US flag signifying that this is a United States Federal Government website   Official website of the Department of Homeland Security

Homeland Security

Homeland Open Security Technology

The US Department of Homeland Security’s Science and Technology Cyber Security Division, through its Homeland Open Source Technology (HOST) program, is conducting interviews with state and local governments to gather information about their involvements with implementing or considering open source solutions.  The interviews will result in a best practices and lessons learned report based upon state and local government experiences. This analysis will also help inform Federal R&D efforts to leverage open source software for intergovernmental solutions that benefit the broader homeland security enterprise.

The mission of the Homeland Open Security Technology (HOST) program is to investigate open security methods, models and technologies and identify viable and sustainable approaches that support national cyber security objectives. The foundational technology for the purposes of HOST is based on open source software.

HOST program activities include three key areas of focus:

DISCOVERY: The HOST program will investigate new and existing open security projects and techniques that support and protect government cyber assets. This will be achieved in part through the development and sharing of comprehensive, public accessible inventory of open source projects, tools and applications as well as best practices and lessons learned.

COLLABORATION: Coordinating development activities and encouraging working relationships between public and private-sector R&D communities is core to increasing the sustainable use of Open Security Technology. Cross-industry events, designed to serve as platforms for collaboration, are already underway.

INVESTMENT: DHS is committed to providing seed investments in advanced R&D activities that support national cybersecurity objectives and have the potential to create sustainable project communities. This is achieved in part by enabling broad adoption and participation by public and private-sectors. (See “Suricata” below as an exemplary project).

Host Program Activities

suricata

Suricata Open Source Intrusion Detection System (IDS)
Funding for the Suricata IDS project was provided by the S&T Directorate and a number of private companies that form the Open Information Security Foundation (OISF) consortium. The OISF is a multi-national group of the leading software developers in the security industry organized to build a next generation IDS engine. In addition to developers and a consortium consisting of leading cybersecurity companies, OISF has engaged the open source security community to identify current and future IDS needs and desires. More information on Suricata can be found at the project web site (http://www.openinfosecfoundation.org/index.php/download-suricata).

Open SSL logo

Federal Information Processing Standard (FIPS 140-2) validated OpenSSL Cryptographic Module Library
The OpenSSL software is the basis of many, perhaps the majority, of all validated software cryptographic products, but validation of the OpenSSL cryptographic library starting from source code is a first. The S&T Directorate has provided funding and guidance to help secure FIPS 140-2 validation for the most current version of the OpenSSL cryptographic module which is made freely available to government and non-government users under an open source license. More information on OpenSSL can be found on their project web site. (http://www.openssl.org/)

Open Security PDF Image

Open Security: Open Source Software’s Role in Government Cybersecurity
A presentation given by Dr. Douglas Maughan, director of the S&T Directorate's Cyber Security Division at the 2012 Palmetto Open Source Software Conference. It covers how open source software fits into the federal cybersecurity strategy and goals of the Homeland Open Security Technology (HOST) program. The presentation is available here.

CO Report

Open Source Software in Government: Challenges and Opportunities
In 2011, extensive interviews were conducted with a wide range of state, local and federal government information technology professionals, industry experts and others to gain a fuller understanding of how open source is being used in U.S. government today and where the opportunities and challenges lay. The final report is in review and will be released shortly.

Inventory PDF

Open Security Catalog
The program maintains a catalog of cybersecurity related open source software. The eventual program website will be a central source for this information. A static quarterly updated version of the catalogue is available here.

Host Program News and Update

Cyber Security HOST Project Receives National Honor
S&T Directorate's Cyber Security Division’s Homeland Open Security Technology (HOST) project was recently awarded the Open Source for America (OSFA) 2011 Government Deployment of Open Source Award. HOST won the award in the category of “Open Source Deployment in Government”. More information on the annual OSFA awards can be found on their web site (http://opensourceforamerica.org/2011/11/awards/)

Mailing List – If you would like to stay current on this program, please contact the program at host@hq.dhs.gov and request to be added to our mailing list.

Previous Talks & Events

GovLoop Webinar (June 7, 2012 at 2pm Eastern) – Open Source Software in Government: Challenges and Opportunitie

GovLoop, the Homeland Open Source Technology (HOST) program, and RedHat hosted the GovLoop Webinar on June 7, 2012 at 2PM ET to discuss a recent HOST report. Main topics of the GovLoop Webinar included: Current open source software roadblocks; the state of the collaborative development of software; open source software security; opportunities for open source software in government; and available solutions.

International Conference on Cyber Security – Fordham University, January 2012

REALIZING THE VALUE OF OPEN SECURITY: LEVERAGING THE TECHNICAL, ECONOMIC AND OPERATIONAL BENEFITS OF OPEN SOURCE SOFTWARE TECHNOLOGIES IN SUPPORT OF NATIONAL CYBER SECURITY OBJECTIVES – Protection of our citizenry, critical infrastructure and national security interests from cyber threats requires continual development of advanced technologies, methods and techniques to keep us ahead of the threat curve. As the scope of adversarial threats expand, governmental budget constraints require that we think more with our head and less with our wallet. The DHS S&T Directorate's Cyber Security Division invested in several programs, such as HOST, designed to identify and leverage the technical, economic and operational benefits of the open source software development model in support of national cybersecurity objectives. This talk explained the DHS strategic vision and provided examples of how and where open source software can serve as a valuable part of a comprehensive cybersecurity strategy.

Back to Top

Last Published Date: October 21, 2013
Back to Top