Addressing Lock-in, Interoperability, and Long-Term Maintenance Challenges Through Open Source: How Can Companies Strategically Use Open Source?

. This industry paper reports on how strategic use of open source in company contexts can provide effective support for addressing the fundamental challenges of lock-in, interoperability, and longevity of software and associated digital assets. The fundamental challenges and an overview of an ongoing collaborative research project are presented. Through a conceptual model for open source usage in company contexts we characterise how companies engage with open source and elaborate on how the fundamental challenges can be effectively addressed through open source usage in company contexts.


Introduction
Over the years, researchers have identified a number of different motivations for companies and individuals to engage with open source [29,4,21].Open Source Software (OSS) is software made available under a software license which has been approved by the Open Source Initiative [25] and with OSS the nature of development and competition in the software sector has significantly impacted on this sector [7].This, in turn, has led to increased opportunities for organisations basing their business on open source and in 2007 it was found that in the context of the Norwegian software industry "more than 30% of the companies get over 40% of their income from OSS related services or software" [11].Further, open source goes beyond software and important aspects of open source have influenced licensing in the hardware domain [12] and as a development model for standardisation [19].
Open source constitutes an early exemplar of open innovation [20] and its strategic use by companies is increasing [23].Software maintained in open source projects is external to specific company contexts.Therefore, to maintain control of R&D resources it is critical for any company to participate and utilise effective work practices for involvement in open source communities, something which calls for technical and strategic considerations.Hence, companies must be prepared to counter and adapt their way of working in order to stay competitive in an increasingly competitive market.
Building and organising communities around OSS projects involves a number of challenges (e.g.[3,8,1]) and previous research shows "that effective governance and work practices that are appreciated by community members is fundamental for long-term sustainability" for open source projects [8].A number of OSS projects are governed by a foundation (e.g. the Eclipse Foundation, the Linux Foundation, and the Document Foundation), which "are associations that serve to protect, not define, their respective communities' core technologies as well as the advancement of the commons through technical, social, and educational services" [9].Previous studies have analysed Eclipse-projects and investigated how "software firms can apply different types of governance approaches to open source software development projects" [27].Further, several widely adopted OSS projects are also governed in other ways and many companies seek guidance concerning how to establish effective strategies for governance and company involvement in open source projects.This industry paper makes three principle contributions.First, we elaborate on the three fundamental challenges: lock-in, interoperability, and long-term maintenance of software and associated digital assets.Second, we present an overview of an industrial collaborative research project which aims to establish effective strategies for how companies can (and should) strategically engage with open source projects in order to successfully address the three fundamental challenges.Third, through an evolved conceptual model and associated strategies for company involvement with open source we illustrate how companies seek to strategically use and engage with open source projects in different ways.

On fundamental challenges: lock-in, interoperability, and longterm maintenance
Over the years we have witnessed more widespread deployments of complex ITsystems and associated increased demands for longevity of software [8,19].This causes organisations to vary concerning different types of lock-in and inability to provide long-term maintenance of critical systems and digital assets [16,19].Further, OSS is often deployed in a legacy situation where there is a lot of proprietary software and closed file formats.This leads to the need for migrations between different file formats and establishment of interoperable systems.Interoperability supports systems heterogeneity, thereby increasing options for organisations [2,10,13].
Use of an open standard, especially when implemented in OSS, contributes to interoperability in that it "ensures that data and systems can be interpreted independently of the tool which generated it" [17].This is relevant for scenarios in both commercial [18] and public sector [19] organisations.The Swedish National Procurement Services has published a list of open standards, which all can be referenced as mandatory requirements in public procurement [24].An open standard is a standard which conforms to the definition presented in the European Interoperability Framework (EIF) version 1.0 [24] and such standards can be implemented and distributed under different licenses for proprietary software and under all OSI-approved licenses for OSS.
To allow for competition and stimulate innovation the Framework agreements established by the Swedish National Procurement Services [24] require that only open standards can be referenced as mandatory requirements in public procurement.A recent study commissioned by the Swedish Competition Authority found that many IT-projects in the Swedish public sector refer to closed standards which cannot be implemented in open source software, and the Director General for the Swedish Competition Authority states in the foreword to the report from the study that "From a competition perspective it is often problematic when public sector organisations conduct IT procurement and express requirements for closed standards" [19].Further, the study shows that there is a widespread practice to refer to standards, trademarks, and proprietary software and IT-solutions which only specific manufacturers and suppliers can provide [19].
Many companies and organisations need to preserve their systems and associated digital assets for more than 30 years [22], and in some industrial sectors (e.g.avionics) even more than 70 years [3,26].In such usage scenarios "there will be problems if the commercial vendor of adopted proprietary software leaves the market" with increased risks for long-term availability of both software and digital assets [22].
Open source projects with healthy ecosystems can be an appropriate way to address risks related to lock-in and long-term maintenance of commodity software [15].Further, use of open standards reduces the risk to an organisation of being technologically locked-in since they increase control by supporting migration, thereby reducing an organisation's reliance on a single product or supplier [6,10,13,16,28].Further, previous research claims that support for interoperability should not require compatibility with existing software systems (since it tends to favour specific providers of those systems), but rather promote "interoperability with software from multiple vendors", something which can be achieved through use of OSS and open standards [10].Despite such recommendations, recent results from a study commissioned by the Swedish Competition Authority show that many Swedish governmental organisations undertake projects for development and procurement of IT-systems which inhibit competition and use of open source solutions since there are mandatory requirements for compatibility with specific proprietary technology and closed standards that (perhaps) unintentionally inhibit interoperability and create a number of very problematic lock-in effects.
There is limited prior research concerning effective strategies for how companies can successfully address the three challenges through use and involvement in open source software projects.The ongoing collaborative research project LIM-IT is one notable exception which aims to advance the existing body of knowledge concerning effective strategies for company involvement with open source in order to successfully address these challenges.

