Appendix A: Definitions
Code Contributions: Source code or other materials written by external parties and submitted to the developers/maintainers of a software project. Some common examples of code contributions are bug fixes, new or improved features, and documentation improvements.
Covered Agency: For purposes of this policy, a covered agency is one that meets the definition of agency under the Federal Information Security Management Act of 2002 (FISMA). See 44 U.S.C. §3502.
Custom Code: Software source code that is written to fulfill a specific purpose that is not already addressed by existing programs or COTS solutions. For the purposes of this policy, custom code development must be fully funded by the Federal Government and is either developed by a contracting entity for use by the Federal Government, or developed by covered agency employees in the course of their official duties.
Derivative Works: For the purposes of this policy, a “derivative work” is a work based upon one or more preexisting works, such as a translation, musical arrangement, dramatization, fictionalization, motion picture version, sound recording, art reproduction, abridgment, condensation, or any other form in which a work may be recast, transformed, or adapted. A work consisting of editorial revisions, annotations, elaborations, or other modifications which, as a whole, represent an original work of authorship, is a “derivative work”.48
Mixed Source: A mixed source software solution may incorporate public domain, open source, and/or proprietary code. Developers and users of mixed source software solutions must take component-level intellectual property rights into consideration whenever modifying, reusing, or distributing source code.
Open Development: Open development in the framework of computer software design is a process by which developers ensure the highest possible levels of transparency, legibility, testability, and modularity in their code from the start. This process is designed to maximize the potential benefit of open sourcing that code in an incremental and agile manner, engaging the public in the development process. Open development provides a larger base for quality assurance and product support in the initial phases of a project, in addition to making code easier to read, understand, repurpose, and incorporate for other programmers who may not be able to contact the original coder for support.
Open Source License: OSS is often associated with a license that details the terms and conditions governing the intellectual property rights of the software and its associated source code. These licenses specify how a particular work may be reproduced, modified, or used as a component of a larger system or as a standalone piece of software.49
Open Source Software (OSS): Software that can be freely accessed, used, changed, and shared (in modified or unmodified form) by anyone. OSS is often distributed under licenses that comply with the definition of “Open Source” provided by the Open Source Initiative (https://opensource.org/osd).50
Proprietary Software: Software with intellectual property rights that are retained exclusively by an individual or a company. Although OSS intellectual property rights can also be retained by an individual or a company (through the use of a proper OSS license), the term “proprietary software” refers to software that is typically subject to more disclosure restrictions than that which is released as open source or in the public domain. Proprietary software is typically considered to be “closed-source,” in that its source code is not made broadly available to users or the general public without restrictions defined by the owner.
Project Open Source: An online repository of tools, guides, and best practices specifically designed to help covered agencies implement the framework presented in this policy. Project Open Source can be accessed at https://project-open-source.cio.gov. Project Open Source will evolve over time as a community resource to facilitate the effective adoption of OSS. Agencies can visit Project Open Source for a more comprehensive glossary of terms and definitions related to OSS.
Public Domain: The set of works for which copyrights and related rights have expired, been relinquished, or do not apply, making the work freely available to the public for any purpose. Under U.S. copyright law, works created by Government employees within the scope of their employment are not subject to domestic copyright protections under 17 U.S.C. §105. Note that this definition is unrelated to the term “public domain” as it is used in export control regulations.
Software: Can refer to either: (i) Computer programs that comprise a series of instructions, rules, routines, or statements, regardless of the media in which recorded, that allow or cause a computer to perform a specific operation or series of operations; or (ii) Recorded information comprising source code listings, design details, algorithms, processes, flow charts, formulas, and related material that would enable the computer program to be produced, created, or compiled. Software does not include computer databases or computer software documentation.51
Source Code: Information written in a computer programming language that is readable by people. Source code must be interpreted or compiled before a computer can execute the code as a program. Source code readability can benefit from the inclusion of comments or other in-code documentation that indicates the requirements and functionality of specific algorithms and other components.