Measuring ROI of OSS Contributions & Similarities Between Open Standards & OSS

About

In this episode, we talk with Guy Martin, the Executive Director at OASIS. Guy is a globally recognized open source strategy expert.

Some of the topics that we discuss in this episode include:

– The evolution of community management. – Factors to consider when choosing which open source projects to use.

– Contributing to open source projects as an enterprise.

– What an Open Source Program Office is and why they’re so important to enterprise.

– How open source and open standards are two sides of the same coin.

Transcript

hi everybody i’m henry badri and welcome to our third episode of open source for
business brought to you by open teams the open source services marketplace where users
of open source software can find vet and contract with service providers
in this episode we talk with guy martin a globally recognized open source strategy expert
some of the topics which we’ll discuss in this episode include the evolution of community management
factors to consider when choosing which open source projects your company should use what is
an open source program office and why are they so important to enterprises and last but not least how are open
standards and open source two sides of the same coin so you ready let’s dive right in
[Applause] hi i’m eunice kenju and i’m the vp of partners at open teams
henry and i are very excited to welcome our guests for this episode guy mike martin the executive director
at oasis ost is a global nonprofit consortium
that works on the development convergence and adoption of open standards for
security internet of things energy and many other areas
guy is very well known in the open source community and space and he spent a lot of time actually
building at a strategic open source consulting office offerings at red hat i also contributed to launching
an open source group at samsung and he recently left autodesk where he was directing their open source strategy
efforts guy is active on social media and can be found on linkedin and twitter at guy ma and i’d also recommend
checking out some of the great work very very impressive work that oasis has been doing to help the fight against covert 19 so
you can check that collection of work out at oasis.open.org
covid now that the introductions are out of the way uh let’s dive right in guy thank you very much for joining us
today well thank you henry eunice i’m really really excited to be here and uh great to talk about all the the work that
oasis is doing and and how we’re dealing with open source and standards fantastic well you’ve published a lot of
articles and that’s what i found when i was doing my research and your name has popped up quite a bit uh in the last few months that i’ve been
working at open teams are you giving presentations around the world and you’re definitely a thought leader
in the open source space i think you’ve been involved for around or close to 15 years which is incredible
but when talking with you before this podcast you mentioned that you actually fell
into this career by accident so on that note i’d actually like you to ask i’ll ask you to sort of take us back
to where you started and give us an idea of actually how you got here today sure yeah i i basically started as an
engineer um still consider myself an engineer now i now i don’t write code for living i write code to annoy the
housemates with when the iot stuff doesn’t work but um so i’m still an engineer and i got a computer science degree and i really
started out writing software for a variety of things everything from embedded to um to enterprise java beans uh
and and kind of everything in between and what i realized sort of early on in my career was that i was an
adequate engineer right i was i was a reasonably good engineer but i was never going to be the world’s next great engineer which was
kind of the passion that i had when i got into computer science but what was interesting is that i could
actually talk and communicate with non-technical audiences and explain to them what was going on in technology
and so i ended up being the person who got assigned from the engineering team to work with quality assurance or
customers and for by the first half of my career i think i kind of fought that um i kind of was like well no i’m i’m
still an engineer and i don’t want to do this community management or these other things and about halfway through my career kind of
the light bulb clicked on and i said wait a minute i actually am more of a community manager business strategist person with
a technology background and once that switch went on it just made life a whole lot easier in reality because it opened up
opportunities for me to to work in open source consulting to work in community management and
to work in leadership which is what i’m doing today fantastic and so i know that the community management and what did it
look like back then is the same does it was the exact same as it looked like today well i think we didn’t really call
it community management i mean i look back on my career and some of my first roles again being the engineer assigned from the
engineering team to quality assurance um testing customer you know integration tests we we had
built a community we were building communities of of these groups that were very disparate and we just weren’t calling it that
um and then for example when i was at sun microsystems and building out the java car project uh which was a gm ev1 that we
basically outfitted with a ton of electronics and by the way this was before the telematics age so we were doing some really crazy
things like getting this gm ev1 putting a bunch of hardware in it ripping up the carpet running ethernet
cables right having a bunch of wireless stuff in the back but we were a small skunk works team in some
labs that was doing this there were three of us and to actually get this car to a a point where we could use it for demos
and we could you know do experiments on networking we had to rely on a community of other software engineers at sun at the time
uh in job in javasoft division and across across the organization and so looking back on it we did that we
built essentially a community what could be called an intersource community now right so it was open source
stuff but within the firewall of sun and we had somewhere on the order of 15 to 17 people who contributed code to that
project by the time that was done so i think what’s interesting is that i didn’t think about that as community
management as a practice back then but it just ended up being something that i
