Table of Contents
Summary
The UK government should create a £12.5m annual open-source software (OSS) fund, distributed by UKRI to target DSIT’s areas of interest and support national security priorities.
OSS is software source code that is made publicly available to allow anyone to distribute, modify, and re-use it. It has become critical to global digital infrastructure and the internet wouldn’t operate without it: OSS is present in 96% of codebases and constitutes up to 90% of software stacks.
OSS catalyses scientific and technological progress: in the life sciences (e.g. R, a statistical tool widely used in labs), the physical sciences (e.g. NumFocus was key to the first image of a black hole), and the digital economy (e.g. scikit-learn, PyTorch, and Jupyter, which are essential to AI research and development).
OSS directly contributes over £15B to the UK economy and Harvard researchers estimate that without OSS that power digital products and services, it would cost companies $8.8 trillion to develop the software from the ground up. EU research identified that investment in OSS has a cost-benefit ratio of 1:4.
However, OSS requires government support for ongoing maintenance (patching security defects, updating software to be compatible with new operating systems, and fixing bugs). Since it is a public good, the private sector often fails to adequately fund OSS, despite significant public benefits.
Challenge and Opportunity
The importance of Open Source Software
Open-source software (OSS) underpins global digital infrastructure. Individuals, businesses and governments all choose to build their digital systems on top of layers of OSS tools. OSS is present in 96% of codebases and constitutes up to 90% of software stacks.
The safety and reliability of OSS systems are critically important. This was highlighted in November 2021 when vulnerabilities in Log4j, an open-source tool, affected public services (NHS) and global businesses (Amazon, Apple, Google). In recognition of the severity of this vulnerability, within weeks the White House convened stakeholders from US government agencies, Big Technology companies, and OSS foundations, to discuss their collective responsibility to improve OSS security.
OSS is a public good that is not adequately funded due to a tragedy of the commons market failure, where everyone benefits from the investment, but no private individual is willing to fund it on their own. This is a clear case where the government should step in to support critical infrastructure.
Whilst individuals, the private sector, and foundations do contribute to OSS development, the Department for Science, Innovation and Technology (DSIT) has already identified that the UK government can play a key role in improving software resilience for British businesses by channelling more resources to the open-source community.
Economic and scientific benefits
OSS directly contributes over £15B to the UK economy. Funding OSS development is not only a way to support a critical public good but also an opportunity to spur innovation. Novel OSS projects can be used to accelerate progress in many of the UK government’s priority areas. It has been estimated that without OSS, it would cost companies $8.8 trillion to develop the software from the ground up. Furthermore, according to a survey of Fortune 500 companies, the key benefits of OSS for businesses include cost savings, faster development speeds, and open standards and interoperability.
One focus area for OSS could be supporting scientific research. Scientific communities increasingly acknowledge the need for ‘Research Software Engineers’ to develop new scientific software tools to support research. Funding new OSS in the sciences would help to address the gap in funding for this research software. To further support scientific innovation the UK government can target funding to their priority areas such as artificial intelligence (AI).
The UK can learn from the French government’s approach. In its national AI strategy, it announced a €32 million grant to support the expansion of scikit-learn, the most popular OSS library for machine learning, turning it into a comprehensive suite of open-source tools for data scientists and ML/AI researchers and engineers. By improving the productivity of whole scientific and technological sectors, OSS innovation can have a huge return on investment.
By its very nature, OSS is released to the public. This guarantees that any developments funded by the government are not locked away, but are quickly deployed to be built upon by individuals, businesses, and academics alike. This distribution ensures that government investment in OSS innovation will improve the productivity of the UK university sector, startup-up ecosystem and business community.
Through a combination of funding OSS innovation and OSS maintenance, the UK government can secure its critical infrastructure and bolster the UK science and technology ecosystem.
Plan of Action
DSIT (via UKRI) should set up an open-source software fund, deploying capital towards both (1) innovation and (2) maintenance.
1. Innovation
Innovation funding should focus on using OSS projects to resolve scientific and technological bottlenecks that align with DSIT’s areas of interest. To enable the broadest range of applicants this should be distributed via Innovate UK. Funding can be based on UKRI’s existing frameworks:
Specific funding calls developed by DSIT to line up with technical priorities that they have identified (examples: energy, science research methods).
OSS challenges hosted on the Innovate Knowledge Exchange challenge platform where scientists, technologists, and businesses can propose new problems to solve. This would be a key way to ensure OSS developments catalyses the productivity of British research.
Open funding calls that request new ideas (modelled on SMART grants).
2. Maintenance
Modelled on the German Sovereign Tech Fund, the UK Open-Source Maintenance fund should divide funding between proactive and reactive maintenance.
Bug bounty programme - this fund would pay ‘bounties’ to developers who safely reveal security exploits or bugs, rather than exploiting or releasing them publicly. This fund incentivises safe bug fixing.
