Is Open Source Ssoftware (OSS) capable of developing Mission Critical
applications?  Prove it.   I would like to understand and have
documented the root proof of this.  What is the criteria that
determines "Mission Critical" and how does OSS technology stack up
against these criteria?  Are there thresholds of "Mission
Criticalness" that all OSS/Commercial product meet, but once past
those threshold levels, how do OSS compare to Commercially available
products?

I understand what OSS can do, and have extensive knowledge &
experience with it (Apache, PHP, Perl, Java, JavaScript, XML .....)
yet, I cannot communicate / document / prove that there is a
Mission-Critical objective(s) that has been met by the development of
an Application in OSS technologies.

Please contact me if you would like further information.

---

Request for Question Clarification by maniac-ga on 16 Dec 2003 11:10 PST

Hello Original_soundtrack,

I doubt greatly that an OSS product (alone) will meet the needs of a
"Mission Critical" application, but a number of OSS products are used
in those types of applications. Would you accept an answer that first
defines "Mission Critical" and then explains how OSS was used in more
than one example of that kind of application?

  --Maniac

---

Clarification of Question by original_soundtrack-ga on 17 Dec 2003 02:58 PST

Maniac;

I think you are on the correct path.  There are obvious thresholds
that would define Mission Critical (and I accept that these may, in
fact, vary: after all, "Mission Critical" for NASA sending men to the
moon would be different that Bank of America having a "Mission
Critical" application that allowed customers to view their
transactions).  So, yes, I would accept an answer that begins with a
definition of "Mission Critical".

Instead of examples of OSS in each case, I am trying to understand and
prove that OSS met (meets) the criteria of "Mission Critical" - as per
the specific definitions provided above - and then use a comparitive
between OSS and Commercial products.  For example;  Mission Critical
can be divided in Admin tools, robustness, interoperability, recovery,
......  For each "Mission Critical" definition, there is a threshold
criteria that must be met and proof that OSS meets (exceeds) that
threshold.  Then, simply, a rival Commercial product that also meets
that threshold.

Hope this makes sense.   Please advise.

Hello Original_soundtrack,

The term "Mission Critical" tends to come from the military where they
use tools and equipment to meet the objectives of a combat mission. In
particular, the phrase
  Mission Critical Computer Resource (MCCR)
was used in a number of US military standards such as MIL-STD-498
  http://dev.cokernet.com/documentation/index.php
That particular standard was a merge of development requirements from
both AIS type applications and mission critical and was intended to be
tailored to meet the needs of a broad range of projects. This should
give you some background on the requirements placed on mission
critical software development by the US military.

A definition of MCCR in military terms is at
  http://www.bmpcoe.org/guideline/books/2036/000093d3.html
which basically says
  Computer resources acquired for use as integral parts of weapons;
command and control; communications; intelligence; and other tactical
or strategic systems aboard ships, aircraft, and shore facilities and
their support systems.  The term also includes all computer resources
associated with specific program developmental test and evaluation,
operational test and evaluation, and post-deployment software support
including weapon system trainer devices, automatic test equipment,
land-based test sites, and system integration and test environments.

So mission critical refers to how a product or system will be used by
a customer. If they make it an "integral part" of items they need for
success, then it is "mission critical".

Looking at Open Source, it is unlikely that a product will be used
"as-is" by the military within a weapon, but a number of open source
products are used in the development of those products and similar
items. For example:

 - Ada compiler - GNAT, the GNU Ada Translator. Originally developed
by NYU and is currently maintained by Ada Core Technology. A full (and
validated) implementation of Ada 95 is freely available under the GPL.
This compiler has been used to develop a number of military software
products as well as commercial applications. See
  http://www.gnat.com/
or
  http://www.cotsjournalonline.com/pdfs/2002/03/cots03-cotsview.pdf
which is an article describing the use of Ada (and GNAT) in the
International Space Station robotic arm. If the arm does not work, the
astronauts may be unable to complete a task within the time required
and fail some assembly or maintenance task.