Addressing fundamental challenges through Open Source: an overview of the LIM-IT project
The overarching goal of the LIM-IT project is to develop, use, and scrutinise effective work practices and strategies for development, procurement, and organisational implementation of software systems in a number of complex application domains, where such software systems with associated digital assets (provided in a number of different open and closed standards and file formats) typically involve several open source projects as well as proprietary software, often depending on many different legacy systems.To address this goal, practitioners and researchers are committed to investigate the following core question: "How can companies develop and utilise effective work practices for achieving long-term strategic benefits from participation in open collaborative projects?"To successfully address the core question there is a need to thoroughly understand motivations and expectations from all relevant (private and public sector) stakeholder groups, which inherently encompass a complex web of interdependencies (with a variety of different, sometimes conflicting, motivations and goals) between different stakeholders involved in, and affected by, a coopetative marketplace, i.e. a marketplace with competition on top of (open) collaboration.
Researchers from different research specialisations (including open source, software engineering, organisational science, and intellectual property rights) address the fundamental challenges from multi-disciplinary perspectives in collaboration with practitioners in a number of innovative organisations.Partner organisations include (small and large) companies from the primary software sector that all have extensive experience from development and use of (proprietary and open source) software, as well as software intensive organisations from the secondary software sector, representing businesses in different domains such automotive, avionics, finance, and outdoor power products.The primary software sector companies are all service providers with many years of experience from providing services and delivering open source solutions to the private-and public sector.Several of these are international and have also been contracted in framework agreements by the Swedish National Procurement Services at Kammarkollegiet (a governmental authority) for delivering open source solutions to the Swedish public sector organisations in public procurement.Amongst the companies in the software intensive secondary sector, several are recognised as globally leading enterprises in their respective fields.
The research project seeks to investigate how the fundamental challenges lockin, interoperability, and long-term maintenance of software and associated digital assets can be successfully addressed in different usage context.Investigation involves systematic scrutiny, through use of an action-case study approach [5], of a number of usage contexts which are of relevance for partner organisations.

Strategic use of open source in different company contexts
When companies succeed in establishing long-term symbiotic relationships with external open source communities and projects, such relationships can significantly strengthen the company's own missions in addition to strengthen involved open source communities which govern development in open source projects that may be of strategic importance for the own company.
In Figure 1 we present a conceptual model for how companies can exploit, and engage with, open source based on previous and ongoing research.The model, which initially was presented in the context of product lines [14], has evolved through collaborative research with representatives for partner organisations involved in the LIM-IT project.Arrows (labelled 1, 2, 3, 4a, 4b, and 5 in Figure 1) represent principle strategies (strategies 1, 2, 3, 4a, 4b, and 5 in Table 1) for how companies can exploit, and engage with, open source in order to seek long-term benefit for their own organisation in different usage contexts.It should be noted that our research has in particular evolved strategy 4a compared to the initial model [14].
Through conduct of research in the LIM-IT project, we have for all these strategies identified a number of specific instances for how companies exploit and are engaged with open source in different usage contexts in the primary and secondary software sector.By drawing from the identified instances in which partner companies exploit and engage with open source, we present some illustrative examples of the identified instances in order to characterise all principle strategies which have been evolved in collaboration with partner companies.The presented strategies and illustrative examples show how companies utilise (and can utilise) open source software for long-term strategic benefits.Amongst partner organisations there are experience from releasing proprietary software as open source software (strategy 4b) and also from providing contributions to established open source projects (strategy 4a), such as Apache Solr, SignServer, and EJBCA.
Organisations seek to establish a long-term symbiotic relationship between different interests in open and closed contexts which is beneficial for both companies and open source projects (strategy 5).Such relationships can be effective means for influencing the formation of long-term goals and thereby support strategic collaborations.For example, organisations in the LIM-IT project has experience from involvement in open source industrial working groups, such as Eclipse and the Papyrus Industry Consortium.Further, amongst partners there are also experiences from initiation of and engagement with independent open source projects (e.g.SignServer and EJBCA) which include all relevant roles.
It should be noted that a combination of the above strategies may be utilised for utilising opportunities with open source in a specific company context.Besides strategic and technical benefits from utilising the five strategies for engaging with open source there are also other potential benefits.For example, from a perspective of personnel policy, a company engaged with open source may be perceived as a much more attractive employer, which may significantly ease recruitment of new staff.

Conclusion
This paper has elaborated on how companies can strategically use open source for addressing lock-in, interoperability, and long-term maintenance of software and associated digital assets.Through a conceptual model for how companies can use and leverage from open source we have presented an overview of a collaborative research project which aims to establish effective strategies for how companies can use and strategically engage with open source projects in different ways.In so doing, we have illustrated how organisations, through adoption of different strategies, currently use and are involved with open source projects in order to achieve longterm strategic benefits for their own organisation.
Through systematic research investigations of how companies can successfully address the fundamental challenges lock-in, interoperability, and long-term maintenance of software and associated digital assets in different usage contexts we seek to advance practically useful recommendations for use and engagement with open source projects, whilst also contributing to advancing the existing body of knowledge in the field.