The contribution Boris Auché has made to Bull’s Open Source Solutions Group includes developing the Open Source family of services, supporting its deployment overseas, and handling promotion and various upstream consulting projects for individual customers. Boris draws on the resources of Bull's services business in France and its middleware center of expertise, working closely with its Open Source partners. Since 2004, Boris has been an ObjectWeb executive committee member, representing Bull within the ASS2L (French Association of Open Source Software Services Companies) and is responsible for the Open Source section of standarmedia.com, a website operated by AFNOR (the French Standardization Association). More recently, he was the architect of the Bull–JBoss agreement.
Today we are seeing a significant increase in the use of Open Source by businesses. What are the different kinds of strategies being adopted by IT Directors with regard to Open Source?
Before we look at the strategies and tactics, it is vital to remind ourselves of the three fundamental requirements for an IT Director: risk management, cost control and governance. Open Source software offers some aspects of the answer to each of these areas. Open Source applications are gaining ground within businesses and the public sector because the urgency of the need is so precisely matched by the relevance of the response.
Risk management: a key role for service providers
When it comes to risk, the prime concerns of the IT Director are support and continuity. That’s still an area where Open Source meets some skepticism. Therefore, the increasingly important role of specialist service providers, whether they are software publishers, distributors, Open Source services companies… or systems integrators like Bull, who have the advantage of offering a global service. It is also one reason why ‘Open Source Maturity Models’ such as OpenBBR, QSOS, OSMM and others are becoming increasingly prevalent. Their aim is to help businesses evaluate each Open Source component they plan to adopt, and to assess how well it is likely to integrate within their information system. These models provide an interesting indicator, but not a definitive one. Indeed, they are based on a scoring system that is weighted in a standard way on diverse criteria. But we should not forget that the real importance of each criterion can vary considerably from one company to another and from one sector to another.
Let’s take licensing as an example. A government ministry will doubtless be very keen on a viral license, like GPL. This is a guarantee that any modification will benefit the whole community and that the standard will be preserved: and, as a result, interoperability will be maintained. A private company, on the other hand, might seek to keep any modifications it applies to itself, so as to keep a competitive advantage. This type of company would therefore be more favorable to issuing LGPL type licenses.
Pre-defined maturity models are not good at making this type of distinction. They are therefore interesting, but they need to be viewed with objectivity, and evaluated in the individual context of the organization concerned. For the IT Director, therefore, the essential criterion to take into account remains above all the availability of reliable service providers.
Cost control: advantage to Open Source software
When it comes to cost control IT Directors and CIOs are not just interested in the initial purchase price. They will be looking at implementation and acceptance costs, and then the regular costs of updating the system.
Here, Open Source can bring significant advantages. The main expense is the cost of support, which can account for 30-35% of the cost of supporting a proprietary application with comparable functionalities. Any specific adaptations can be applied internally, without any external costs, because the company has access to the code.
Finally, while a software publisher will tend to release version updates regularly, in order to sell extensions and new functionalities, the enterprise itself has a lot more freedom to ignore these kinds of developments. The development cost is better controlled. It is important to grasp that – over and above the potential savings to be made – Open Source enables an IT Director to control and channel costs, at their own pace, and at their own chosen level.
Governance: from tactical to strategic use
Lastly, when it comes to governance, the enterprise often seeks to benefit from a maximum amount of freedom and sovereignty, and wants to remain in an industry standard environment. Open Source has a trump card to play in this domain, and its use often goes hand in hand with new approaches to software and application governance, which are moving from an approach equating to ‘I buy an off-the-shelf application or I develop one myself in its entirety’ to ‘I assemble my application using components – published standards, or Open Source software – that I will go and look for on the open market’. This practice is at the heart of the Open Source model.
The multitude of Open Source components, and now solutions, available from the various communities (more than 100,000 Open Source applications are listed in SourceForge) is therefore encouraging developers, integrators and IT Directors to avoid re-inventing the wheel and instead to go out and look for the maximum number of components available, and then devote their efforts to adding value: assembling and adapting the applications they have chosen to the specific business context of the organization in question.
Integration is possible because Open Source components are drivers for standards. Their key differentiator is not their incompatibility, but much more so the quality of development, the innovation that they bring, and their capacity to be interoperable: team working in effect.
Two major approaches: ‘cherry picking’ and ‘strategic sourcing’
Open Source therefore brings undeniable advantages to the enterprise. Since it is still a relatively new domain, we can today distinguish between two major types of approach as regards implementation: tactical utilization (or ‘cherry picking’), and strategic use (or ‘strategic sourcing’) within the organization’s standard technical platform.
