & Licensing Considerations • OSS Benefits & Challenges • OSS Systems Engineering (SE) Process • Increasing Market Share with OSS 3 UNCLASSIFIED

UNCLASSIFIED Increasing Market Share OSS Overview UNCLASSIFIED

UNCLASSIFIED IMS OSS Briefing Scope OSS Mission Business Cases Requirements OSS Current State OSS Key Players OSS Do. D Guidance NG Interests OSS Success Case Studies OSS Misuse Case Studies Analysis of Alternatives (Ao. A) OSS Licensing Considerations OSS Benefits & Challenges OSS Training OSS IA Concerns OSS IP & Legal Concerns OSS Classification OSS Reuse OSS Elements of Success OSS SE Process Increasing NG Market Share The Complete OSS Storyboard 5 Topic of Primary Focus Topic of Secondary Focus De-Scoped Topic UNCLASSIFIED Logical Link

UNCLASSIFIED OSS Mission Statement The Department of Defense (Do. D) is advocating for the more frequent use of Open Source platforms and software. The use of Open Source allows for more capable and agile Do. D acquisition practices that reduce costs and improve schedule. Consequently, the procurement practices of the Do. D are evolving and requiring that the business capture strategy of the defense industry evolve as well. A number of companies have successfully integrated Open Source Solutions (OSS) on both classified and unclassified systems. The integration of OSS early in the systems development life cycle has proven to be critical to the success of these programs. OSS rapidly advanced the system’s capabilities, reduced development cost and improved schedule. The use of OSS has contributed to more profitable company programs, product lines and ventures. The OSS approach employs Systems Engineering principles to define a repeatable OSS process with proven elements of success. The OSS Process will reduce risks related to licensing, intellectual property and Information Assurance. A standardized industry-adopted OSS Process will better position companies for expansion into emerging markets built on the current and future needs of our customer. OSS Leading Paradigm Shift in the Defense Industry 6 UNCLASSIFIED

UNCLASSIFIED What is Open Source (OS)? There are many OS definitions… The one that matters is defined by the Do. D 7 UNCLASSIFIED Data Reference (1)

UNCLASSIFIED Google Android Case Study UNCLASSIFIED

UNCLASSIFIED The Rise and the Fall of Industry Titans Case Study: Google Android 2005 The Writings On The Wall 2011 Black & Blue Berry • Google acquires Android, Inc. • Black. Berry Market Share decline ~150% 2007 Nokia Controls the Market • Android 200% Growth • Android 47% Global Market Share • Symbian 64% Global Market Share • Apple i. OS Unveiled 2012 It’s New “Market” 2008 Android As-We Know It • • 2013 Too Little Too Late Google Android Unveiled 2009 The Apple Revolution • i. OS 200% Growth • Android 4% Global Market Share Android 600% Growth • Android 23% Global Market Share • Symbian converts to Open Source • Nokia drops Symbian • Android 65% Global Market Share • Market Annual Sales ~One Billion Units 2014 The King Arrives 2010 Google “Game Changer” • Android 59% Market Share • Registered Android devices top 1. 3 B globally • Microsoft rumored Open Source migration Landscape of $250 Billion Industry Shifted Dramatically in 7 Years 9 UNCLASSIFIED

UNCLASSIFIED The Rise of Android’s Global Market Share Case Study: Google Android’s Market Share grew by +1600% in 5 years 10 UNCLASSIFIED Data Reference (2 -23)

UNCLASSIFIED The Rise of Android’s Global Sales Volume Case Study: Google Android Global Smartphone Industry approaches a record setting Annual Sales Volume of 1 -Billion Units sold in 2013 11 UNCLASSIFIED Data Reference (2 -23)

UNCLASSIFIED OSS IA & Licensing Considerations UNCLASSIFIED

UNCLASSIFIED OSS Misconceptions & Misinterpretations Do. D reserves the right, appointed by Congress, to Veto any “Free-World Export” license 13 UNCLASSIFIED Data Reference (1)(27)

UNCLASSIFIED OSS IA & Licensing Considerations The Do. D Guidance clears the path for the broad government use of OSS 14 UNCLASSIFIED Data Reference (1)

UNCLASSIFIED Common Open Source License Types • OSS does NOT mean the software must be available to the public, a common misconception • Rather, if the open source software is delivered to a party, then that party must receive ALL source code used to build that software, if requested • Various licenses dictate how licensing terms are applied to the Open Source Software: Name GPL (General Purpose License) LGPL (Lesser GPL) BSD (Berkley Software Dist. ) “Freeness” Use GPL None BSD Modify Other GPL Very common, but using GPL OSS means your app is GPL, and must be FREE. LGPL Software that mods LGPL OSS must be FREE but can charge $ if uses it. BSD Maintains ©, 3 flavors, no FREE requirement MIT, Boost, Apache are similar CDDL Incompatible with GPL, allows better separation btwn. proprietary and open source. CDDL (Common Develop. & Distribution License) CDDL 15 UNCLASSIFIED