i found i was naturally good at so uh that was kind of the nice thing about that is it got me to a point where i’m at a better
point in my career in terms of doing things that i love and still getting to do technology awesome that’s that’s amazing and it’s
interesting to see just how it has changed over the years because it really is mainstream now uh it seems
like a lot of these most big companies either have an open source program office or at least an open source group of some sort
so i was wondering if you could take us back and tell us um what was that trend what did that transition look like from
almost uh where it was growing organically and and wasn’t as as mainstream as it is today to to the extent where now we’ve
got uh companies contributing to open source everywhere yeah i mean i think you i can go back to
um when i was at motorola and we had built um a sort of an open source office but
we didn’t call it that it was mainly an open source office that was there to
to quote unquote protect uh motorola in terms of licensing and and making sure that we did all the
right things in terms of the licensing perspective and open source and so i think in my opinion those early
open source offices were more about making sure that companies felt like okay we’re dotting the i’s and crossing the t’s when it
comes to licensing and and kind of all those other very tactical areas of open source but they
weren’t designed i think at that point to to be the kind of outward facing open
source offices that we have today right where those offices are are responsible for compliance and license
issues but they’re also responsible for working with the upstream open source communities they’re responsible for helping train internal
uh developers at um at the company to understand how to work effectively with upstream open source communities so
i think the the role of an osbo and by the way there are tons of different um ospos and and every company sort of
has a slightly different take on it depending on what they need but i think you’re seeing more open source program offices um in the
in the modern era that are responsible for kind of the outbound uh marketing and the outbound um
engagement with open source communities as well as training people inside the company to be more effective at how they
contribute or collaborate with open source communities okay this seems to be like
where we’re writing that trend now of having an ospo or we’re contributing like i was saying before
my understanding is it wasn’t always like that i’d like to know from you and and get your perspective of what you saw
um what are the different schools of thought that at least used to be the case uh for companies wanting to contribute to open
source um and can you explain how those perspectives have sort of evolved to where we are today where most a lot
of companies at least are contributing to open source yeah when i actually put together the consulting offering at red hat around
strategic open source consulting we kind of came up with this graphic which if you can imagine the um
google chrome logo had strategy and governance at the core right making sure you understand that and then had
rockers around consume collaborate and create and we did that because that that’s kind of
the main areas that you think about in open source you have to get the strategy and governance right the why and how right are you do you understand why
you’re participating in open source or using it most companies will start with the consume right that’s kind of the area
that a lot of companies really and again that goes back to the the you know needing to protect
intellectual property and do the licensing and the compliance piece as well but and then i think a lot of companies
i don’t want to say fought but they kind of were like hmm early on oh wait we’re contributing ip back to this other
entity that we they’re not us and and there was a lot of of um i think of evolution there of of
organizations going wait why am i contributing ip back to this other thing and then once they started to understand that hey i’m
contributing this ip back but other people including my competitors are contributing ip to this project
and it’s non-differentiated intellectual property right it’s the things that we all have to use right we don’t need to
all re you know rebuild the highway right we’re all running on the highway we don’t all need to do our own specific
version of asphalt right we need to we need to do things in a in a way that allows us all to benefit from
those things and i think that’s kind of where organizations have i think made the most growth um and open
source program offices are a big part of that is getting people to understand social business leaders to understand that
you are giving away quote-unquote giving away intellectual property but you’re doing it in service of your other goals
you’re doing it in service of you know being able to take your engineering resources and have most of them work on that 20
differentiated intellectual property that’s built on top of the 80 percent of open source that most best and class organizations use today
wow that’s that’s that’s awesome and i think now that you’ve provided context i like
to shift focus just a little bit what are some of the most important factors a company should consider when choosing
to use an open source project i think one of the big ones for me and probably from a community community
standpoint is what’s the community health and i’ve been involved in decisions about what open source gets used in an
organization and um sometimes it can be and i say this as an engineer sometimes it can be a little
engineering focused as to oh it has this this open source project has xyz feature that we need
but if the community health isn’t great right if it’s a if it’s um something that’s an abandoned project
um that you know was out there and then hasn’t gotten a lot of traction in quite a while
you as an organization even though they have the features you want if you bring that into your organization you are then probably going to be
responsible for maintaining that going forward and the benefit of a healthy community
open source community is that you’re not the only one your organization is not the only one maintaining that so
i think community health is is a huge part of that for me making sure that obviously it’s got technical fitness for what you need but
that the community is healthy and that you’re not picking up essentially a dead project and and trying to
manage that all yourself now some cases that might work right where you may be maybe an organization sort of
