FOSE 2008 is over, and we’re all back home. Here are my observations from the final day of FOSE 2008:

• It would have been nice to have our people attending more sessions. Arin Sime got to attend a couple of sessions, and Eric Pugh saw the opening keynote speech, but it would have been nice to attend more sessions to get the government point of view of information technology.
• The attendees have a general distrust of custom solutions. It’s not a wonder. They probably suffer from vendor lock, unresponsive clients, and have generally been burned by bad process.
• There are pockets of Agile development, but not many. This probably leads to the problem cited above, but it also reflects a greater problem…
• Contracting officers don’t know how to price Agile development. The most common pricing scheme for development projects is fixed price. Agile can only deliver a fixed price for labor. Maybe it will be easier under a blanket purchase agreement or with sprint-sized task orders.

It’s too early to say whether this was a worthwhile trade show for us. Each day, we definitely had conversations where people had specific problems that they were trying to solve which our team and process could help them solve. Whether or not we can get from problem identification and solution provider acknowledgment to actually providing the solution remains to be seen.

The people who came by our booth yesterday seemed to represent a slightly different mindset than what we saw in Day 1. I can still categorize the attendees:

• People on a mission: They know what they want, and they’re very specific about what they are looking for. Questions like “Can you do J2EE” and “Are you familiar with Drupal [Alfresco, Joomla, Expression Engine]?” were much more common in day 2 than they were in day 1.
• Browsers who either haven’t heard of open source or misunderstand its meaning: These are fine people to talk to, as there is an opportunity for us to tell them what it is and what it isn’t. Firstly, let me say that open source is not the answer to everything (saying something like that at OSCON would get me lynched. As an aside, I’d wager that the number of people who attend both FOSE and OSCON represents less than 1% of either conference’s attendee population. That number disappoints me greatly, as both populations need to learn about each other over the next few years if our government is to remain competitive without spending greater and greater amounts of a percentage of GDP.
• Schwag runners: The group of people almost sprinting through the exhibit hall sort of reminds me of the Filene’s basement sale. It reinforces why we don’t give out schwag. Perhaps the companies who give out schwag wind up having more conversations with people that they would not have otherwise had, but watching the surreptitious glances of candy grabbers hoping that nobody from the booth actually talks to them makes me think otherwise.

The one group of people whom I expected to see some of that I have yet to see is contracting officers. I know that many agencies are not meeting their set-aside goals, so I would have expected the KOs to be swarming the small business pavilion to find the vendors who can help them meet their goals. We have seen a few primes come by and talk to us and when they discovered that we are a service-disabled veteran-owned small business (SDVOSB), then the timbre of the discussion changed (though we’d rather have people be interested in working with us because of the quality of work that we do) . Maybe, as someone put it, the KOs have been burned too badly by low quality set-aside qualifying firms who can’t actually do the job in the past that they are now looking at the major primes to serve as the vetting mechanism. It’s not a bad idea.

I’m also surprised that nobody is blogging about FOSE. The number of blog posts found on Technorati covering FOSE takes up less than a page. Comparatively, OSCON is usually a top (if not the number one) search term on Technorati during OSCON. There are about 45 news articles on Google covering FOSE, but I would still expect people to be writing (and blogging) more about this convention. It’s huge. There must be at least 4 times as many people here than at OSCON. At OSCON, crowds come in waves as people come out of sessions. At FOSE, there is a constant stream.

Still, being at FOSE is worth it, because it’s important that government users of software become more acquainted and comfortable with open source products and don’t have the not invented here (or by a small group of proprietary software providers) syndrome. There are pockets of users of open source products, and some who are interested in learning more, but the road ahead is a long one. We intend to be there; as citizens, we have a vested interest in how our taxpayer dollars are spent.

FOSE means:
“Free/Open Source Expo” - Scott McNealy, Chairman of Sun Microsystems
“Federal Open Source Expo” - Eric Pugh, Principal of OpenSource Connections

When the chairman of a company that spends $2 Billion dollars yearly on R&D makes more or less the same joke that you do, it makes you see the kernal of truth in that statement.