UNCLASSIFIED ES Tools for Managing OSS & Company IP Forge. mil LGPL 3 Open. Office GPL 3 Automate Security Tool Suite • External OSS Input Software Scans code for IP and vulnerabilities Tool findings Linux • Identifies and flags known OSS and proprietary code Android • Lists associated copyrights and licenses OSS User Source Forge Output Software • To protect IP, ES provides tool to entire sector q Reuse Library (RL) is a repository for storing vetted company developed code. • Responsible for adhering to licenses/agreements Tool Findings q Tools allows OSS user to scan their developed code for propriety and risks. • Reusable software w/ vetted OSS • License agreement requests q RL uses Tool to vet submissions. q RL submitters will be asked to provide confirmation of agreements to found licenses. Reuse Library • • • q Tools helps OSS users be aware of and comply with associated agreements. • Company Software • License agreements Company repository of reusable software Company IP MUST be protected License / Copyright agreements MUST be complied with Obligations / Agreements of Users MUST be noted Will restrict access to code that does not meet requirements Established OSS knowledge repositories exist and are currently available 16 UNCLASSIFIED

UNCLASSIFIED OSS Benefits & Challenges UNCLASSIFIED

Emerging Defense Industry Priorities Potential OSS Benefits & Challenges Benefits Challenges Independence Source Delivery System Improvements Awareness & Compliance § Removes reliance on proprietary solutions § Avoids the necessity of sole-source vendor contracts § § Reliability, availability, & maintainability (RAM) Stability Flexibility Technology refresh rate Lowered Costs § § § Distinct marking of Company IP, 3 rd Party IP, and OSS § Awareness and compliance with licenses and agreements § Documentation of associated licenses and agreements OSS Interoperability Development Life cycle management Maintenance System refresh Time § Do. D requirements for source delivery § Do. D selection criteria favoring source delivery § Clear interpretation of source requirements § Obsolescence § Maintenance § Overall mission (roadmap needs to be clear) § Reduced time to market § Quick reaction time for new opportunities Security Concerns § Agreements for OSS usage (unclassified vs. classified programs) § Assessment of OSS author and interface risk Do. D Aware of Open Source Potential and Seeking to Capitalize on OSS 18 Mark pages according to the proprietary level of information as described in Company Procedure J 103 (or remove)

UNCLASSIFIED OSS Intellectual Property & Legal Concerns Do. D Guidance clarifies the meaning of existing laws, policies and regulations 19 UNCLASSIFIED Data Reference (1)

UNCLASSIFIED OSS SE Process UNCLASSIFIED

UNCLASSIFIED OSS Systems Engineering (SE) Process Input Stakeholders § Customer § End-User (UX) § Company Considerations § Needs § Objectives § Requirements § Interfaces § Constraints Proven OSS Elements § Design Solutions § Design Data § Requirements § Cost Data § Use Cases § Verification & Test Process Output OSS SE Process* *Enterprise Process Currently Undefined System Architecture § Design § Interfaces § Performance Data § Baseline Documentation § Specifications § Trade Studies § CONOPS Execution Inputs § Master Plan/Sch. § Life Cycle Cost § Support Data Standards/Specifications Technology Base OSS SE Process = (Repeatable Process + Measurable Results)Benefit 21 UNCLASSIFIED Data Reference (24)

UNCLASSIFIED OSS Process Considerations Assess OSS Options Determine OSS with Potential Use in Company Products Conduct Security Evaluation of OSS Conduct License Evaluation of OSS Add OSS to Repository & Company Usage Policies Conduct SE Process Inform User to Pull OSS from Repository Obtain User Agreement to Understanding of OSS Licensing Restrictions/Rules Determine OSS to be Implemented Front-Loading OSS in the Development Life Cycle reduces Cost/Schedule 22 UNCLASSIFIED

UNCLASSIFIED Increasing Market Share with OSS UNCLASSIFIED

UNCLASSIFIED What are the Do. D Interests? Strategic Investments Do. D Budget Priorities for Fiscal Year 2014 Cyber Security Space Airborne ISR C 3 Industrial Base Energy OSS Direct Implication for the RDT&E and Procurement totaling $166. 8 B 24 UNCLASSIFIED Data Reference (25)(26)

