We are excited to participate in the Office of Management and Budget's (OMB) Open Source initiative described in OMB's M-16-21. Our Implementation Plan outlines our steps to comply with the OMB's Federal source code policy (the policy).
In order to meet the new requirements of the source code policy we have defined short and long-term objectives and tasks. In the short-term we will:
- Identify the impact of requirements from the policy on the systems development lifecycle;
- Identify key stakeholders;
- Create the SSA source code policy; and
- Create our process to inventory agency developed code.
The long-term objective is to publish, maintain, and enhance the Enterprise Code Inventory (ECI) as well as to make agency code available as Open Source Software (OSS).
As we continue to develop our implementation plan, milestones, and additional tasks will be added to meet the objectives, including the identification of quantifiable and meaningful metrics to monitor our success. We will develop checkpoints to capture and promote the open source initiative within the agency.
We will obtain sufficient rights to custom developed code to fulfill both the Government-wide reuse objectives and the open source release objectives outlined in this policy's pilot program. We will follow the Three-Step Software Solutions Analysis as per Office of Management and Budget's (OMB) Federal source code policy. We await OMB's input on contract language for securing the rights necessary to make custom-developed code releasable to the public as OSS and government-wide code reuse.
Building and Maintaining the Enterprise Code Inventory (ECI)
To build and maintain the Enterprise Code Inventory we will:
- Identify code asset metadata across the agency to add to the Enterprise Code Inventory (ECI);
- Collaborate with the agency's Application Portfolio Management (APM) team to identify, catalog, and tag code assets with relevant metadata as required by the policy;
- Integrate the policy requirements with agency's software development lifecycle methodologies;
- Establish a checkpoint during the planning and analysis phase to capture information necessary to update the ECI;
- Create milestones to ensure we gather the data needed to comply with the policy in a timely manner;
- Identify new, changed and retired, agency code assets in order to maintain the ECI; and
- Research ways to automate this process. Until that time, we will identify new, changed, and retired code through the agency's Change Management System reports.
Publishing and Sharing SSA Developed Code as Open Source and Federal Reuse
To facilitate the publishing and sharing of SSA developed code, we will assign responsibility to a newly formed staff, the Open Source Software (OSS) staff.
The OSS staff will:
- Define implementation guidance for selecting, reviewing, and auditing code assets before they can be released to the public or to other federal agencies as OSS and/or federal reuse software (FRS);
- Consult with management and senior executives to determine the extent that agency code assets can be shared with the public or other agencies due to the sensitive nature of our code assets;
- Collaborate with the agency's development community to establish best practice design patterns that are conducive to making code assets releasable as OSS or FRS;
- Act as a liaison to federal agencies requesting our FRS code assets; and
- Monitor to ensure we release at least 20 percent of our applicable new custom-developed code each year for the three years of the pilot program.
Open Source Agency Policy
Our agency policy in support of the OMB Federal source code policy has been finalized and available on the SSA digital strategy website at https://www.ssa.gov/digitalstrategy/Open Source Software Acquisition, Management, and Use Policy 2.0.pdf.