Open Source Programs Become More Critical to Engineering Over Time
The Linux Foundation sponsored this post.
A consensus has emerged among the first and second generations of open source program offices (OSPOs) that they have a positive impact on development practices, support innovation, and are critical to the success of engineering and product teams. This conclusion is based on our third annual “Open Source Programs in the Enterprise Survey”, which was done in partnership with The Linux Foundation’s TODO Group. The study had over 1,000 participants, but these findings are based on detailed information from 325 people working at an organization with an open source program or initiative.
The top benefits ascribed to OSPOs are:
- increased innovation
- open source awareness
- participation in external projects, and
- better license compliance.
Examined at a higher level, 80% of respondents in this subset say their OSPO has a positive impact on company development practices. One respondent noted having a “Central office to answer questions related to open source increases developer productivity.” Most respondents believe the programs help their engineering or product teams, with 56% saying the OSPO is very or extremely business-critical to the success of these teams.
Compared to previous years, there was a slight decline in respondents valuing the impact on product and engineering teams, so we investigated why this happened. It turns out that older programs are more valuable than younger ones, indicating they have had success integrating into company processes.
When the study started in 2018, 36% of OSPOs surveyed were no more than 2 years old, while 19% were over 10 years old. Two years later, 22% are in the younger group and 25% are long-term veterans. While 43% of the young organizations say the OSPOs are business-critical to engineering teams, that jumps to 77% among the oldest programs. Furthermore, the older the OSPO, the more likely community influence and security are recognized as benefits. Regarding security, one respondent told us, “OSPO defines the policy of import loss, making it much easier to fix CVE bugs for OSS usage.”
No matter how old they are, innovation and open source evangelism emanate from OSPOs. We expect that more mundane benefits like better license compliance and security will be more prominent as recently created initiatives mature.
OSPOs come in many shapes and sizes. Slightly more than half of these efforts are formally structured with dedicated person-hours, reporting structure and/or job titles. OSPOs are located in software engineering and development departments 35% of the time, with the office of the CTO (20%) and IT (16%) also hosting initiatives. Although these characteristics usually didn’t impact the success of the programs, there were some notable differences:
- Lower support costs is a top benefit of 55% of OSPOs located in IT as compared to 32% for the average respondent.
- OSPOs located in the Office of the CTO are focused more on influencing open source communities. Notably, increased participation in external projects is a top benefit for 59% of these OSPOs, which drops to 44% for the average respondent.
- Respondents with formal OSPOs were significantly more likely to cite license compliance as a top benefit (50% vs 41% on average) and less likely to cite better security testing and vulnerability management (25% vs 31% on average).
The full dataset on which this analysis is based on can be found here.
VMware is a sponsor of The New Stack and co-sponsored this research.
Feature image via Pixabay.