UNCLASSIFIED Targeted Market Strategy Increasing Market Share with OSS Targeted Market Strategy § Leverage OSS to increasing Company Market Share for Cross Sector C 4 ISR & Logistics Technologies XYZ Corporation Sectors Marine Systems Radio Systems Visual Systems IT Services Under Water Systems FM Systems Visual Solutions Logistics System Submarine Systems AM Systems EO Systems Logistics Services Ridge Systems Wi. Fi Systems IR Technologies Logistics Training Planning & Technology Radio Research SAR Systems OSS meets Do. D Visual & IT needs across XYZ Core Business Areas 25 UNCLASSIFIED Data Reference (28)

UNCLASSIFIED OSS Elements of Success Empirically Proven • Observed OSS Elements of Success – Frequent and Direct Communication with Customer – Resolve OSS Concern Early in the Development Life Cycle – Clearly determine the following considerations for each OSS Module • Licensing • Usage • OSS Product Implications, Restrictions and Distribution Rights – OSS Licensing/Distribution Documentation Requirements • Measured OSS Elements of Success – IRAD will determine measurable OSS Element of Success Communication is Key for the Successful Implementation of OSS 26 UNCLASSIFIED

UNCLASSIFIED IMS OSS Next Step • Secure funding necessary to develop OSS Process & Policies • Secure funding necessary to research viable Do. D market trends Funding is needed to further the development of the OSS Process 27 UNCLASSIFIED

UNCLASSIFIED References 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23. 24. 25. 26. 27. 28. Do. D Chief Information Officer (CIO) Memorandum, “Clarifying Guidance Regarding Open Source Software (OSS), ” October 16, 2009, <http: //dodcio. defense. gov/Portals/0/Documents/FOSS/2009 OSS. pdf> Gartner, Inc. , "Gartner Smart Phone Marketshare 2013 Q 4". Retrieved 2014 -01 -13, <http: //www. gartner. com/newsroom/id/2665715> Gartner, Inc. , "Gartner Smart Phone Marketshare 2013 Q 3". Retrieved 2013 -11 -14, <http: //www. gartner. com/newsroom/id/2623415> Gartner, Inc. , "Gartner Smart Phone Marketshare 2013 Q 2". Retrieved 2013 -08 -14, <http: //www. gartner. com/newsroom/id/2573415> Gartner, Inc. , "Gartner Smart Phone Marketshare 2013 Q 1". Retrieved 2013 -05 -14, <http: //www. gartner. com/newsroom/id/2482816> Gartner, Inc. , "Gartner Smart Phone Marketshare 2012 Q 4". Retrieved 2013 -02 -13, <http: //www. gartner. com/newsroom/id/2335616> Gartner, Inc. , "Gartner Smart Phone Marketshare 2012 Q 3". Retrieved 2012 -11 -14, <http: //www. gartner. com/newsroom/id/2237315> Gartner, Inc. , "Gartner Smart Phone Marketshare 2012 Q 2". Retrieved 2012 -08 -14, <http: //www. gartner. com/newsroom/id/2120015> Gartner, Inc. , "Gartner Smart Phone Marketshare 2012 Q 1". Retrieved 2012 -05 -26, <http: //www. gartner. com/newsroom/id/2017015> Gartner, Inc. , "Gartner Smart Phone Marketshare 2011 Q 4". Retrieved 2012 -05 -26, <http: //www. gartner. com/newsroom/id/1924314> Gartner, Inc. , "Gartner Smart Phone Marketshare 2011 Q 2". Retrieved 2012 -05 -26, <http: //www. gartner. com/newsroom/id/1764714> Gartner, Inc. , "Gartner Smart Phone Marketshare 2011 Q 1". Retrieved 2012 -05 -26, <http: //www. gartner. com/newsroom/id/1689814> Gartner, Inc. , "Gartner Smart Phone Marketshare 2010 Q 4". Retrieved 2012 -05 -26, <http: //www. gartner. com/newsroom/id/1543014> Gartner, Inc. , "Gartner Smart Phone Marketshare 2010 Q 3". Retrieved 2012 -05 -26, <http: //www. gartner. com/newsroom/id/1466313> Gartner, Inc. , "Gartner Smart Phone Marketshare 2010 Q 2". Retrieved 2012 -05 -26, <http: //www. gartner. com/newsroom/id/1421013> Gartner, Inc. , "Gartner Smart Phone Marketshare 2010 Q 1". Retrieved 2012 -05 -26, <http: //www. gartner. com/newsroom/id/1372013> International Data Corporation, " "Android and i. OS Continue to Dominate the Worldwide Smartphone Market with Android Shipments Just Shy of 800 Million in 2013". Retrieved 2014 -01 -13, < http: //www. idc. com/getdoc. jsp? container. Id=pr. US 24676414>. Kantar World Panel, "Kantar Worldpanel Com. Tech’s Smartphone OS market share data Q 4 2013". Retrieved 2014 -01 -27 Kantar World Panel, "Kantar Worldpanel Com. Tech’s Smartphone OS market share data Q 3 2013". Retrieved 2013 -11 -17 Kantar World Panel, "Kantar Worldpanel Com. Tech’s Smartphone OS market share data Q 2 2013". Retrieved 2013 -11 -17 Kantar World Panel, "Kantar Worldpanel Com. Tech’s Smartphone OS market share data Q 1 2013". Retrieved 2013 -11 -17 Kantar World Panel, "Kantar Worldpanel Com. Tech’s Smartphone OS market share data Q 4 2012". Retrieved 2013 -11 -17 Kantar World Panel, "Kantar Worldpanel Com. Tech’s Smartphone OS market share data Q 3 2012". Retrieved 2013 -11 -17 Northrop Grumman Corporation, “General Description and Systems Engineering (SE) Process Flow Diagram”. Retrieved 2014 -02 -17, <http: //wiki. northgrum. com/wiki/Mission_systems_engineering> Do. D, “SUMMARY OF THE DOD FISCAL YEAR 2014 BUDGET PROPOSAL”. Retrieved 2014 -03 -16 <www. defense. gov/news/2014 budget. pdf Do. D, “DEFENSE BUDGET PRIORITIES AND CHOICES FISCAL YEAR 2014”. Retrieved 2014 -03 -16 <www. defense. gov/. . . /Defense. Budget. Priorities. Choices. Fiscal. Year 2014. pdf> Do. D, “THE DEPARTMENT OF DEFENSE'S ROLE IN FREE-WORLD EXPORT LICENSING UNDER THE EXPORT ADMINISTRATION ACT”. Retrieved 2014 -03 -17 <scholarship. law. duke. edu/cgi/viewcontent. cgi? article=3048&context=dlj Northrop Grumman Corporation, “U. S. Securities & Exchange Commission (SEC) Form 10 -K”, Retrieved 2014 -03 -16 < http: //investor. northropgrumman. com/Mobile. view? c=112386&d=0&v=0> 28 UNCLASSIFIED