reboots an open source community project that hasn’t had a lot of traction but it’s one of the things when i did
consulting that i really stress to business leaders is kind of have a process
where your engineering organization weighs in on on you know the the engineering fitness of an open source project but that you also look at the
community health of that project what is how do you actually measure community health well there’s a lot of
different ways right and i think one of the nice things a good small plug here for the chaos project if you haven’t heard of that the chaos
project um is about metrics and it’s actually run by a lot of folks that that are friends and colleagues of mine
and they’re basically trying to answer that exact question right because you can measure it um very very uh
tactically around okay how many uh code contributions have come in um but i think it’s also important to
look at you know what does the support community look like right is there an active vibrant uh set of forums where people are
talking about this project um when was last release right there’s some there’s kind of different ways quantitative and qualitative ways you
can look at measuring community health i think the chaos project is doing a great job of of trying to crystallize
those into something that that we can all use in the industry yeah that’s that’s very i think one of the biggest things that i’ve heard from
a lot of companies is really trying to answer that exact question in terms of you know how do we know if in an open
source project it’s actually healthy um and with contributing to to this open
source project if i decide to use this who are going to be the maintainers i think it’s it’s a big question that i’m
not sure we have figured out the right answer yet but there are definitely a few resources out
there um to help us um with that um so i know you’ve spoken online a lot
about the importance of cracking mec of tracking metrics uh when it comes to open source
so what metrics should businesses focus on when considering the return on investment
of using open source software oh boy that’s that’s an interesting one because
i think it kind of it depends on there are certain things like community health right that that are that are one
of those but it also you know kind of depends on your individual situation as an organization
are you a large organization that is willing to take on um you know these these projects that maybe are smaller
and uh don’t have as many code contributions or maybe your need is different is the project stable right is it
is it something that you’re not going to see a lot of upgrades it can still be a healthy project right but you may not have a lot of code
contributions for example so i don’t know i don’t know if i i i don’t know if i had an exact answer for that
specifically because it kind of depends on the situation right you may you may see a project that has a ton of incoming
contributions and um maybe it still doesn’t have technical fitness for your organization
so but understanding sort of of what metrics are important to you
and some of the what are the common ones right you know again number of code contributions uh number of bug reports that are coming
in um how fast those bug reports are being uh handled how fast incoming pull requests to that project are being
um dealt with because you can have a project with a lot of contributions a lot of pull requests to it
and those pull requests are not being managed in a way i mean they’re taking you know six months to put in a pull request
you know that’s as an organization you have to look at that and go wow is that the kind of project that that is going
to be useful for me especially as my organization starts contributing more to it that’s the dilemma that a lot of
people have is just so almost they just once you start leaving the issues too long they just pile and pile and pile and
pile and pile and yeah i think a lot of little of project maintainers have sort of
um whine to me about that being a problem right so you’ve had experience
building an open source group at samsung and you led open source strategy at
autodesk for those listening what is an open source program office and why would any company want to like
one to one one well it’s actually funny that you’re you’re mentioning this because um i’m in the middle of
helping build out or refresh some training for the for the linux foundation around that very topic one of those topics is
an open source program office why do you want one i just actually finished writing that module the other day so fresh in my mind
i think um it’s the central place where your organizations this is kind of the
central nexus around everything you do in open source now the software development may be done in other parts of the
organization but having a central place that’s that is helps re is helps be responsible for training
helps be responsible for making sure that the liaison was legal is happening
and that all of the the compliance issues are taking being taken care of and then also again the place i think
where the the central nexus of training happens um in terms of making sure that your
organization gets the most out of of engaging with open source because i think you know there’s been a
lot of of talk over the years around you know free isn’t as in um freedom or freezing beer without open
source and open source is not free right there’s no free lunch here so as an organization you get a lot of value
from the innovative power of open source and the fact that you’ve got multiple people that are contributing to this from all
over the world right i mean all you have to do is look at the linux kernel right it’s running it’s the basis for pretty much everything from my watch to
to a bunch of stuff that we’re all relying on but you know it really requires an organization to have
a central place and it doesn’t have to be a huge staff type of place but a central place where clearinghouse where all these these
things can be can be dealt with and um you know can be a place where the
company is represented out to the external community because you’re getting some representation from software development teams that are
working with open source but at a corporate level having the ability to um have a place that can
do things like make sure events get sponsored or make sure that you know that the right things are happening and
the right open source projects that you care about are keeping healthy i think that those are all areas where an open source
program office can really help and so i think there’s there is a threshold right if you’re if you’re a two-person company
