DoD OSCMIS: a great beginning of a new OSS project


OSCMIS is a very large web-based application (more than half a GB of code), created by the Defense Information Systems Agency of the US Department of Defense, and currently in use and supporting 16000 users (including some in critical areas of the world, like a tactical site in Iraq). It is written in ColdFusion8, but should be executable with minimal effort using a CFML open source engine like Ralio; it is currently using MSSQL, but there is already a standard SQL version alternative. The application implements, among others, the following functions:

  • Balanced Scorecard—extensive balanced scorecard application implementing DISA quad view (strategy, initiatives, issues, and goals/accomplished graph) practice. Designed and built in house after commercial vendors didn’t feel it was possible to create.
  • DISA Learning Management System. Enables fast, easy course identification and registration, with registration validation or wait listing as appropriate, and automated supervisory notifications for approvals. Educational Development Specialists have control as appropriate of course curricula, venues, funds allocation data, reporting, and more. Automated individual and group SF182’s are offered. Includes many other training tools for intern management and training, competitive training selection and management, mandatory training, mentoring at all levels, etc.
  • Personnel Locator System—completely integrated into HR, Training, Security, and other applications as appropriate. System is accessible by the entire DISA public. PLS feeds the Global Address List.
  • COR/TM Qualification Management—Acquisition personnel training and accreditation status and display. Tracks all DISA acquisition personnel and provides auto notification to personnel and management of upcoming training requirements to maintain accreditation and more. Designed and built in house after the Acquisition community and its vendors didn’t feel it possible to create.
  • Action Tracking System—automates the SF50 and process throughout a civilian personnel operation.
  • Security Suite—a comprehensive suite of Personnel and Physical Security tools, to include contractor management.
  • Force Development Program—individual and group professional development tools for military members, to include required training and tracking of training status and more.
  • Network User Agreement—automated system to gather legal documentation (CAC signed PDF’s) of network users’ agreements not to harm the government network they are using. Used by DISA worldwide.
  • Telework—comprehensive telework management tool to enable users to propose times to telework, with an automated notification system (both up and down) of approval status.
  • JTD/JTMD management—provides requirements to manage billets, personnel, vacancies, and realignments, plus more, comprehensively or down to single organizations.
  • Employee On-Boarding Tool—automates and provides automated notification in sequence of actions needed to ensure that inbound personnel are processed, provided with tools and accounts, and made operational in minimal time.
  • DISA Performance Appraisal System—automates the process of collecting performance appraisal data. Supervisors log in and enter data for their employees.  This data is output to reports which are used to track metrics and missing data. The final export of the data goes to DFAS.
  • ER/LR Tracking System—provides comprehensive tracking and status of employee relations/labor relations actions to include disciplinary actions and participants of the advance sick leave and leave transfer programs.
  • Protocol Office–comprehensive event planning and management application to all track actions and materials in detail as needed to support operations for significant events, VIP visits, etc.

This is a small snippet of the full list – at the moment covering more than 50 applications; some are specific to the military world, while some are typical of large scale organizations of all kind (personnel management, for example). The open source release of OSCMIS is important for several different reasons:

  • It gives the opportunity to reuse an incredible amount of work, already used and tested in production in one of the largest defence groups.
  • It creates an opportunity to enlarge, improve and create an additional economy around it, in a way similar to the release of the DoD Vista health care management system (another incredibly large contribution, that spawned several commercial successes).
  • It is an example of well studied, carefully planned release process; while Vista was released through an indirect process (a FOIA request that leaved the sources in the public domain and later re-licensed by independent groups) OSCMIS was released with a good process from the start, including a rationale for license selection from Lawrence Rosen, that acted as counsel to OSSI and DISA.

It cannot be underestimated the role of both people inside of DISA (like Richard Nelson, chief of the Personnel Systems Support Branch), John Weathersby of OSSI, and I am sure many others, in preparing such a large effort. This is also a good demonstration of good cooperation between a competence center like OSSI and a government agency, and I hope an example for similar efforts around the world. (By the way, other efforts from OSSI are worthy of attention, including the FIPS validation of OpenSSL…)

For more information: a good overview from Military IT journal, Government computer news, a license primer from Rosen (pdf), and the press package (pdf). The public presentation will be hosted by OSSI the first of september in Washington.

I am indebted to Richard Nelson for the kindness and support in answering my mails, and for providing additional documentation.

, , , ,

  1. #1 by Kris Buytaert - August 20th, 2009 at 11:51

    From their site ”
    To request a copy of the Open Source Corporate Management Information System suite under the terms of the Open Software License v.3.0, please click here to download a copy of the OSCMIS OSL v 3.0 (license) and then forward a signed copy of the license to OSSI either via email, fax or postal mail. (Appropriate addresses below)”

    Seems like they have a very very, very long way to go

  2. #2 by Carlo Daffara - August 20th, 2009 at 11:58

    No, it is a requirement related to how the authority accepts first redistribution. It is common (the open source digital identity system developed in our region has a similar requirement – ask, sign, download). After that, redistribution can happen freely.
    Nearly one third of the PAs we worked with could accept only a signed license acceptance form before downloading software, for fear of later being called as parts in legal actions.

  3. #3 by Delmar Kerr - June 26th, 2012 at 17:28

    Kris Buytaert :From their site ”To request a copy of the Open Source Corporate Management Information System suite under the terms of the Open Software License v.3.0, please click here to download a copy of the OSCMIS OSL v 3.0 (license) and then forward a signed copy of the license to OSSI either via email, fax or postal mail. (Appropriate addresses below)”
    Seems like they have a very very, very long way to go

(will not be published)