The European Parliament is funding a security audit of the free and open source solutions used by the Parliament and the European Commission. Last Wednesday, the EP allocated EUR 1 million for the audit project, to be carried out by the EC Directorate General for Informatics (DIGIT). The project should also come up with best practices for code review and quality assessments of free software and open standards funded by the EU.
DIGIT is to begin with an inventory of all the free software and open standards used by the EU institutions.
The pilot project was submitted by European Parliament Members Julia Reda and Max Andersson (Group of the Greens/European Free Alliance).
The two MEPs want a systematic security review of the free software used by the EU’s institutions. It should increase trust in these solutions, the two explain. “Vulnerabilities in critical information infrastructure have drawn the public's attention to the need to understand how governance and quality of the underlying software code relates to basic safety and public trust in applications.”
On Friday, the Free Software Foundation Europe complimented the EP’s initiative. “This is a very welcome decision,” FSFE president Karsten Gerloff said by email. Free software is used in many parts of the European institutions. And because the source code of these solutions is publicly available, users can actually check the quality, or inspect it for security issues, he explained. “So it is good to see that the Parliament and the Commission are investing in this.”
AT4AM
The parliament also approved a EUR 500,000 project to promote the use of AT4AM - web-based amendment authoring tool used at the European Parliament, distributed as open source. The EP also wants DIGIT - working on LEOS, software for editing and publication of legal texts - to ready that application for inclusion in free software distributions. These are collections of applications, including computer operating system and tools for installation and configuration.
More information:
Draft general budget - 2 (28.11.2014), Section 3 Commission
Budget documents for 2015
FSFE announcement
Heise news item (in German)
Handelsblatt news item (in German)
Netzpolitiek news item (in German)
Security NL news item (in Dutch)