I attended Scott McNealy’s keynote on the first day of FOSE expecting something about cloud computing, or network security. Some sort of very “Federal IT” type of topic. Instead he spent an hour making the case for why the Federal Goverment needs to embrace Open Source Software. And he made that case by walking through a number of reasons:

No Barrier to Entry: Getting started with open source software doesn’t require an RFP process to be undertaken. You can just download the software, and he’d like you to download that stack that Sun has open sourced: OpenSolaris, Java, OpenOffice, MySQL etc. He made the case that with open source, you can prototype your application without spending capital up front on licenses before you know what you’ll need for a production system.

More Interoperablity: The Federal Government builds systems that last a VERY long time. So there are lots and lots of different vendors, different platforms, different interfaces.. Scott cracked the joke that “… you have two of everything, no, actually you have 200 of everything…” which means that most of the Federal IT budgets are spent on maintence and support of existing legacy systems that are old, inefficient, and cumbersome, and only a very small slice is spent on new systems. Open Source systems drive interoperablity because the source is available. Anyone can look at the interfaces of a system built using open source and figure out how to provide interoperatiblity. Interoperabilty means the cost of integrating legacy and new systems drops drastically.

Sharing: Sharing means more R&D per dollar. Sun is the 42 largest spender on R&D in the world. They spend over $2 billion dollars a year, but because they have open sourced most of their portfolio, they can leverage the efforts of others. For the $2 billion they spend they estimate they get over $5 billion a year in addtional value on their open source portfolio of software from around the world. Sharing begets sharing.

Communites drive adoption: By opensourcing the Sparc microchip as “OpenSparc, the Chinese technical universities have standarized on that platform as what their students will be learning on. Guess who is going to be advocating Sun’s Sparc chips when they graduate school? Guess where Sun will be finding innovative ideas for the Sparc chip design?

Safe, Secure: Open Source is more secure then closed source. Software gets hacked when it contains sccrets that people find. A big secret leads to a big security hole. Open Source, by it’s nature, doesn’t have secrets, therefore you can trust it to be secure. Open Source code is heavily vetted by peer communities.

And biggest of all: No Barrier to Exit. Scott spent the most time on this point, suggesting that the barrier to exit is the biggest cost to any IT system. He said there are three costs: A) the initial acquisition cost… B) the lifetime opperating cost. And both of those are typically addressed in an RFP issued by the Federal Government. But cost C), moving to a new system is never factored into an RFP. So once a vendor has sold the government a system, they keep the renewel cost “… just 5$ less then cost of moving to another system…”.

So there you have it, from the chairman of Sun why open source is the way forward for Federal IT projects, direct from FOSE: the Federal Open Source Expo!

We just completed Day 1 at FOSE. While I was not able to attend any of the presentations, I did walk around the exhibit floor and had a ton of conversations with attendees. Here are a few themes that I observed:

• There is still a lot of ignorance about open source. Despite the efforts of AFEI with conferences such as DoD Open, the message is not getting through at all. The comment I heard that most epitomized the ignorance was from a government contracting officer: “First it’s closed, then it’s open, then it’s closed again.”
• Not enough open source is SEM certified. The desire for DISA and other agencies responsible for SCIFs to want to know what’s going behind the cleared wall is understandable. However, open source products will have MORE auditability, not less. It seems like there are not enough advocates with enough experience in and understanding of open source products talking to information security officers about the benefits and overcoming objections. The other unfortunate side note is that it’s awfully hard to get SEM paperwork entered in as a bug into an open source project.
• The hardware vendor market has to be close to saturated. I was surprised at the preponderance of hardware vendors exhibiting at FOSE.
• The number of prepackaged software vendors is surprisingly high. Most software has a short shelf life at best. Why government purchasers are paying for long-term licenses and not insisting on code ownership is unknown to me. I think it relates back to the first point about the ignorance of open source in the government purchasing community. If it took a more open source friendly approach to procurement, I posit that costs would go down and quality would increase due to the benefits of meritocracy that the open source community experiences. It’s not a panacea, but it’s a right step.
• The number of companies at FOSE who do what we do is suprisingly low. Not everything that the government wants comes out of a box. I’m surprised that more companies aren’t there making the pitch that “when what you want software to do doesn’t come prepackaged, talk to us.” Software packages rarely do what you want straight out of the box.

Hopefully the talk that Scott McNealy from Sun gave this morning will resonate with program managers, procurement officers, and developers in the government. Eric Pugh will be blogging about that presentation shortly; the Sun CEO spoke about many of the topics we have been blogging about in recent months.