having an open source program office probably is not the right the right approach but once you get to a certain level in terms of both um
people projects that you’re working on uh revenue all those things then it’s it makes sense to think about
what an open source program office can look like and one of the things i talked about in in the training module that i’m building is that
um you should your open source program office should follow kind of the mantra that the rest of the open source world
does around release early release often right you don’t need to build a 500 person open source program office to begin with you know you could start with
one or two people i mean when we were at samsung gonna help start that open source program office
we started with four people and we grew it to about close to 20 by the time we were done
but it we actually just continued to iterate so i think you don’t have to build out the whole thing from the beginning
but starting small and and understanding what are the most important things that that organization needs to worry about
in open source is a great way to get started yeah that’s that’s pretty awesome and i think from from my perspective and
and from what i’ve heard a lot is that case opening an open source program office um
definitely start when a company starts to pick up um in the open source contribution
um but for some of the companies that are only users of open source
um how will you convince them um and i don’t even know if if this is still a thing because in my
mind i’m just like if you use it you you have to contribute um but i do know that i see some organizations out there that
only use open source but don’t contribute back why would you encourage any company um to
contribute back to the open source projects they use and what advice do you have for them
when they’re getting started so i’ll answer that by telling you a little story and uh i won’t mention the
company but it was one of the companies that i’ve been at in the past that thought we’re only going to use
open source right we don’t need to contribute back or we don’t want to give away ip and it was a very illustrative story
because the engineering team came to me for this open source project and i i won’t mention the project because
that’ll also give away which company it was but um they came to me and said hey we have these upstream chain
or we have these changes these bug fixes we’ve made for this project and we’re going to go ahead and contribute them back
and i said oh great that’s awesome uh have you been looking at the mailing list have you been
um figuring out uh if the rest of the community has have you been participating figuring if the rest of the community is
even hey wants these changes maybe they’ve already fixed it they’re like oh no we’re just going to push we’re just going to give these
changes back because well we don’t want to deal with it anymore and uh i said okay good luck uh and they
came back to me about a week later and said oh yeah the community already fixed that in a release that was
four releases ago right because this company again it was like we’re gonna take this version of open source we’re
not gonna contribute back we’re only gonna use it and they had hadn’t updated the internal version of this
this open source project that was being used to build a product they hadn’t updated it in four major revisions and they’re like oh we’re
gonna contribute these changes back for these bug fixes well now you’re in a really really weird spot right because you’ve you’ve
put engineering resources into fixing these bugs and so you kind of want some return on investment there
but you’re also four major revisions behind and oh to be able to to pull that those that
the most recent version in because there’s a security fix or something else you’re now in this chicken and egg
situation where you’re kind of going to expand extra engineering resources either way and so what i
i use that story because it’s very illustrative about organizations that think they’re only ever going to use open source
it’s just i’ve never seen that actually happen in practice right eventually you’re going to find a bug that maybe isn’t is an edge case and
it’s not doesn’t show up except how you use that code open source code in a product and you’ve got to fix it
or the open source community doesn’t have the time and energy to fix it and well if you want to if you want to fork that
version of an open source project only use it never contribute back never engage with the open source community
you’re actually building a bigger support burden for yourself to actually have to worry about that it rather than if you
paid the cost of you know contributing back keeping up with that community that cost is
actually lower um in the long run than the strategy of oh i’m just going to keep this thing internally and do my own thing with it
and i don’t have to contribute back and i’m just going to grab this code and freeze it in time because we all know right code does
never never gets frozen in time there’s always changes and having a strategy where we’re only ever
going to use open source but we’re never going to contribute back i just haven’t seen it work in practice because because
technology changes and bugs are found and features are needed okay that’s fascinating we all know how
how much work the forking takes people companies i think convince themselves that oh yes this is going to help us
we won’t have to work with open source community was get it changed but you just end up spending so much money over time and we were actually i was it
was with a few people once and someone said this very funny thing they said uh companies just have to stop
forking themselves um i thought i wish i thought about that back then that would have been a great
great line to use um but contributing to open source is one
one side of the spectrum and then another thing that a lot of companies have been doing and it’s definitely a growing
trend is open sourcing a lot of their code um so when should a company open source
their code and what does that process look like well i can start with saying with when they shouldn’t open source
their code is if they’re trying to get rid of something that’s legacy and they think oh we’re going to put it out there and get
you know a bunch of great pr around it try not to open source stuff that you’re end of lifeing i mean sometimes
there’s a case for that right if it’s a file format i was at an organization where there was a very popular file format
they weren’t going to maintain it anymore and the community had the demand to maintain it and they then they open-sourced it but they
