The True Cost of

OPEN SOURCE
SOFTWARE

Uncovering Hidden Costs

and Maximizing ROI

White Paper

February 2010

White Paper

February 2010

The True Cost of Open Source

Software: Uncovering Hidden
Costs and Maximizing ROI
Distilling the Debate: Is Open Source Software for You?
If you have researched open source software, even just a little, youve likely
encountered two distinct worldviews: believers and skeptics. Believers celebrate open
source as free, collaborative code. In this paradigm, open source software isnt just
a free licensing model; it is a movement for building better, more flexible software.
But, thats just one side of the story. Open source skeptics raise compelling counterarguments for why open source software and the enterprise dont mix.
So, where does this leave you, especially if you are tasked with deciding whether or
not to implement open source software in your organization? In this paper well delve
deep into both arguments and provide practical tools to help you decide whether or
not open source software will be a good return on your companys investment. Well
also present solutions for bridging the gap between believers and skeptics in your
organization, and for reducing risks that go hand-in-hand with running open source
software in the enterprise.

The Appeal of Open Source

To determine whether or not open source software is the right choice for your
organization, you must weigh the pros and cons. Lets begin with prosthe tangible
benefits that have significantly increased open source adoption in the last decade.
Analyst firm Gartner predicts that 90% of enterprise software development businesses
will be using open source software by 2012.1 But, its not just software development
firms that are warming to open source software. Adoption is on the rise in all business
verticals, from financial institutions to government agencies. In the last two years, for
instance, open source has become prevalent in large, traditional financial institutions
like Credit Suisse, Bank of America and Goldman Sachs. Similarly, the Department of
Defense (DoD) and Department of the Navy (DoN) report that a variety of open source
software programs are in operation in both classified and unclassified environments
inside their organizations.2

The True Cost of Open Source Software:

Uncovering Hidden Costs and
Maximizing ROI

These are some primary reasons why open source software has become so
prevalent.

1. Free licenses.

The driver for many organizations is free software licenses. When licenses are free,
businesses cut initial hard costs of product and project development. Businesses
are under terrific pressure to cut costs and open source software offers a concrete
way to significantly slash budgets. A 2008 Forrester Research study reported that
CIOs regard lower costs as the main reason for using open source software in their
organizations: It is not just the cost of the [commercial] license, but also the fact
that [you] have to pay between 20 and 25 percent of the value of the license per
year on an annual maintenance agreement with commercial products, says senior
Forrester analyst, Jeffrey Hammond.3 In todays tough economic environment, the
lure of free software licenses is hard to resist. Additionally, because open source
software is free, its very easy to acquire. Developers simply download the code and
can immediately start working. Theres no lengthy procurement processes to slow
down developer productivity.

2. Own the code.

Under the GPLthe General Public License that allows developers to use open
source software for freeyou have full access to the open source code you use.
That means you can freely change the code and add new functionality whenever
you want. Plus, anyone can make alterations to open source software; you are not
obligated to work with specified third-party vendors who often charge exorbitant
prices for custom work.

3. Software quality is continually improving.

Despite skeptics fears about the quality of open source code, there is plenty of
evidence that the overall number of defects in open source code drops over time.4
As open source communities collaborate the code base inevitably improves; bugs
are fixed; features are added; it achieves faster performance and integrates more
seamlessly with other systems. When you buy in to open source software you
dont just get the code you implement today. You get what the software will be
tomorrow, next year and a decade from now.

The True Cost of Open Source Software:

Uncovering Hidden Costs and
Maximizing ROI

4. Code stability.

In the enterprise, dynamic open source languageslike PHP, Perl and Pythonare
the most popular flavor of open source. According to a 2010 Forrester survey,
57% of developers surveyed have used dynamic languages in their development
work.5 As such, popular programming languages have considerable momentum
behind them with millions of developers working on the code. With so many people
dedicated to these open source projects, their viability is not in question. Unlike
commercial software vendors, theres virtually no chance that established open
source languages will vaporize when economic times are tough.

5. Draw on the open source community for help.

When you implement, alter and add to open source software, you become part of a
thriving community of passionate software developers. This philosophical take on
open source may seem banal from a business perspective, but it offers some real
technical advantages. As part of a community, you can solicit help in discovering
and building new and useful functionality. Youre not at the mercy of commercial
vendors who may never make improvements or upgrade their software to integrate
more smoothly with other systems, achieve faster performance, or combat new
security threats.
Open source is synonymous with freedom. Not just free licenses, but freedom
to alter and improve the code base and to benefit from others who do the same.
Believers view open source software as self-sufficient technology that removes
development barriers and improves the overall quality of software projects.