Pro-active development fund - this open fund will be run on a rolling basis with open-source developers able to apply for funding for projects that would support safety and reliability.
Specific calls - development priorities may be identified by the National Cyber Security Centre, this fund would open specific grant calls for developers to contribute to the problem areas identified.
Fund considerations
The OSS fund should follow best practices for funding OSS development. All OSS grants should be 100% funded. They should be structured similarly to the SBRI programme where the grants are closer to contracts with the government than research grants. Recipients must not be required to go through overly onerous reporting requirements, and consultancies should be able to charge their standard fees, rather than being restricted to charging salary plus cost.
Fund size
UKRI should be given a £12.5m annual budget, split between innovation (£5m) and maintenance (£7.5m). The budget is most suited to be distributed by Innovate UK however the other Research Councils may be good candidates for funding specific research calls.
(1) Sovereign Tech Fund, (2) Open Source Security Fund, (3) GitHub Fund, (4) NGI-EU Initiative
FAQ
Why can’t this be funded by the private sector?
The private sector, including companies such as Google, Microsoft, and Meta, are major contributors to open-source development but they are typically incentivised to only fund projects that support their products.
As the fund develops, the UK government will have the opportunity to facilitate private investment into OSS. By acting as a convenor, and providing their infrastructure, the UK government can enable businesses to more easily fund OSS development. UKRI has the infrastructure to run funding competitions, judge applicants, and distribute funds; these systems can be leveraged to make business funding of open-source projects easier, and more likely to happen.
Which other countries fund OSS?
The German government’s Sovereign Tech Fund (STF), established in October 2022, led the way in government funding with an annual budget of €11.5m in 2023, used to support OSS security throughout the stack. A prime example of supporting security critical maintenance is the STF’s support of the Log4j developers. The Log4shell security exploit affected organisations across the world. Following this exploit the STF has supported the upkeep of Log4j.
The US government has supported open-source development and maintenance on an ad-hoc basis. Example projects funded include >$10m per year to the Open Technology Fund, and funding for open AI Cyber security via DARPA. The Brookings Institute and the Federation of American Scientists have advocated for consistent federal funding of OSS to secure US National Security interests.
In 2023 the Linux Foundation published guidance on the “European Public Sector Open Source Opportunity”. It underlines the need for governments to do more to fund the development, maintenance, and security of OSS. By establishing an OSS fund now, the UK will be a global leader in supporting the sustainability of this critical digital infrastructure.
How might OSS innovation support DSIT’s areas of interest?
OSS tools are used across the sciences to enable fundamental research. It is difficult to explain quite how reliant the sciences are on open-source software tools. Example projects core to a few scientific domains include:
PyTorch is an OSS framework at the core of modern AI development. Originally developed by Meta this OSS is now under the Linux Foundation. PyTorch is an example of an innovation that is essential to the UK government’s priorities on AI.
scitkit-learn is the most popular OSS library for machine learning. Supported by the French government’s €32 million grant it is being turned into a comprehensive suite of open-source tools for ML and AI. Providing tools to academic AI researchers supports the UK government’s goal to support the academic AI research community.
OpenSim is a tool used for musculoskeletal research. This OSS supported by philanthropic grants feeds into research on InSilico medicine (e.g. the work of the Insigneo Institue at the University of Sheffield), this work is part of DSIT’s interest in healthcare and healthy ageing.
See the Chan Zuckerberg Initiative's Essential Open Source Software for Science programme for more examples of OSS science tools that they have funded.
What other ways could OSS funding be distributed?
The existing UKRI frameworks provide mechanisms for distributing OSS funding, however, UKRI could use this as an opportunity to trial new funding mechanisms:
The UK can pilot a bounties programme for OSS priorities within UK research councils.
The UK can launch a Challenge Prize similar to the Defense Advanced Research Projects Agency's Cyber Challenge Open Track as a step towards enhancing OSS robustness. This initiative can be carried out in partnership with large firms such as OpenAI, Anthropic, and Microsoft, supplying competitors with the tools and expertise necessary to develop their projects.
Thomas Milton is an engineer and startup founder with experience across medtech, biotech, and deep tech. He has worked for a leading UK medtech startup, was the first employee at a biotech startup, and most recently founded his own engineering design company. His main interests are in encouraging impactful science and technology inventions and supporting the UK startup ecosystem.
Cailean is a Researcher at the Linux Foundation and a PhD Candidate in Social Data Science at the Oxford Internet Institute, University of Oxford. His interests are in OSS, the digital commons, and public interest computing. Previously, Cailean worked as the International Policy Lead at the UK Government’s Centre for Data Ethics & Innovation and served as a UK Delegate at the Global Partnership on AI and the Council of Europe's Ad Hoc Committee on AI.
Matt Pickering
Matt is a lead developer for the Glasgow Haskell Compiler (GHC), an open-source compiler for the functional programming language Haskell. He has also contributed to the development of many open-source Haskell libraries including haskell-language-server and worked on profiling and debugging tools.