went into it with eyes open as opposed to just saying oh we don’t need this code anymore we’re going to throw it over the wall
in terms of when you should i think there are a couple of things to think about one is um do is the code that you have
going to be something that you want you want to promote as a standard a de facto standard that
everyone in the industry uses including your competitors if that’s the case then that’s an
opportunity to open source it and and kind of again share that cost burden with everybody in the industry
it can be used you can open source code to use that as a disrupter in terms of um you know changing the industry um
making the industry move in a particular direction that’s beneficial for your organization but you have to temper that with
understanding that when you open source something like that you probably have six to eight months where you’re the your
your organization that originally wrote the code has first mover advantage but then everybody if it’s eventually going to catch up so i think it’s
important to to understand that the things you open source obviously you’re not going to open source
core intellectual property that is your differentiated value right but you may open source things that are around that a code that supports
something that you know is your differentiated value but that you want every again i want everyone in the
industry to use so i think you know there’s there’s just some things you think about uh when you open source internal code um and then
another area of that to think about is sort of what is the the health or the cleanliness of that code
right so um i’ve helped organizations do this where we go through code review and we’re like
oh yeah we’re not we want to open source the code but we don’t want that comment in there or we don’t you know or that exposes something
that you know ties back to something that we’re not going to open source so there’s some there’s some health things
that you need to do some some sanity and sanitation things you need to do before you open source that code but
making the decision to do i think is largely around um what’s the value for you as an
organization okay and i really like how you touched on sort of starting what you shouldn’t
do um and i think there’s just so many lessons that i think have been learnt recently and
earned over the decades as open source has grown but for the benefits of those listening and since you do have such a vast array
of experience in the open source industry i wanted to ask what were some of the biggest mistakes that you’ve witnessed
companies make uh when either using or when managing open source oh boy i’m trying to pick i’m trying to
pick one a heavy loaded question well i don’t know trying to pick ones that i can that that a i can talk about without
examining or without giving which company it was um you know i use i use the one example
already of the of of engineers and then an organization that said hey we’re only going to consume this thing and and then oh also we have
changes we’re going to contribute those back and the bugs being fixed so that’s that’s one mistake i i saw uh one i kind of
alluded to and touched on of of the um falling prey to the metrics
and i love metrics as an engineer but falling prey to the metrics of we’re going to create you know 10 new open source projects this year
right that’s our metric we want to create 10 new open source projects not we want to create you know five great open source projects
but we’re just gonna we’re going for for quantity not quality uh that’s a a
big one i i’ve seen that happen a couple of times and and what ends up happening is the organization
basically gets a bad bad reputation in the open source world of hey they’re just throwing stuff over the wall to
throw stuff over the wall um let’s see what’s another one i think
um not strategically thinking about what open source you’re going to consume um this is
actually one i’ve seen quite a bit where organizations will just kind of let it grows organically right where a
lot of engineers will just cut and paste bring things in and there’s not excuse
me a good compliance process and by that i mean when i say good i mean not one that is so restrictive that
engineers don’t want to go use open source and not one that is so loose that it’s just it’s like the wild west
inside your organization but something somewhere in the middle that you both strategically think about what
open source makes sense for you to bring in but you have the processes in place to make sure that you are not violating licenses you’re not combining
a piece of open source with one license with an incompatible um another piece of open source and then
making sure that if you don’t do that you’re not going to have the issue
of sort of the viral nature of gpl so there was a specific instance where code
was brought in and it actually went through the checking process but the threshold uh we were using a
tool at the time and i won’t see which tool that um check to see in an incoming piece of
code that we got from a supplier that it had whether it had open source or not
well turns out the code did have open source but it was at a threshold below what the reporting threshold was of the tool
and um the issue was that if it were any other license other than gpl wouldn’t be a big deal
but it was gpl and uh and as we know for those who don’t know the gpl has a
viral property where if you combine it with a piece of proprietary code you can in some cases be
responsible for them making sure that the proprietary code is is available right which obviously is an issue for an organization that’s
using that code for to provide differentiated value so um i that was that was an interesting time as we
navigated that one okay that’s definitely a great mistake to learn from um is that so in terms of uh understanding
who consumes and i guess at making those decisions does that start at the ospo since that’s the heart of uh
almost open source excellence or is it start with the engineering team who is trained by the ospo what does that look like i think it has
to start with the engineering team um because uh even in the most
the largest um osbos ospreys that i’ve seen there’s just too much going on in a big
organization where to make that the bottleneck they they they think they need to help in the training
they need to be part of helping create those processes but they need to be it’s kind of strange and as well almost
it’s between two worlds that you need to be an advocate for the um for the company and for the engineering teams you kind of need to be an advocate
for the open source world right so there’s an interesting sort of um your juxtaposition you have as