Obstacles and Risks

Yes, open source licenses are free and anyone can alter and improve the code to fit
their needs. But, there can be risks and unpredictable outcomes when open source
software is not factored into the overall business strategy. For open source to work
for an organization, developers and managers must be on board to ensure that both
the technical and business demands of open source software are properly managed.
So, to balance the debate, here are the consthe problems that frequently result in
cost overruns, technical roadblocks and business interruptions. If youre considering
implementing open source software as part of your IT strategy, dont overlook these
potentially troublesome issues.

The True Cost of Open Source Software:

Uncovering Hidden Costs and
Maximizing ROI

1. Open, Not Free.

Just because something is free does not mean that it has no cost, says Laurie
Wurster, a Gartner analyst.6 Many companies are blinded by free licenses and ignore
the true cost of open source software. Licenses are free, but the software doesnt
run itself. To get an implementation up and running smoothly youll need experts
in-house or consultantsto complete the installation and complex integrations. Like
any software implementation, open source projects, if not managed properly, can
stretch development budgets.

2. Code maintenance.

When you use open source software, theres no proprietary software vendor
maintaining the code for you. Its up to your team to install updates, make security
fixes, implement new modules, and more. But, when your IT team is already
stretched with core development projects and under tight delivery deadlines,
open source software maintenance can go by the wayside. This quickly becomes
problematic. If you dont make open source code maintenance a priority, the quality
of your software project can deteriorate: security patches arent installed and bugs
dont get fixed. With the continual uptake of open source software in the enterprise,
companies are offering commercial or hybrid versions of open source that include
technical support and maintenance services, so the burden of maintenance doesnt
need to fall entirely to in-house development teams.

3. No support contracts.

Open source software doesnt come with support. When youre on a tight
development schedule, a lack of formal support can put your project at risk.
The open source community is typically helpful and will likely respond to your
questions and queries. But, these developers are under no obligation to do so in a
timely manner. This is especially problematic if your company uses open source
software in mission-critical applications, or if you use open source software in
commercial products. Without 24/7 technical support in place, your own products
time to market may lag. Even worse, uptime can suffer and your customers will
feel the negative effects. Alex Wied, head of Accentures Innovation Centre for Open
Source, says investing in professional software support--even for open source
software--is critical: It is essential that theres a trusted vendor, behind each
software, that secures technical support regardless if proprietary or open source.7
Similarly, the DoD and DoN have initiated a policy that strongly encourages all open
source software to be professionally supported, either by someone inside those
organizations or by a third party. To mitigate the risk of open source software going
bad, you must invest in support services, an oft forgotten line item in open source
implementation budgets.

The True Cost of Open Source Software:

Uncovering Hidden Costs and
Maximizing ROI

4. Legal liability.

You dont have to pay for open source licenses, but you must license the open
source software you use in enterprise products. Although open source licensing
terms have nothing to do with money, they can put restrictions on how you distribute
your product. With dozens of open source licenses to choose from (GPL, Artistic,
LPGL, Creative Commons, BSD, to name a few), managing licensing is notoriously
confusing. It can be an administrative headache and opens your business up to legal
liability. If you misinterpret licensing requirements, you could unwittingly wind up in
an embarrassing and potentially costly legal battle like Cisco did in 2008 when the
Software Freedom Law Center filed a copyright infringement lawsuit against Cisco
Systems for violating open source software license agreements. Under the terms
of the General Public License (GPL), distributors of enterprise software that use
open source code must make the open source code available with their software
distribution. Cisco failed to do so. The company ultimately settled the lawsuit by
making a monetary donation to the Free Software Foundation and by appointing a
Free Software Director to conduct continuous reviews of the companys license
compliance practices.8 Even if a licensing debacle doesnt lead to litigation, your
company could be fined, or worse, your organizations reputation could be damaged
resulting in negative PR, even a drop in share prices.
In theory, it should be easy to document open source usage in an organization
and license it correctly. In practice though, most organizations fall short. A 2008
Gartner survey reports that the majority of businesses using open source software
have no formal policies in place for cataloguing open source software usage in their
businesses. Thats because open source software doesnt go through the same
procurement process as proprietary software. Developers can download it from the
Web and use it without managers even knowing its there. Of course, if you dont
know what open source software youre running, you cant be licensing it correctly.
Gartner analyst, Laurie Wurster says to avoid liabilities, companies must have a
policy for procuring OSS, deciding which applications will be supported by OSS, and
identifying the intellectual property risk or supportability risk associated with using
OSS.9 Especially if you have a commercial product out in the world, the chance of
users discovering open source embedded in your software is high, which makes
using open source software in enterprise products a risky proposition without proper
licensing. To mitigate this kind of legal risk, software development companies are
beginning to enlist the help of third-party licensing experts who make sure open
source software licensing is in place and accurate.

