The Standards Blog

Standards and Open Source News Summary – March 5, 2020

Open Source/Open Standards

Courtesy Visitor 7/Wikimedia Commons - Creative Commons Attribution-Share Alike 3.0 Unported license.There’s been a lot of activity in diverse parts of the standards and open source software development world of late. Here’s a selection of items you may have missed that I think might be of greatest interest.

Is there nowhere to hide? Streamlined targeted advertising comes to television. The on-line world has seen ever more laser-like ad targeting of viewers, particularly on dominant platforms like Google and Facebook. The same practice has existed in the print world in a more limited way for even longer, where sophisticated regional printing centers swapped ads in national magazines based on zip codes or other data. But what about television?

Cable TV stations in the US have had similar capabilities, and that practice will now be streamlined and broadened by the release of a new targeted advertising specification from the HbbTV Association, a membership-based standards developer, “dedicated to providing open standards for the delivery of advanced interactive TV services through broadcast and broadband networks for connected TV sets and set-top boxes.” A simultaneously issued companion specification offers a standardised signalling mode for advertisement substitution in live TV broadcasts.

Defining terms: A new standard to facilitate AI in healthcare. Perhaps the first standards developed by humans were words – abstract sounds that primitive peoples agreed would signify specific objects or actions. We’ve been creating taxonomies, schemas and other standardized vocabularies ever since in order to ensure accuracy of understanding and facilitate the interoperable exchange and merging of data.

In the case of medicine and health care, the process has been ongoing for decades with mixed results, and with the advent of artificial intelligence – AI – that challenge takes on a new dimension, and has generated a new standard for the use of AI in healthcare. The goal is to assign definitions for sometimes vague or inconsistently used terms in order to increase data integrity and create more trusted AI solutions. The AI in Healthcare standard was developed by more than fifty major IT vendors, like Amazon and Microsoft, as well as startups and healthcare companies, all members of the Consumer Technology Association.

We need to talk: a new messaging framework for cybersecurity tools. Taxonomies are essential tools, but they operate at a very basic level. Several layers above live messaging frameworks, and the Open Cybersecurity Alliance has just released an open source language for connecting cybersecurity tools. OpenDXL Ontology provides a common language that can reduce the need for custom integration between programs such as endpoint systems, firewalls, and behavior monitors. As an example, “if a certain tool … detects a compromised device, it could automatically notify all other tools and even quarantine that device using a standard message format readable by all.”

 A new standard for greenhouse gas reductions in the IT industry. Unlike most standards setting organizations, the International Telecommunication Union (ITU) is a United Nations treaty organization, making it a logical platform for the development of a set of recommendations intended to achieve a forty-five percent reduction of greenhouse gases emitted by the IT industry by 2030.  According to the ITU, ITU L.1470 “GHG emissions trajectories for the ICT sector compatible with the UNFCCC Paris Agreement,“offers authoritative guidance on the pathway towards net-zero emissions for the ICT industry,” ITU Secretary-General Houlin Zhao said. One bad sign: the specification is confidential to ITU members only. So much for public accountability. 

How the (open source) software gets made: Apache Subversion turns 20. Today there are over 28 million open source code repositories at GitHub alone, comprising nearly endless lines of code accessed by over 40 million users – an enormous number of whom are also contributors of that code. How do you keep track of so many contributions? One core tool is Apache Subversion, which recently turned 20.

Subversion allows users to commit code, manage changes, and recall earlier versions of data, making it simple for distributed team members to work together without confusion. According to a celebratory press release, Subversion has grown to become the most popular version control system on the market, and remains the leading centralized versioning and revision control software today.”

Is it safe? The Linux Foundation and the Open Source Group collaborate to fund Code Security Audits.  Linus Torvalds famously observed that, “given enough eyeballs, all bugs are shallow.” That may be true, but are there always enough eyeballs? A number of hacks over the past decade suggest otherwise. The Linux Foundation (LF) has launched initiatives in the past – notably the Core Infrastructure Initiative – to confront this need, and now it is teaming with the Open Source Group, a non-profit group that connects open source projects with funding and logistical support. The initiative will use the LF’s Community Bridge funding platform to fund audits of important open source software. [Disclosure: The Linux Foundation is a client]