German Federal Ministry promotes open source
The German Federal Ministry for Economic Affairs and Climate Action’s Sovereign Tech Fund (STF) is promoting seven open source projects in a pilot round. The Fund shall therefore be increasing safety and data security on the internet, as well as digital sovereignty, according to German IT news site heise.
A vulnerability in the Log4j open source Java library at the end of last year resulted in millions of potentially endangered systems. A discussion ensued about open source projects, which often represent crucial elements of the digital infrastructure.
In the pilot round the Fund is supporting the OpenMLS library, which is used for end-to-end encryption, curl, the popular command line data transfer tool and an open implementation of the BGP internet routing protocol, which communicates between network segments and autonomous systems. The Ruby package manager RubyGems and Bundler, which facilitates the integration of Ruby packages in applications will also be supported, as will the WireGuard VPN software. In addition to this, the Fund is supporting GopenPGP, a modern OpenPGP implementation in Go, and OpenPGP.js, which can be executed in the browser. Furthermore, a projects is being promoted with OpenSSH, which is the standard for secure remote connections and is one of an administrator’s most important tools.
Software must adapt
The STF characterises the projects as software belonging to digital base technologies and used extensively in business, the public sector and civil society. In a feasibility study (DE, PDF) the STF justifies the need to promote open basic technologies by the fact that although the importance and use of open source software is high, the projects nevertheless do not ‘adapt‘ accordingly and maintenance is often dependent upon committed individuals, thus increasing the risk of safety-critical vulnerabilities.
In their coalition agreement, the SPD, the Greens and the FDP emphasise the importance of open source software for strengthening digital sovereignty.However, no funds were originally earmarked for the Sovereign Tech Fund in the federal government’s draft budget for 2022. In the end, coalition partners increased the funds provided so that the fund can now get started.
The STF is promoting the above-mentioned projects until the end of the year with a total of €1 mn. Fiona Krakenbürger, the STF’s joint chief executive said: “This pilot round makes a small contribution to the sustainability of these important projects, which we hope to be able to expand in the years to come.” Projects worth funding will in future be determined in future by a committee of experts and an open application process. The STF intends to publish details of the application process in 2023.