Black Duck Software and North Bridge Venture Partners on Thursday published the results ofThe Ninth Annual Future of Open Source Survey.
The number of companies using at least some open source products or developing software built with open source components is at an all-time high, the survey found.
The results reflect the increasing adoption of open source and highlight the abundance of organizations participating in the open source community. They also underscore the need for formal policies and management strategies as open source use becomes increasingly pervasive, the researchers noted.
This year’s survey results were based on 1,300 complete responses. Incomplete or partial responses would have doubled that total, but the analysis was restricted to complete responses for consistency and fairness, said Bill Weinberg, senior director of open source strategy at Black Duck Software.
“The degree of corporate adoption is unprecedented. … Almost everybody is using open source in some form. Companies are encouraging employees to contribute to open source and not just consume it,” he told LinuxInsider.
The adoption of formal policies to manage open source use is one of the target goals for improvement the survey revealed.
A lack of formal company policies and processes around open source consumption points to a need for management and security practices to catch up with the growth in open source software investment and use, the survey suggests.
Companies are increasingly aware the benefits of open source, but they are not always aware of the extent to which open source is incorporated in their code, Weinberg said.
Corporate open source adoption and participation across industries have reached an all-time high. Companies that historically may have relied on proprietary technologies are realizing they face a competitive disadvantage by not taking advantage of open source projects.
“There is no such thing any more as purely proprietary software. Every segment of software has a dependency on open source software. These are all great trends — but companies still do not have a handle on managing their open source resources,” said Weinberg. “The one thing we are finding about the policies is those policies are not completely adequate.”
A solid 78 percent of respondents said their companies ran part or all of their operations on open source software. Sixty-six percent said their companies created software for customers built on open source.
This statistic has nearly doubled since 2010. Five years ago, 42 percent of respondents to the “Future of Open Source” survey said they used open source in the running of their business or in their IT environments.
Few who try open source reject it, the study results confirmed. Ninety-three percent of respondents said their organizations’ use of open source increased or remained the same in the past year.
The number of companies that participate in open source projects is also on the rise. Sixty-four percent of companies responding to the survey were active participants. That was up from 50 percent the year before. Eighty-eight percent of respondents expected to increase their contributions to open source projects over the next two-to-three years.
Open source has become the default approach to software. More than 66 percent of respondents said they considered open source software before considering other options.
Open source is affecting nearly every sector of technology. It is creating huge opportunities for startups and large established companies alike. Thus, venture investments in open source are nearly doubling year over year, noted Paul Santinelli, a partner at North Bridge Venture Partners.
“The reality is that the bulk of open source companies and projects are no longer in their infancy. Rather, they are fast-growing, industry-changing efforts, and they are deservedly attracting top dollar from investors,” he told LinuxInsider.
With so much capital entering the market, it is really only a matter of time until we see more large, open source public offerings, acquisitions and exits. The next open source whale is right around the corner as a result, said Santinelli.
Better Scale, Deployment and Security
Open source software affords users the greatest ability to scale, said 58 percent of survey respondents. Also, OSS provides superior ease of deployment over proprietary software, noted 43 percent.
As for security, 55 percent of the respondents said open source delivered superior security when lined up against proprietary solutions.
Open source is becoming the de facto security choice among decision makers. When evaluating security technologies for internal use, 45 percent of respondents said they gave open source options first consideration.
Open source software drives future technology and security development, the survey results suggest. Respondents said they expected cloud computing (39 percent), big data (35 percent), operating systems (33 percent) and the Internet of Things (31 percent) to be impacted most by open source in the next two-to-three years.
“A lot of these data points cut both ways. While a lot more companies have policies, more than 55 percent have no policies or procedure. So there is still a lot of ad hoc consumption and integration going on,” said Weinberg.
Policy and Process
More than 55 percent of respondents said their companies had no formal policies or procedures for open source use. Moreover, only 27 percent had formal policies for employee contributions to OSS projects.
Only 16 percent had automated code approval processes. Less than 42 percent maintained inventories of open source components.
More than 50 percent were not satisfied with their ability to understand known security vulnerabilities in open source components, but only 17 percent planned to monitor open source code for security vulnerabilities.
“The security issue raises an interesting point,” said Weinberg. “It is a double-edge blade in that the general impression from the data is that open source is more secure than proprietary or legacy solutions. The general feeling is that people are also choosing open source because it is more secure.”