Defining Critical Software
Using open source plays a central role in allowing European public administrations to deliver their services. Sadly, some of the software and tools that public administrations use to build their business applications, could be in a critical state of health – that is software in danger of discontinuation, ongoing software updates and bug fixes. Recent examples such as the log4j vulnerability highlight the need for alertness on heavily relied upon software. There is a clear and urgent need to identify such critical software, and strengthen the communities and or explore other mitigation solutions.
The FOSSEPS Pilot Project and Survey
The European Parliament and European Commission have recently launched a Pilot project called FOSSEPS. One of FOSSEPS’ aims is to identify and create a catalogue of the most critical open source software used within European public services.
To collect this data, the project has created a Survey and a Help Guide. To create a complete European picture, the project has invited over a hundred national, regional and local public administrations across all EU 27 member states to fill in the survey. Contributions are requested by 6th April 2022.
What are the benefits?
Participation will help public administrations become aware of critical software, catalogue it, and see a wider European picture emerging. This will help the European Commission, public administrations and other organisations to take steps to safeguard and sustain our most relied upon critical open source software.
Contacting the project team
The Commission has engaged Deloitte and Inno3 as consultants on this project, who are ready to help on a technical/process perspective via 1-1 calls and explanations. They are available via firstname.lastname@example.org. The EC OSPO team can be reached using DIGIT-OSPO@ec.europa.eu.