 - Linux. It turns out Linux is now becoming an accepted operating
system in several support systems that meet the "mission critical"
designation. For example
  http://www.link.com/pdfs/ts-032.pdf
describes a training device where MODSAF (MODular Semi Autonomous
Forces) running on Linux was integrated into a larger system to train
warfighters.
  http://www.linuxinsider.com/perl/story/32384.html
which describes the use of Linux at the British National Space Center
to communicate with a Mars spacecraft.
 - Web sites such as Google and many others use Linux and other open
source products such as Apache to deliver information to their
customers. Linux is clearly an integral part of delivering the product
that Google (and others) provide.

You can search for additional references using phrases such as
  "mission critical" floss
  "mission critical" [product name here]
and so on.

There are a number of such products that are open source and are used
in a mission critical system. If this answer does not fully meet your
needs, please use a clarification request so I can correct it.

  --Maniac

---

Request for Answer Clarification by original_soundtrack-ga on 17 Dec 2003 05:38 PST

Maniac;

Thanks for the background on Mission Critical.  I appreciate the new
perspective on it, and had not consdiered the military connection
until I received your answer.

OSS is certainly pervasive (and the Internet -according to Apache-
have a dominant position in underlying OSS technology.  About 65% of
all web servers are Linux and Apache).

I would like to expand your answer to the second half of the question.
 Can you please elaborate and expand on how OSS meet / exceed the
threshold limits of Mission Critical Applications.  For example
(hopefully this example will illustrate what I am looking for);

Mission Critical is defined as the ability to recover from a system
crash where Servers have lost their electrical power - or connection
to the web via the NSP/ISP has been lost.  When this occurs, how does
an application developed in OSS recover?  The underlying technology
(Servers, Backup Power Supplies, Multi-homing, Clusters and such
provide backup connectivity) restore pretty quickly.  But if the
application was developed in .NET, then the Microsoft Wolf-Pack
(Clustering monitoring software) transfers the application processing
to a working server.  Where is the OSS equivilent? Is there a OSS
equivilent?

The 'threshold' here would be that the application developed in OSS 
is 'intelligent' enough to know the servers have suffered a problem
and can recover operations elsewhere.   The criteria now would be to
measure OSS development tools on the same criteria that I would
measure .NET tools against and thus I can PROVE that OSS software may
be used to develop Mission Critical Applications.

I suspect that there may be differing types of software that needs
differing types of Mission Critical criteria.  Admin tools, versus
payment processing would be a good example.  I absolutely do not want
to miss a payment from a customer, but if I cannot edit customer
accounts for a day, I can live with that.  Therefore, there may be
differing criteria for the class of OSS software used.

In retrospect, perhaps I did not pay enough for this answer as it is
clearly deeper and more complex than anyone would appreciate at first
glance.  I am sorry for that and will adjust the price paid for the
answer.  I cannot seem to find where on the system, but I will.

Thanks.

---

Clarification of Answer by maniac-ga on 17 Dec 2003 10:14 PST

Hello Original_soundtrack,

Using your new example [recovering from a server crash], let me
describe a few high availability applications and how Open Source
software can provide equivalent capabilities.

One key area is in telecom or data communication systems. One phrase
for this is "Carrier Grade", used to describe the 40 year reliability
of equipment used in a common carrier such as a telephone company.
Using the search phrase
  carrier grade linux
brings up sites like
  http://www.osdl.org/lab_activities/carrier_grade_linux/
which describe efforts to provide that kind of capability. For
example, the hardware used could be with all hot swap components
(power supplies, fans, disks, CPU boards, I/O interfaces) and the
software would have to be able to support (or in some cases ignore)
removal and replacement of any item, do internal fault diagnosis, and
so on. Commercial equipment has been available for some years (e.g.,
Tandem Non Stop computers) but this capability is now getting added
into Open Source products such as Linux.

In the area of redundant servers or "High Availability", a search on
  high availability linux
finds sites such as
  http://www.vergenet.net/linux/redundant_linux_paper/talk/html/
which is a paper describing methods to do this in 1998 or
  http://www.linux-ha.org/
which is the "High Availability" project for Linux providing key
services such as "Heartbeat" which is used to detect failed servers
and redirecting services to servers that work.

Another area that assists in the recovery from failure is the support
for RAID (Redundant Arrays of Inexpensive Disks) where a disk failure
is worked around by a combination of hardware and software. RAID was a
commercial product for some time before being incorporated into Linux.

