Is open source software bad? –


At first glance, open source software seems like a good idea, but in the end, there are several properties of open source software that could make it evil.

Software development, especially embedded software, is one of the most complex and expensive human activities. Therefore, many teams seek to reduce complexity and cost by reusing as much software as possible, including free open source software. The 2019 Embedded Market Survey found that 24% of respondents reused open source code. At first glance, open source software seems like a good idea, but in the end, there are several properties of open source software that could make it evil.

First, each open source codebase comes with a software license. The software license tells the developer how he can and cannot use the software. Many open source projects today use an MIT license, allowing the software to be used for virtually anything, free of charge and without any strings attached. Unfortunately, not all codebases are like this. There are licenses that allow unlimited use for personal projects. However, if the code is used commercially, any modifications and sometimes even associated new code must also be open source. If a developer, manager, etc., is not very careful, they may be legally obligated to open up their IP. Bad?

Second, as an American, doesn’t free software go against the very core of our capitalist existence? We promote the inventor, entrepreneur and companies that become industry leaders and titans. The very idea of ​​paying for software could very well make an engineer in the office laugh. Why do we refuse to pay for commercial software and instead rely on open source software? I’ve found that in many companies, the push to use free open source software isn’t due to better quality, faster time to market, or improved customer experience. From what I’ve seen, the big push seems to be corporate greed to maximize profits. Why do companies expect everyone to pay top dollar for their software when they are unwilling to pay, donate or contribute for themselves? Bad?

Finally, open source software is often functional but not necessarily robust, thoroughly tested, or even suitable for the developers’ intended use. For example, an industry favorite open source library is FatFS. FatFS provides an easy-to-use file system built into many microcontroller vendors so developers can have a ready-to-use file system. It pains me to choose FatFS because it is so functional and useful. However, if you start looking under the hood, you will discover many potential quality issues.

Figure 1: The number of McCabe cyclomatic complexity ranges for basic FatFS code distribution functions. (Source: Author)

For example, if you analyze FatFS for feature complexity (cyclomatic complexity), you will find that the feature complexity distribution looks like Figure 1. Overall, most features are relatively simple and unlikely to have bugs or to have bugs injected if changes are made. However, there are seventeen functions whose complexity is greater than 10, with five functions having a complexity greater than 20! What do you think these functions are? Those most often used by developers, as shown in Table 1. Evil?

Table 1: FatFS functions with a cyclomatic complexity of 20 or more. (Source: Author)

So, is open source software bad? I would say no; however, I encourage every team that wants to rush to GitHub and leverage every open source software known to mankind to pause and proceed with caution. You never know what you’ll get, and you or your clients might be worse off in the end. At a minimum, schedule time to analyze your open source software and test it to make sure it meets your needs. Just because someone gives it to you for free doesn’t mean they’ll meet your needs.

What do you think? Is open source software bad?

Jacob Beningo is an embedded software consultant specializing in real-time systems based on microcontrollers. He actively promotes software best practices through numerous articles, blogs, and webinars on topics such as software architecture design, integrated DevOps, and implementation techniques. Jacob has 20 years of experience in the field and holds three degrees, including a Masters in Engineering from the University of Michigan.

Related content:

For more embedded, subscribe to Embedded’s weekly newsletter.


Comments are closed.