Chief information officer David Wennergren said in a memo (PDF), that to effectively achieve its objectives, the department had to develop and update its software capabilities faster than ever, anticipate new threats and respond to constantly changing requirements.
"The use of open source software can provide advantages in this regard," he wrote.
Six years ago, the Department had issued a memorandum about the use of open source software in the department; the new memo, issued on October 16, supercedes that advice.
In 2003, the Department had also issued a study (PDF) done by the private Mitre Corporation on its use of this genre of software.
Wennergren said that while there were many open source programs in operational use by the Department in both classified and unclassified areas, "Unfortunately, there have been misconceptions and misinterpretations of the existing laws, policies and regulations that deal with software and apply to OSS, that have hampered effective DoD use and development of OSS."
He attached a set of guidelines to clarify these misconceptions.
The first clarification states that in almost all cases, open source software meets the definition of "commercial computer software" and should be given appropriate statutory preference in line with existing directives.
Executive agencies were directed to take open source software into consideration when conducting market research for procuring property or services.
A listing of the positive aspects of open source software included the lower total cost of ownership, peer review that supported software reliability, the ability to modify source code as needed, and the ability to "test drive" the software with minimal costs and administrative delays.
The common misconception that changes made to code had to be released was clarified, with the correct reading that such changes have to be released only if distribution of the changed program is undertaken.
The Department is not the only US government entity that has more than a passing interest in open source software; the National Security Agency has its own security-enhanced Linux (SE Linux) project.
According to Russell Coker, one of the contributors to that project, SE Linux is a kernel patch to add security features, and patches to applications to allow them to determine the security domain in which to run processes.