Securing Open Source Software at the Source
All individual endorsers participated in their personal capacity. This report was prepared independently from any political or governmental entity. While the report generally reflects the observations, insights and recommendations of the endorsers, it is not the case that every endorser will agree with everything expressed herein.
Like roads and bridges for the digital world, open source software (OSS) makes up much of our digital infrastructure and underlies many critical software systems, both public and private. Sometimes referred to as “free and open source software” (FOSS), OSS can be used, modified, and shared by the public according to its terms of distribution.(4)
OSS usage is widespread and especially common in the private sector due to the relative benefits of OSS compared to proprietary software, such as innovation and convenience. The OSS operating system Linux — which is available for anyone to use and contribute improvements — is utilized by nearly 40% of all web servers.(5)
The federal government has also been on the cutting edge of OSS technology. In fact, by 2003, OSS was so commonly used in the Department of Defense (DoD) that one study by MITRE — a nonprofit that manages federally funded research and development centers for several federal agencies — determined the software was “vital to DoD information security” for its reliability and quality.(6)
/cdn.vox-cdn.com/uploads/chorus_asset/file/24987916/Mark_Zuckerberg_Meta_AI_assistant.jpg)