As you note, some of this gets into the real needs of the company /
customer service. A good system design will take those needs into
account and make appropriate selection of components. It may be that
the Open Source product meets the needs directly or that it must be
augmented by software (or configuration data) prepared by the company.
That will vary by application. However, in a number of areas, Open
Source products are getting used more and more for the "Mission
Critical" parts of the system and as long as the quality of the OSS
products are high, they will continue to be used in that way.

To answer your last comment - if you think the revised answer is worth
more than your original price, please use the "tip" to pay what it is
worth to you. If you are not quite sure how to do this, check out
  http://www.christopherwu.net/google_answers/answer_guide.html#answered
which has a nice way of explaining what to do once you are satisifed
with the answer.

Good luck with your work.

  --Maniac

---

Request for Answer Clarification by original_soundtrack-ga on 17 Dec 2003 15:21 PST

Maniac;

I think the answer (revised) is parallel to the thoughts and thinking
that I have had regarding hardware, system redundancy, fault tolerance
and the reliability of Linux (among other OSS operating systems
including Unix and certainly some other mature products).

However, this is not the question that I am trying to determine.  To
go back to my original question:  Is Open Source Software capable of
developing Mission Critical Applications?  Is OSS robust enough to
build Mission Critical application?  If so, why?  Prove it.  Is OSS
scalable enough for Mission Critical applications?  If so, why?  Prove
it.

I can convert this to a single repeatable qustion:
Is OSS xxxxx enough to build Mission Critical applications?

Ultimately, I am trying to find the xxxxx words and the proof above. 
I suspect that some of these words are Robust, Error Recovery,
Scalable, Ease to find and repair bugs, ability to Audit the code,
Ability to audit results generated by the code,  etc etc etc.  In a
way, I am answering my own question, but I am looking for more
criteria and the matching proof therein.  Some of these items are
specific to a design of a system and varies from company to company. 
That is why I want to limit the scope to of 'Mission Critical' to the
operations of a business (not sending men to the moon) for example.

I read the tips section.  fantastic and I am certainly open to
providing a substancial tip for your continued efforts here.  Up to
you, if you are interesting in continuing, please advise.

---

Clarification of Answer by maniac-ga on 19 Dec 2003 04:50 PST

Hello Original_soundtrack,

Hmm. To answer the question

  Is OSS xxxxx enough to build Mission Critical applications?

The short answer is yes. OSS products are used in a number of mission
critical applications and I provided examples of mission critical use
for military, space, and commercial applications in the original
answer. These are delivered systems and in daily use. This is a
typical existance proof.

The longer answer, getting into the specific capability that makes
them suitable for mission critical application gets into what the
customer needs. Let me use Google again as an example using the
following quote from
  ://www.google.com/corporate/tech.html

  "From the beginning, Google's developers recognized that providing
the fastest, most accurate results required a new kind of server
setup. Whereas most search engines ran off a handful of large servers
that often slowed under peak loads, Google employed thousands of
linked PCs - one of the world's largest Linux clusters - to quickly
find each query's answer. The innovation paid off in faster response
times, greater scalability and lower costs. It's an idea that others
have since copied, while Google has continued to refine its back-end
technology to make it even more efficient."

Some of the attributes you describe 
  Is Open Source Software capable of developing Mission Critical Applications?
  Is OSS robust enough to build Mission Critical application? 
  If so, why?  Prove it. 
  Is OSS scalable enough for Mission Critical applications?  If so, why?  Prove it.
In this example, the staff at Google recognized a problem with varying
loads of requests. Their solution leads directly into your last
question - is it scalable? Google solved this problem by running a
number of inexpensive servers running Linux. If an individual server
fails (e.g., a failed power supply), the remaining servers continue to
run. The user may see a failed request for information but they hit
reload and get the data from another server. That is perhaps a
different kind of error recovery than you expected, but it is one that
works well in practice.

So, in summary, OSS products such as Linux, Apache, and GNAT are used
on a regular basis to build mission critical applications. They are
robust solutions for what they do. They have error recovery /
diagnostics. They are scalable - Linux in particular runs on a range
of old x86's up to super computer sized systems or large clusters.
They might not solve a particular customer problem the same way as a
commercial product, but more and more customers are saying they are
"good enough" for mission critical use.
  --Maniac

Answered part of the question, not a complete answer.