as somebody who’s in an ospo but yeah i think it has to start with the engineering team so those engineering teams need to feel like they have the
tools and processes in place to be able to consume that open source and and know that they’re consuming it in a way that’s going to be consistent
with company policy okay great and then i’d like to shift gears a little bit and focus on your current role at oasis
so i know that you what actually have prompted you to leave autodesk where
you’re working on uh building out the ospo their open source program office for those listening
uh to then move to oasis where you’re now working on open source and standards yeah i mean it was a very interesting um
opportunity i think one of the things if you go back and look sort of at my history is i worked
on a project called forge.mail for us department of defense and it was the first opportunity uh
really one of the first opportunities in government to to really work on sort of community building inner source open
source types of things and what was interesting is um it it was ahead of its time in a lot of
ways and we didn’t get some of the uptake we had some some good successes but we didn’t get some of the uptake that we wanted
and a lot of the reason we didn’t get the uptake had nothing to do with technology um or really even culture because there
were a lot of people in in government that really wanted this to work it was all about the procurement
process right and the procurement processes that were put in place and have highly regulated environments like government
uh or finance or medical uh are built around standards right and so getting open source into
that environment was was a bit challenging right and it’s it’s also it’s improved since then
and you’ve got organizations like red hat for example that have been doing great work within within governments but i think there’s
still this this legacy in some of these procurement processes that they’re based upon open standards
and i would love to see as an open source person more open source innovation being used in these highly
regulated industries and so when the oasis opportunity came up i looked at this and said wow that’s this
is a great this is a great place to be that we want to marry the the amazing
reputation that oasis has as a standards definition organization and great relationships they have in government
great relationships they have with other standards definition orgs like is iso itu w3c all of those
and marry that with with open source in a way that actually allows that to be the best of
both worlds because i also think about and i wrote about this in an opensource.com article recently
if you actually go back to the history of of the beginnings of the internet and the beginnings of all the things we rely
on now they’re based on their standards right http for example and there’s an open source
implementation of that right so it’s always there’s this has always sort of been this way and then i think maybe recently in the
in the most recent past you’ve sort of had for whatever reason the the differentiation of oh this is open
source and this is open standards and the two of them are compatible and that actually absolutely is not the case and so i think the the opportunity to oasis was
was something that i think of as a way to demystify open source in these in these highly regulated industries
that rely on on standards as their main procurement mechanism that’s
very interesting and for those of us listening today what exactly does oasis do
so oasis as you as you mentioned at the beginning or standards definition organization so an
organization that helps the industry define standards but we’re also
an organization that helps hosts open source and helps do open source projects with the
opportunity for those open source projects to have a path towards standardization and that’s the really key element right
i think um everybody a lot of people in my open source community again looked at me when i decided to go to oasis and said wait
that seems like a very divergent career move for you to go to standards and i actually don’t think it is i think that i’ve had some experience in the
past with um the open connectivity foundation for example where we had a which is a project around
putting a an abstraction layer on top of internet of things devices to hide the networking layer
so that application developers can write to one interface not have to worry about zigbee z-wave all these different um other wireless protocols and that
organization started out as a standards definition body that then had an open source reference implementation of that
standard and i and in seeing that and doing that work with with the ocf i saw that there’s a great
opportunity for those two communities to work together right the open standards folks and the open source folks because
a lot of what happened in ocf for example was that the open source reference implementation uh feature would come in that hadn’t
been considered in the standard but then the standards folks were like oh yeah you know we missed that we need to go back and deal with that and vice versa
there would be things that would come in in the standard that the open source project would say oh yeah we have to account for that
and the beauty of having the standard is that you are then able to not only get it into these
these uh highly regulated industries but you also have the opportunity to
define interoperability in a way that allows multiple different uh implementations and i think that’s the
one area where maybe in open source we look at interoperability at the api
layer as opposed to the whole implementation layer right in other words in other words can you do a
an implementation in a different language different platform and is there going to be interoperability so uh you know i think oasis is an
organization that that has traditionally been only really on the standard side in the last couple of years even before i joined
um they’ve been making a move towards bringing open source in and helping open source projects figure out a way to get to
standardization right so kind of it’s in essence it’s like a community building exercise right i
think oasis is a great place for the two communities the open source and the standards community to come together
yeah that definitely makes sense um and i think you did mention this a little bit but
i’m just curious you know in a more structural way why would any business care about open standards
yeah i mean businesses do care about open standards and i think it’s it’s interesting that it kind of depends on the business uh
