Guest Column | April 29, 2014

8 Factors To Consider Before Taking The Open-Source Software Leap

opensource

By Renjith Ponnappan, eInfochips

Affordable healthcare is a major concern today, especially for companies developing solutions to enter emerging markets. Global companies are finding it exceedingly difficult to compete in comparatively less-regulated markets, with locally developed products.

With continuous improvement in open-source software (OSS) technology, it is now possible to reduce licensing expenses yet ensure that products work flawlessly. This technology can enable established medical devices companies to be more profitable in their existing product portfolio while enabling product variants that compete in new and emerging markets.

But before we dive into the eight selection factors for OSS technology, let us first address some myths regarding OSS licensing and quality.

OSS Quality
Quality has been a primary concern with OSS. We have seen OSS become more mature, robust, and efficient over the last few years. Quality has improved to a point that support concerns have taken a backseat, and the business case for deploying OSS for life-critical applications has become stronger.

In the 2012 open source annual survey we conducted, the number one reason for adoption of open software was freedom from vendor lock-in. In the 2013 survey, quality was actually one of the primary reasons for adoption of OSS.

OSS Licensing
There is a common misconception that OSS is free to use, customize, deploy, and sell. This is not completely true. OSS can be classified by the licensing format it falls under:

  • General Public License (GPL) is the most common licensing form. Usage rights to the modified source code are carried forward to clients. MySQL is popular GPL software.
  • Lesser General Public License (LGPL) is typically used with libraries from non-OSS technologies. This ensures that their software code (secret sauce!) remains confidential.
  • Affero General Public License (AGPL) requires that modified OSS source code should be available to the community. The ecommerce software MangoDB is AGPL software.
  • Free Documentation License (FDL) deals with licensing for documentation crediting the authors. Also, modifications to the software are captured in the documentation.

Licenses can similarly be classified based on reciprocity. A high reciprocal license requires modified code to be made publicly available. Low reciprocal licenses, on the other hand, do not carry any obligation to contribute the source code back to the community.

The 8 Factors
The risks involved in OSS adoption (covered later in the article) can be avoided or mitigated by carefully selecting your OSS technology. With our experience in building life and mission critical systems, we have codified our expertise into these eight OSS selection parameters.

1. Market Uptake
Even if the OSS is not mature, the market response can be a game changer in how quickly it shapes up. High adoption in a short timeframe indicates the flexibility of the software.

2. Fault Recovery
A primary concerns for OSS is reliability, the fail safe mechanisms put in place to avoid failures. It is important to look at the OSS features, but it is more important to evaluate the fault recovery systems that are available or can be introduced.

3. Interoperability
Being interoperable with other well-known software is essential to leverage the flexibility of using OSS. Though it gets taken care of by the uptake in most cases, interoperability is important, as developers do not need to relearn an entirely new architecture.

4. Talent Availability
Employing skilled people will ensure that the software is optimal, efficient, and relatively defect-free. Assessment of software-skill match at an organizational level is required to make sure everybody does not have to quit or learn new software.

5. Support Forums
Discussion forums are a great way to stay abreast of the latest applications. We can also repurpose some of them for our requirements. A larger discussion forum improves the probability of resolving any corner case errors efficiently.

6. Hidden Cost Of Ownership
OSS is priced way below the premium software, though it carries the additional costs of maintenance, customization, upgrades, and enhancements. Without in-house resources or an expert technology partner, “free” can turn out to be expensive.

7. Commercial Alternatives
Desperate measures taken to market premium software are often an indication of the availability of good OSS alternatives. Availability of commercial variants also gives you a good matrix for comparison and choosing the best software to suit your needs.

8. Security
There is an impression that OSS is vulnerable to security attacks. A good OSS system will typically have better security than a premium one. Dr. Ian Levy, technical director with the UK’s Communications-Electronics Security Group, told ZDNet that asking whether a piece of software is secure is “too broad a question.” A better approach is to identify the security guarantees your organization wants from a piece of software, and then determine whether the software delivers that security, he added.

Risks Associated With OSS Technology
One theory is that with OSS, the collective contribution of a community of thousands of minds would beat that of a few hundred professionals, hands down. The counter theory is that you have no “neck” to grab when OSS fails to live up to the reliability or performance expectations.

Even with widespread OSS across industry segments, we see the medical devices industry being particularly concerned about risks. One of our surveys with medical devices designers concluded that 52% of developers emphasize reliability over all other factors. Unreliable software can cause irrelevant outputs, false measurements, and wrong diagnostics.

OSS technology might lead to unplanned updates without a consideration of the interoperability challenges in critical environments. Software failures could potentially be fatal with critical and life sustaining medical devices. OSS companies also hold no liability on behalf of the OSS community. The responsibility of maintenance, modifications, and enhancements lies with the organization using the software. Regulatory authorities are reluctant to accept such arrangements.

The ROI in making new OSS versions backward compatible is not great. Developers get excited about the latest technology; older OSS versions are typically ignored. Given the long lifecycles of medical equipment, this is a recipe for disaster. For OSS to attract more developers, it is important to cater to multiple industry segments. Hence, generalization is given prominence over specialization. Customization efforts often become deterrents for adoption of OSS.

Case Study
An interesting example we came across involved an FDA Class II certified endoscopy and arthroscopy product, which we re-engineered for a client. Except for the core imaging algorithm, 95% of the software source code (including the operating system, database management system, application, and GUI) is on OSS technology. Deploying OSS not only reduced the cost of the device but also improved the reliability and quality.

The product disrupted the industry with its price points, making endoscopy affordable and accessible to thousands of people.

Conclusion
We see a lot of companies that choose a technology based on familiarity, even when the technology might not be suited to the application requirements. We recommend that companies choose an OSS or premium technology based on its alignment towards the end application, and leverage expertise from design houses (like ours!) to build the best product for the market.

The OSS ecosystem has matured over the past few years. Maturity cycles for OSS technologies have shrunk as well, owing to a large and dedicated community of contributors. With the above mentioned factors, medical device companies can choose the right OSS technologies to better compete in their market.

There are definitely some software and technologies where OSS is not available as an option. We strongly recommend using mature OSS technologies for critical systems in medical equipment, for quality reasons more than cost.

About The Author
Renjith Ponnappan is a practice, solution, and product manager for healthcare and medical devices at eInfochips, a global product innovation partner recognized for technology leadership by Gartner, Frost & Sullivan, NASSCOM, and Zinnov. The company has contributed to 500+ products for top global companies, with more than 10 million deployments across the world. For more information, visit www.einfochips.com.