David Mihelcic, the chief technology officer for the Defense Information Systems Agency (DISA), says Defense Department officials have launched a new website where developers can work on open-source software projects specifically for the DoD. Red Hat, a Linux developer, stepped forward to assist with an initial open-source application.
Mihelcic said that the new site, Forge.mil, is based on the public site SourceForge.net ,which hosts thousands of open-source projects. "Forge.mil is really SourceForge.net upgraded to meet DOD security requirements," Mihelcic said.
DISA is a Department of Defense combat support agency and provides real-time information technology and communications support to the president, vice president, secretary of defense, the military services, and the combatant commands. From its Arlington, Virginia, headquarters and through worldwide field activities, DISA offers IT services, capabilities and acquisition expertise so the US military can accomplish its missions.
Mihelcic said that initially Forge.mil will host three open-source projects. He explained that one project, named DoD Bastille, was started by a DISA intern. DoD Bastille is based on publicly available software that automates the configuration of servers. It was developed when an intern had to configure 50 Linux machines in a lab. Mihelcic said that he looked at Bastille and saw it couldn’t do all the things he needed, so he started an open-source project. He said that the DISA got folks like Red Hat to assist.
One of the major problems any DoD software application developer encounters is making sure they follow DoD security regulations. According to Sherryl Dorch, marketing vice president of Trusted Computer Solutions (TCS), nearly all operating systems require the addition of lengthy manual scripts to be security-compliant. TCS used its background in cross-domain security to help IT managers solve this problem.
Cross-domain security systems enable users to access networks with different clearance requirements from a single computer. TSC developed Security Blanket 1.2 which the company said is the first automated security risk assessment tool for locating and identifying all potential loopholes in a Linux operating system.
Another project on Forge.mil is designed to manage request-for-proposals development. The third project automates the secure configuration of Solaris systems. Mihelcic said that DISA hopes to have 20 projects on Forge.mil in the next six months.
"The open-source development model works for everybody," Mihelcic said. Another person who is knowledgeable about establishing an open source strategy for the federal government is Sue C Payton, assistant secretary of the air force for acquisition. She participated in authoring the DoD's Open Technology Development roadmap when she was a deputy undersecretary of defense in 2006.
Forge.mil is a major shift in focus for the DoD. The website is another step in president Obama’s commitment to lower the cost of software acquisition for the federal government. X