that you’re in right i think a lot of again more highly regulated types of industries like medical for
example care heavily about standards right especially as it relates to things like medical equipment right you want
your and you know we all want our medical equipment to conform to um standards so that you actually have
some interoperability if you’ve got you know a pacemaker made by one company and um you know some sort of other
monitoring tool made by a different company they should be able to exchange data right in in service of the ultimate
end user which is the patient so i think you know having standards be
continue to be a a core value in our society and and with organizations like oasis is
really really important so you briefly touched on it before but for the industries and regulatory bodies
that oasis has relationships with what’s their perspective of open source i think everyone has seen that
that you know the running joke is open source is one and it has to a degree right i mean maybe not on the desktop right
everyone jokes about when is that when is you know linux is going to be the desktop environment but i think everywhere else
um the industry has sort of figured out that open source is one um but the these areas that traditionally rely
on standards i think it’s in some ways the perception is that open source is still a little
bit of the wild west and i don’t really think that’s the case i think you know some of the best open source
projects out there are run really really effectively and being able to say okay
hey this open source project can you know conforms to the standard so if you don’t want to use the open source code great you can go off and
write your own and there’s going to be interoperability i think that they these organizations that have traditionally
only dealt with standards um feel would will feel more comfortable with open source as i
as as again as the marriage between open source and standards becomes a little bit more of a reality
okay so it seems that oasis is almost uniquely uh positioned and you use the word to
demystify which i really like before um open source to these open standard um or people you deal with
within open standards um so what does that look like really what
does that look like since you’ve been there and after talking to people who have been there for a while and what impact
do you think os is going to have in that regard so my vast experience
of four months to see as the oasis executive director uh you know i think what it looks like
is that both oasis the organization and the people that we serve recognize that this is important so um
a little side story in this little can’t give some some color to this so the the number of people in the open
source world that sort of do what i do sort of the open source program office business strategy uh we joke and it’s actually
not that big of a joke there are about 40 or 50 of us in the world we all know each other um and so it’s not surprising when these
opportunities like the oasis executive director come up that um that you kind of know other
people that are also going for the role uh the other the other two finalists or three finalists for this well the other
two finalists i know um colleagues in the in the open source world but i think what was interesting
is that um as i look back as executive director as as to what the the hiring process
looked like um all three finalists for the role were open source people and i think that shows that the
organization and the work that that has been going on with open projects for almost two years right the open projects
part of oasis shows that the organization believes and and the constituents of the
organization the members and the people that we serve believe that open source is extremely important um
and i think that the the move towards making sure that that
we bring in open source expertise that we we have an advisory council for example at oasis that is comprised of a lot of
those those 40 or 50 people that i talked about um and their role is to help oasis and
me make sure that we again marry open source and standards in a way that that does not get rid of standards right
i think it’s one of the things that i’ve been really adamant about as i’ve come on board both with members and staff and and our board of directors is that my job is not
to come in and make oasis an open source organization purely my job is to come in and bring enough
open source in and marry it with the great value we have in standards so that when our our constituents look at um and
members look at what oasis is doing they’re like okay we see value there we see value in the open standards work
and how it ties in with open source awesome awesome well guy you
have over a decade of experience in open source industry and one thing that um i always like to
ask our guests is um if you were to compare um open source today
to where it was 10 years ago what are the differences that stands out the most to you i think
uh the obvious notion is that it’s it’s mainstream right i think when i started an open
source it was there was open source there weren’t open source program offices but the prevailing way
that people thought about open source especially i think at the at the business and um and strategy level is oh that’s scary
i’m not sure what to do about that right all my engineers are telling me i should use this but i don’t know kind of if this is
going to make sense or is this going to expose me to issues yeah that is gone
right i think every business leader i’ve ever talked to now you know in the in the most recent past has said
well yeah we understand you know it’s not an option we have to use open source because a you know we’re competing against
organizations if we try to build everything ourselves we’re competing against organizations that are using 80 open source
focusing their engineering value on that 20 value add and we’re just not going to be able to compete with that so i think that’s the
biggest one of the biggest changes i’ve seen is the acceptance of open source as as you know just a given and doing
something with it in an intelligent way is really really important and i think that’s what most organizations
uh see now is that they they have to do something with open source in an intelligent way and hence the growth of the open source
program office exactly exactly and i think we’ve definitely seen we’ve all seen that change
um happened over over the last i would say probably the last two decades um with the growth of open source um but
also what what do you see the future of open source to be like i think the future of open source and
