CBR asks Adam Jollans, the firm’s director for Linux and open source strategy, for his views on several topics including security, and where IBM is heading with open source in 2015.
CBR: Why are emerging workload requirements – cloud, big data – suited to open source development culture?
Many of the new cloud, analytics, mobile and social (CAMS) workloads are being implemented on top of open source software. There appear to be three main reasons for this:
1) Open source communities are now hubs of innovation, where the cool kids hang out. This is fuelled by the collaborative nature of open source, enabling faster development iterations and the ability to ‘stand on the shoulders of giants’ when developing software. So as new workloads emerge, the technologies to support them are prototyped first on open source platforms.
2) Open source removes the barriers to entry for new start-ups and individual programmers. The software is easy to get hold of, and open source versions are available to download and test for free.
3) Born-on-the-web companies are built using open source software, for the reasons above, and the open source approach then becomes embedded in their culture. This then feeds back into the first reason, encouraging more innovation for the next wave of new workloads, and creating a virtuous circle of open source development.
CBR: Given the furore over Heartbleed, how will IBM address security concerns about open source?
Recent security concerns such as Heartbleed and ShellShock aren’t about open source per se; rather, they are concerns about largely forgotten or under-resourced open source projects that are fundamental to the internet and other key components of enterprise IT.
To address these concerns, IBM and other key vendors have established the multi-million dollar Core Infrastructure Initiative (CII), hosted by the Linux Foundation. This aims to support and fund key open source elements of the global information infrastructure, such as OpenSSL, Network Time Protocol and OpenSSH. A key part of the CII’s work is to identify all the key open source projects the Internet depends on to ensure they all have the resources they need to be secure.
Other, properly resourced open source projects are already regarded as highly secure; for example, Security Enhanced Linux (SELinux) providing mandatory access control (MAC) in the Linux kernel, and the EAL4+ security certifications obtained by Linux distributions such as Red Hat Enterprise Linux and SUSE Linux Enterprise Server.
The topics of open source security and how the CII is addressing the concerns were discussed in depth by Jim Zemlin, executive director of the Linux Foundation, during his keynote at the recent Linux Collaboration Summit.
CBR: Analytics distributions – will there be winners and losers, and which will emerge from the pack?
With every new technology there are always winners and losers, and big data is no exception. Big data is characterised by volume, variety and velocity, and different technologies cater for data-at-rest and data-in-motion. Apache Hadoop is a very popular open source platform framework for big data, and like Linux is packaged into ‘distributions’, which are available from a wide variety of vendors.
It’s too early to say who the winners and losers will be in the big data space – analysts such as Gartner are currently attempting to predict the leaders and cool vendors. Recently, a number of big data vendors came together to form the Open Data Platform initiative to drive collaboration, innovation and standardisation across big data technologies such as Hadoop.
Big data continues to expand dramatically as more and more information is being generated by mobile devices, social media and the Internet of Things, and new frontiers such as cognitive computing are now being explored
CBR: Can open source hardware ever be monetised as effectively as closed source hardware?
Open hardware covers a spectrum, from open systems, to open firmware, to open processors. The original IBM PC introduced an open systems design into the microcomputer market, and this was one of the reasons for its runaway commercial success in the 1980s. By opening up the design, IBM made it easy for third parties to develop add-ons and ISVs [independent software vendor] to develop applications that then built the ecosystem.
This ecosystem, of course, then developed into the x86 industry of today, where some elements are open and other elements (such as processor design) are closed.
Some elements of hardware development are very costly – for example, processor design – and so sharing of development costs through collaboration can potentially reduce the outlay per vendor and so increase the opportunities for both monetisation and competition
Recently, the OpenPOWER Foundation has introduced a open collaboration around IBM’s Power8 processor and architecture, in the areas of microprocessor design, sharing of technologies, and firmware and software.
Pure open source hardware is, however, still uncommon, with the Open Compute Project founded by Facebook being perhaps the best-known example.
The answer in the short term is probably, therefore, that hardware with key open elements offers the best opportunities for monetisation — somewhere in the middle between the two extremes of open source hardware and closed source hardware.