In real terms, what characterizes these two approaches?
They are quite different: for historic reasons, ‘cherry picking’ is still the most common approach. But we are seeing a growing trend towards ‘strategic sourcing’
‘Cherry picking’: tactical use of Open Source
‘Cherry picking’ is clearly an opportunistic strategy, often used at departmental or business unit level. What’s more, it’s often through cherry picking that Open Source software is first introduced into the company. For a variety of reasons, a developer or an IT manager adopts Open Source components on a case-by-case basis: perhaps to build a new application; or maybe to reduce the operating cost of an existing solution (for example, using an Apache http server, replacing a proprietary application server with an Open Source J2EE server, or a proprietary database with an Open Source one). Today, this kind of use for Open Source software is growing, particularly in areas such as network security, applications servers, databases, etc, but also messaging systems, portals and content management, ESBs, etc.
This kind of opportunistic strategy has its advantages. But it also has its limitations: in particular, how well can it be integrated into the technical platform and the architecture chosen by the organization. Because although adding diverse Open Source components offers certain advantages as regards flexibility, the limitation is in the number of heterogeneous pieces of the ‘puzzle’ that can possibly be held together subsequently. The more of these components there are, the more complex the whole is to manage and maintain! And hence the interest in choosing Open Source components that respect standards, even integrated within ‘suites’. And hence also, the interest of the second strategy: ‘strategic sourcing’.
‘Strategic sourcing’: making Open Source a key component of the standardized technical platform
This second, more advanced, strategy is being adopted by IT Directors who embrace the Open Source phenomenon and integrate its use fully within the company’s technical platform.
This global strategy often has two origins.
It can result from a desire to professionalize and automate the organization’s approach, faced with a proliferation of components used tactically. Once Open Source applications have been widely used, in a rather anarchic kind of way (and notably to save costs), management gets hold of the idea and decides to rationalize and industrialize its use throughout the company, and as a result, moving from cost control as the main driver to risk management and governance. This is one reason why the subject is now on the agendas of the highest echelons of IS management. They then incorporate Open Source into their strategic vision, demanding that their system architects include Open Source components within the global architecture design, and incorporate a number of avenues for the deployment of Open Source applications in relevant segments of the architecture design. This is typical of the ‘bottom-up’ approach.
Conversely, it could stem from a ‘top-down’ initiative, following a managerial policy that usually includes the following strategic considerations:
Economic: Open Source is a means of reducing costs and so gaining competitive advantage vis-à-vis competitors. The very high levels of Open Source used in appliances (such as the ‘boxes’ used by telecoms operators) is a good example of this.
Strategic: As far as the user is concerned, Open Source enables complete independence from providers, prevents monopolies and so raises the level of strategic freedom. A good example is the current development of several research projects for using Linux in portable telephones, precisely for these reasons of independence.
Industrial: Open Source enables standards to be imposed, facilitates collaborative innovation, and can therefore overcome obstacles to entering new markets.
Political. The fact that many governments have chosen to promote Open Source applications as a means of bolstering their strategic independence, and at the same time supporting the development of their local IT industries, is a good example of this.
In both cases, the result is the same: Open Source is taken on board as part of company strategy in an orchestrated, planned and industrialized way.
This approach is currently gaining a lot of ground: all the more so because the trend is towards centralization of enterprise governance. While models for conglomerate types of governance (groups of entities each retaining their independence and individual processes, and required only to present an end result) have been in fashion for a long time, more centralized models for governance that unify and centralize processes, information systems, purchasing, etc, are now coming back into fashion.
The development of Open Source in the enterprise should increasingly follow this process of rationalization. We are currently seeing this to a significant extent in the telecoms and banking sectors, where the use of Open Source software is quite advanced, as industry analysts Forrester noted in a recent survey (11 September 2006).
In addition, the public sector is making great leaps forward in this direction. In two or three years’ time the movement is likely to become widespread in more than 50% of major organizations.
This has consequences, however, in terms of structure. We will be seeing Open Source centers of expertise appear more and more within IT directorates, taking responsibility for business intelligence, inventory and monitoring of ‘libraries’ of Open Source components that they have evaluated and selected. This kind of function can be carried out by an in-house team, or delegated to expert service providers, such as Bull.
Strategy, control, management, library… this is a world away from the ‘libertarian’ image Open Source still inspires in some minds?