something that everyone’s been talking about and kind of very much what open teams is is about is
what is the sustainability model for open source right i think um open source also
to kind of go back a little bit to your previous questions open source previously i think was seen as oh this
is hackers and people and you know flip flops and hoodies in the garage right doing this doing this as their as their side project
so now open source is mainstream in terms of you know most open source is being developed by corporate developers who are being paid
to do it but um sort of understanding where we go from there and making sure that
that sustainability is a is a is a thing right that that these businesses that are using and
every everyone companies that are using open source contribute back not only um code for
that but also contribute back to make sure that these these smaller open source projects are maintained right i think nobody’s
worried about the linux kernel right um linux foundation everybody is sort of taking care of that with with linus and
and that team but it’s some of these smaller open source projects and i know there’s been work done around the core infrastructure
initiative to fund these things like openssl and ntp and some of these smaller projects but there’s a lot of
more smaller projects and again i think it’s where open teams is doing some great work is understanding that you know there’s the
i think henry before the podcast you and i talked about the long tail of open source right the long tail of these
these projects that maybe aren’t the mainstream quote unquote projects but they’re the core pieces that things like node.js and
other things rely on we have to as as an industry really do a better job of making sure that those
projects are continue to be sustainable yeah i couldn’t agree with you more i think that’s something that a lot of
companies need to focus on and i think they are focusing on it and definitely perspectives have to change and i even know when we we talked with
gil yehuda the other day he actually was part of the dark side early on he didn’t believe in open source he
uh was against it just like everyone else and then he sort of took a step back and said okay wait let’s look at this let’s actually listen
to some of the people in open source some of the thought leaders and let’s see what this really is and i
think it’s it’s just so exciting to be part of that journey and part of that that wave of growth uh because it really
has not just i think been an evolution for the world but i think it’s it’s evolved software obviously but it’s also pushed
um it’s just it’s the open source ethos i think has just touched every aspect of our lives these days um so we’re about
to wrap up now but i wanted to leave the audience with something uh and that is
if you were someone at a company either an executive or just a manager an employee or someone who
could really make a change and even if not maybe they they could just be in a lower grade employee but uh could still make a change how can
they what steps would you take to actually drive change so that the company you work at that actually takes
becomes a bit more open source friendly i mean i think i think education is at
the heart of that right i mean understanding looking at other um players in your
industry who are doing open source and asking why right and talking to them and
understanding their journey through open source and why they chose to make that decision um that’s
been i you know having built that consulting offering again at red hat i think that’s one of the things that we did
pretty consistently early on as we come into organizations that maybe weren’t hostile to open source but they were
maybe a bit ambivalent they weren’t sure what they wanted to do and we’d bring case studies and we’d say hey your
xyz company and your sector is doing open source and here’s the benefit they’re seeing and i think that is kind of the
you generally don’t have to convince engineers anymore we’re to a point i think generationally where engineers are coming out of school going oh yeah the
source makes sense duh right i mean if you’re using teeth right exactly but but some of the some of our more how do
i put this gently as a middle-aged white person in tech some of our more seasoned executives
um still maybe are especially if they’re in sort of ancillary industries that haven’t really been in technology and
now are kind of in technology just by the nature of sort of how we are as a society
they sort of have to be convinced around what the business value is and so being able to to bring in these um
these case studies and and or point people if you’re somebody in an organization who isn’t as open source friendly and bring data
right bring examples of why this is valuable and sort of why we we all in the open source world are
continuing to push this and it’s continuing to grow so i think again every time i’ve had a conversation with a business leader
that was um questioning why open source first of all i don’t have very many of those conversations anymore
recently but um and i think by the way it’s funny that you said gil was on the dark side because gill’s now like one of the biggest champions of open source
ever it’s amazing but um they’ve got a hat they’ve got a king hat for him at the open source program office
they do have a king and and the side note is i brought him i brought him a beret back from uh france that’s uh from the linux
foundation we haven’t had berets where’s my periodically but uh sorry getting back to it i think that um
yeah just making sure that that you as someone who’s in an organization can point out that you know there’s value in open
source and here’s why there’s value and other people in the industry are doing it and here’s the value they’re seeing from it
okay that’s great and i think that’s an amazing way to end the episode so thank you so much for all
of your insights today guys it’s been an absolute pleasure talking with you and being able to sort of dig deeper with all of your
vast array of experience and knowledge uh so thank you very much for your time thank you henry you just appreciate it
had a great time so to those of you who are listening uh if you like if you listen today uh then please um like the video and go
to our youtube channel and subscribe if you are on youtube but if you’re listening to the podcast then then please leave a review
and let us know what you think our next episode we’ll be talking to patrick mason the general manager and
board director at open source initiative so stay safe everyone and until next time thanks for listening
thank you everyone