Public transportation agencies increasingly use software to support mobility services. This may include trip planners, geocoders, and timetables. A report at the 2020 TRB conference by analysts at the Center for Urban Transportation Research performed a study looking at how open-source software (OSS) has evolved into production deployments at transit agencies, including a look at the risks and opportunities when compared to closed-source software. To research this area, the analysts interviewed over a dozen public and private sector stakeholders, reviewed Federal Transit Administration's Mobility on Demand (MOD) Sandbox projects, and investigated perceived risks of OSS. They developed a list of recommendations based on their research.
The authors noted recommendations for agencies considering the implementation of OSS:
- Agencies should update procurement requirements and practices. While OSS may not always be the most effective procurement option, depending on an agency’s skillset, budget, and needs, its numerous benefits mean it should not be overlooked.
- Consider various OSS licensing options that exist (e.g., GPL vs. Apache v2). There are often multiple OSS offerings that may meet an agency’s needs. It is important for agencies to review and understand the extent of available software in order to choose a system that meets their criteria.
- Be aware that there are similar security concerns for proprietary and open-source software. Using proprietary software does not render an agency immune to cybersecurity concerns.
- Manage OSS risks via governance structures, collaboration, and agile development strategies. While there is a common consideration of OSS as being inherently more risky than a turn-key proprietary system, in practice it is often quite feasible to manage or significantly reduce the risks that do exist.
- Dedicate resources to coordinate OSS projects. As with any software, OSS poses a learning curve that must be overcome to be used effectively. Agencies should be aware that time and training are likely to be necessary in order to efficiently make use of OSS in their operations.