UNCLASSIFIED Q & A Session UNCLASSIFIED

UNCLASSIFIED

UNCLASSIFIED Backup UNCLASSIFIED

UNCLASSIFIED Open Source License Types • Apache License 2. 0 – • BSD 3 -Clause "New" or "Revised" license – • The GNU General Public Licence (GPL) is probably one of the most commonly used licenses for open-source projects. The GPL grants and guarantees a wide range of rights to developers who work on open-source projects. Basically, it allows users to legally copy, distribute and modify software. GNU Library or "Lesser" General Public License (LGPL) – • BSD licenses represent a family of permissive free software licenses that have fewer restrictions on distribution compared to other free software licenses such as the GNU General Public License. Among different versions of the license two versons are particularly important: the New BSD License/Modified BSD License, and the Simplified BSD License/Free. BSD License. Both have been verified as GPL-compatible free software licenses, and have been accepted as open source licenses by the Open Source Initiative. GNU General Public License (GPL) – • The New BSD License (“ 3 -clause license”) allows unlimited redistribution for any purpose as long as its copyright notices and the license’s disclaimers of warranty are maintained. The license also contains a clause restricting use of the names of contributors for endorsement of a derived work without specific permission. The primary difference between the New BSD License and the Simplified BSD license is that the latter omits the non-endorsement clause. BSD 2 -Clause "Simplified" or "Free. BSD" license – • The Apache License, Version 2. 0, grants a number of rights to users. These rights can be applied to both copyrights and patents. Because some licenses can be applied only to copyrights and not patents, this flexibility would be an obvious factor in a patent developer’s choice of license (read this article on How Stuff Works for an explanation of the difference). You should be aware of another GNU license: the Lesser General Public Licence (LGPL). It grants fewer rights to a work than the standard GPL. Generally, the LGPL is appropriate for libraries that want to allow linking from non-GPL and non-open-source software. Because the GPL requires that other software with parts of licensed code to also be licensed under the GPL, developers cannot use GPL-licensed code for paid and proprietary software. The LGPL negates this by not requiring other projects with parts of the code to be similarly licensed. MIT license – The MIT License is the shortest and probably broadest of all the popular open-source licenses. Its terms are very loose and more permissive than most other licenses. • Mozilla Public License 2. 0 • Common Development and Distribution License • Eclipse Public License 32 UNCLASSIFIED