The True Cost of Open Source Software:

Uncovering Hidden Costs and
Maximizing ROI

Free software licenses and flexible, extensible code is hard to pass up. But, when
you factor in the time and financial costs of implementation and maintenance, plus
the lack of formal support and potential license infringement, its clear that unless
managed properly open source software may have a higher price than developers
and managers expect.

The True Cost of Open Source

Both arguments have valid claims. So, where to start in making your realworld evaluation? Too many companies jump on the bandwagon without fully
understanding the true cost of an open source implementation. Or, conversely, they
avoid open source altogether thinking that the risks are too high. In a 2008 Computer
Weekly article about open source liability, Gartner shares survey results from 274
companies around the world. Gartner measured high open source software usage,
but found that most (69 percent) of companies were not measuring the cost of their
open source usage.
So, lets look at some hard costs of open source software. Well also look a hybrid
approachenterprise-grade open source software delivered by a third party, like
ActiveState, which offers technical support, indemnification and redistribution rights
along with best practices development expertise for dynamic languages including
Perl, Python and Tcl.

Total Cost of Ownership

A key component of project success is being able to estimate total cost of

ownership (TCO). TCO includes much more than license acquisition costs; there are
significant, ongoing costs associated with implementation, training, maintenance,
support and legal licensing. If you dont take all these costs into consideration, you
will come up against surprise cost overruns that can threaten project success. In
the tables below we compare two ways to implement open source and the costs
associated with them: pure open source and ActiveStates managed open source
solutions.

The True Cost of Open Source Software:

Uncovering Hidden Costs and
Maximizing ROI

With numbers from the chart and formulas below, we can use this formula to
calculate TCO:
A = Acquisition costs
I = Implementation costs
M = Maintenance/support costs
L = Legal costs
A + I + M + L = TCO

Costs

Open Source
Dynamic
Language

Enterprise Dynamic
Language Solutions by
ActiveState

Acquisition Cost
(Software Licenses)

None

None

Training

Developer salary * days

training
Developer salary *
development months +
fixed costs of in-house
open source expert
Full-time salary +
fixed costs of in-house
open source expert or
consultant fee
Time for license audit/
building governance
process + potential
license infringement risk
costs

Developer salary * days of

training
Developer salary *
development months+ fixed
costs of in-house open source
expert
Annual ActiveState Enterprise
solution fee

Development
Maintenance and
Support
Legal
(Distribution Rights
and Indemnification)

Annual ActiveState OEM

License solution fee +
Indemnification coverage fee

The True Cost of Open Source Software:

Uncovering Hidden Costs and
Maximizing ROI

The sample calculations in the following chart are ballpark figures and may not accurately represent your project,
including how much training and development hours are required. However, they provide a basic cost comparison
between two open source deployment methods. In this case we compare the cost of using pure open source Perl
and ActiveStates Perl Enterprise distribution. The following table shows typical costs for a small development
project.

Costs
Acquisition Cost
(Software Licenses)
Training

Development

Maintenance and
Support

Legal
(Distribution Rights
and Indemnification)

Total

Open Source
Dynamic
Language

Enterprise
Dynamic
Language Solution

Savings with
ActiveState

None

None

None

10 days of training based

on an annual salary of
$100,000 = $3,790
1 full time engineer for
one year = $100,000
annual salary + $20,000
annual fixed costs for inhouse open source expert
= $120,000
.5 full time engineer
@ $100,000 annual
developer salary +
$20,000 annual fixed
costs for in-house open
source expert = $60,000
3 days of engineers time
for consulting with legal
team + 40 hours for legal
team to draw up legal
documents = $17,000

5 days of training based

on an annual salary of
$100,000 = $1,895
One full time engineer for
nine months = $75,000
+ $15,000 annual fixed
costs = $90,000

50%

Annual ActiveState
Enterprise solution fee,
approximately $25,000

59%

Plus, the cost of potential

legal fees should you be
hit with an IP infringement
lawsuit.

$234,900

(development accelerated by
ActiveState support)

Annual ActiveState
OEM License and
Indemnification coverage
fee, approximately
$14,000

$147,950

25%

18%
PLUS
If you become involved in
a lawsuit, licensing costs
could explode by 200 or
300 %.

$86,950

in savings

ActiveState pricing in the table above has been averaged and is for example purposes.
Please consult with ActiveState to determine exact pricing for your project.