We need to be clear about this: today the world of Open Source software is above all a world of professionals! While the first user communities like GNU were essentially groups of like-minded and dedicated individuals (IT experts notwithstanding) we quickly saw much more structured communities arriving like Apache, then constituted around specific businesses (JBoss, MySQL, …) or communities of organizations (Eclipse, ObjectWeb, OSDL, etc.). Today, it is estimated that 80% of contributors to Open Source are salaried staff, and paid, therefore, to contribute! We are even starting to see Open Source ‘Masters’ qualifications being offered, like the ones recently inaugurated at the universities of Caen, Lille and EISTI, which I have contributed to setting up.
This demonstrates that the Open Source phenomenon is totally circumventing the only ‘ethical’ problems or the free delivery of the software which motivated the pioneering developers. If organizations are contributing in this area, it is because it is in their interests to do so in business terms. Sharing R&D effort of course enables huge economies of scale. But as we have seen, strategic and industrial factors also play a key role.
Without wishing to embark on a political discussion, Open Source is a terrific driver for standardization and ’commoditization’ of infrastructures that benefit everyone. It is, in addition, a formidable factor for group dynamics. For example, take ObjectWeb. In 2002, the consortium was founded by three major players: Bull, INRIA and France Telecom. Today, it brings together more than 4,000 developers, 70 businesses and organizations, more than 100 projects, and the consortium has a presence on every continent! It has succeeded in firing a collective momentum that would probably not have been possible for any of the three co-founders to create alone, whatever their talents. And it is also part of a much wider social movement. Today, it’s clear from Web 2.0 success stories like MySpace and YouTube that users no longer want to be mere spectators, they want to be able to contribute, get involved... And this is itself a significant driver.
With 100 times fewer employees than the CNN, but 200 million ‘readers/editors’, in the space of three years MySpace has become the sixth most visited Web site on the planet! Basically, the idea of Open Source is to apply this collective intelligence dynamic to the world of professional technology. Just as they are beginning to see the formidable ‘business’ potential of ‘Web 2.0’, businesses today are also starting to realize the wealth of opportunities that Open Source – effectively ‘Software 2.0’ – offers. This in turn fuels the necessity for strategic thinking, which will increasingly become essential for the majority of IT departments.
To sum up, a final word on the recent Bull/JBoss agreement?
With the JBoss agreement, Bull is quite simply adding new expertise to its Open Energy portfolio of solutions and services, which already includes the ObjectWeb range. Under the terms of its agreement with JBoss, Bull pledges to make its contribution to the JBoss software, to integrate it on a global scale, and to offer it within all its platforms and to sell support for the entire JBoss component range.
Bull’s commitment to develop JOnAS in the framework of the ObjectWeb consortium, and in particular new versions of it, remains total. We have a duty to our customers to deliver technological excellence, and we are committed to supplying them with the means to avoid 'vendor lock-in' and monopoly.
François Exertier, a member of Bull’s R&D team, is, and remains, the manager of the JOnAS project within the community, and his team is dedicated to its development. They are already preparing version 5, due for release in the first half of 2007. Numerous innovations are to come, notably in the domain of clustered and highly available solutions. Finally, the noteworthy arrival of new Chinese (through co-operation between ObjectWeb and OrientWare) and Brazilian contributors is a great support to Bull and its commitments, and demonstrates the attractiveness of JOnAS.
Through this agreement Bull is in effect reinforcing ObjectWeb, a community it founded, by contributing to the strengthening of its links with Red Hat; the technical director for Red Hat being Paul Cormier, also a member of the governing council. In the framework of the agreement signed with Bull, Red Hat will strengthen its commitment to ObjectWeb and its future development, code named ‘ObjectWeb v2’.
Bull is still a driver of ObjectWeb development. This partnership does not constitute a change in strategy as regards contribution to projects such as JOnAS. As ‘Architect of an Open World’, Bull intends to contribute simultaneously to different communities including ObjectWeb, JBoss, Apache, Eclipse and others, and in this way to facilitate the cross-fertilization of Open Source initiatives. Cross-fertilizing and interoperability agreements with JBoss will enable us to strengthen and extend the JOnAS ecosystem. Today, four principal Open Source application servers co-exist on the market: JBoss Application Server, JOnAS (ObjectWeb), Geronimo (Apache) and GlassFish (Sun). An open world always needs to have alternatives, to stimulate innovation and to avoid monopolies.
Our desire is to be able to offer our customers the richest possible range of services and expertise. With this in mind, our involvement in the JBoss community is an enriching element. Our participation will be gradual, and we will make sure it is beneficial to our customers, for ObjectWeb, for JBoss and for Bull.