Sun UK's chief open-source officer, Simon Phipps, has a high-profile role to play as the company aims to complete its move to 100 percent open software development.
Echoing the words of James Gosling, the father of the Java programming language, Phipps said that, after more than a decade of Java development, the time is right for "the next chapter" in software programming.
For Sun, this next chapter means the release of its complete software infrastructure to open source. No small task, the company said that this has been a process of evaluation and analysis heavily focused on the communities which make open-source improvements possible.
Now eight years into his current tenure at Sun, Phipps is responsible for the team managing the company's global activities and relationships with a large number of open-source community groups.
As the company prepares for next month's JavaOne developer symposium in San Francisco, ZDNet.co.uk caught up with Phipps for an update on Sun's work in the open-source arena.
Q: For most of its history, Sun has been in favour of the closed-source approach to software development. What changed?
A: My role was created about three years ago to coincide with our company's ramping up of interest in open source. In 2005 we came to the conclusion that this was the future for the software industry, so I look after our overall strategy and our relationships across over 750 open-source communities.
These groups share broadly the same goals for open-source development but differ widely in terms of their licensing and delivery models. At their core, they derive from either organic or commercially driven roots and this can make a difference to the way we work with them. What's important to remember is that open source isn't just a community; it's a community of communities.
How do you view the broad picture for software development at the moment?
We see the software industry switching over from its current delivery model to adopt far greater focus on open source. I characterise the current model as a "procurement-driven" model, where a company puts out a proposal for a software system, a vendor analyses requirements and the company buys in and "acquires" the software in question. We see this approach gradually being replaced with the "adoption-led" model, at first in start-ups and then within larger business, where businesses adopt first and — possibly — pay later.
Sun has faced some criticism over its commitment to open source. Do you think that this is unfounded and how do you react to comments in this area?
I like to use the example of the chicken and the pig when trying to clarify Sun's position on open source. Both animals were asked by the farmer to bring something along for breakfast one morning to show their worth. The chicken turns up with an egg, while the pig turns up with a side of bacon. The farmer looks over the offerings and says: "Well, the chicken has contributed, but the pig is committed."
As a company, Sun has released all of its core products under open-source licences. It has taken us about five years on OpenSolaris and about three years on Java. There were one or two areas where we had to go back and recode from scratch but, largely, it has been a smooth enough journey. There's only one portion of Java left to work on and that's the SNMP systems management code and I think we're going to rewrite that.
A census has recently been undertaken to analyse deployments of open source in the workplace. Do you see businesses currently suffering from a lack of knowledge over their own open source installed base?
The fact is that most chief information officers simply don't have a policy for open source. But, then again, most chief information officers don't have a policy for use of Google, yet it exists within the enterprise. They don't have a corporate edict to use Google for search but people use it because it is there. In a lot of ways, this is how Microsoft started and built its reputation and popularity. Today, open source has gained momentum as it is solving problems at a departmental level and is gradually growing into an enterprise technology.
Given the security concerns that are naturally thrown up by exposure to open code structures, will Sun be putting forward a new set of open-source security policies now?
I'm fascinated to see what people think the security concerns are with open source. You see, most security problems are caused by an "exposure" situation, which develops into an "exploit", but one only turns into another when the exposure is hidden from view. In open source there are plenty of "exposures", but there are also many eyes watching, so the transparency of the situation means there is less scope for exploits and they typically don't evolve because the exposures get fixed too fast.
Red Hat is hosting the UK's first open-source forum on 14 May next month. The pre-show materials appear to suggest that enterprise migration to open source is the hottest topic. What do you think will turn the most heads at the event?
It may well be the case that events like these enable businesses to reach a new level of understanding as to what open source really means. If chief information officers expect to be able to sign up for open-source implementations and simply get something for free, then they need to step back. A more mature thinking chief information officer will see that…