The True Cost of Open Source Software:

Uncovering Hidden Costs and
Maximizing ROI

Obviously, the cost savings in reduced development time will scale as a project grows. Using the charts above as a
reference, you can calculate real costs for your project using commercial software with this formula:
Acquisition Costs = (Project Duration * Developer Seats) * Annual Cost per Developer
Seat
Implementation Costs = Training + Development

Training = Number of Developers * Salary per Month *

Number of Days

Development = Number of Developers * Salary per Month *

Number of Months
Maintenance and Support = Annual Fee for Support Contract
Legal Costs = None

Calculate costs for a project using open source software:

Acquisition Costs = None

Implementation Costs = Training + Development

Training = Number of Developers * Salary per Month *

Number of Days

Development = Number of Developers * Salary per Month *

Number of Months
Maintenance and Support = Salary of in-house or consulting open-source expert
Legal costs = Implementing license audit/building governance processes

Calculate costs for a project using commercial open source solutions. Contact ActiveState for a quote to complete an
accurate calculation:
Acquisition Costs = None

Implementation Costs = Training + Development

Training = Number of Developers * Salary per Month *

Number of Days

Development = Number of Developers * Salary per Month *

Number of Months
Maintenance and Support = Annual ActiveState Enterprise Solution Fee
Legal Costs (Distribution Rights +Indemnification) = Annual ActiveState OEM License
Fee+Indemnification Coverage

The True Cost of Open Source Software:

Uncovering Hidden Costs and
Maximizing ROI

Five Principles for Maximizing Open Source ROI

If, after considering TCO, open source software is an attractive alternative for your
organization, then following these five best practice principles will put you on the road to
successful, cost-effective open source software implementations.

Use Good Quality Software

Open source software is continually improving, but that doesnt mean its perfect today. If
the software you choose is not top quality, it can cause a ripple effect that can ultimately
downgrade your product or project. Open source is simply a licensing model; it does not
mean best practices, like incorporating open standards, are in place. If quality code is
important to youand it should bedo your homework and choose a tried and tested
application or language distribution with a stellar reputation like ActiveStates ActivePerl, a
quality assured version of Perl that improves on pure open source Perl.

Get Experts on Your Side

As open source components become ubiquitous, developers are under pressure to

learn a variety of dynamic languages. They become generalists. A broad understanding
of dynamic languages may be enough to keep them running day-to-day, but when it
comes to complex development, working with open source component experts, will
save you time and money in the long run and steer your project in the right direction.
Some organizations hire third-party open source experts as project partners while
others bring expertise in-house. But, a full-time salary and fixed employee costs can
be cost prohibitive. Plus, you may have a hard time keeping a full time open source
component guru busy. Experts are most effective at key moments in development and
implementation. For instance, you may need an expert when upgrading your software or
launching on a new platform, but that experts time is wasted on day-to-day duties. Either
way, a legitimate expert is worth the price. He or she will shorten development time and
will limit costly snafus.

Maintain Your Open Source Software

Open source software must be nurtured. You have full access to the code, so it is your
responsibility to undertake routine maintenance: make version updates, install security
patches, add new modules, etc. Open source software development keeps moving and
improving, so you must keep up with the latest versions. In the worst case scenario,
developer attention starts to shift toward newer versions and features and organizations
using older releases end up relying on code that is getting less and less attention, few
bug fixes and less security attention. Staying on top of code maintenance will ensure that
code quality does not deteriorate.

The True Cost of Open Source Software:

Uncovering Hidden Costs and
Maximizing ROI

Avoid Licensing Debacles

At first glance, managing open-source licensing on your own seems straightforward, but
it is complex and time consuming. First, you must determine top-level licensing. Then
its on to deciphering module-level dependencies. Open source languages are made
of up thousands of libraries, modules, packages and frameworks that are all licensed
separately. Youll need to develop processes for cataloguing open source software
including version and release numbers, whether its used internally or will be distributed,
whether its been modified, etc. There is the significant cost of developing this process
in-house, or getting legal advice to ensure open source software licensing doesnt
become your downfall. Its easy to ignore licensing, but the consequences are intellectual
property infringement and unexpected costs.

Dont Rely Entirely on the Open Source Software

Community for Support

If you dont have an expert on your team in the specific open source application or
language youre using, then solving technical problems can be difficult. Documentation is
not always available, or helpful. Plus, you may need to wait days or weeks for the open
source community to answer your queries. Research also indicates that up to 39% of
information seekers never receive public replies to their queries.10 This principle requires
that you either hire in-house expertise, or that you work with a third-party, enterpriselevel support team that wont leave you high-and-dry when issues threaten project
success.

The ActiveState Answer

Following these five principles is difficult. Especially when the particular open source
component isnt your core area of expertise and your team has other important tasks
to focus onlike getting your product to market or implementing an internal system
or solution. According to IDC analysts, an increasing number of organizations are
subscribing to third parties to support open source software in their businesses.
At ActiveState, we provide a safety net, by offering enterprise-grade language
distributions for Perl, Python and Tcl along with commercial support, indemnification and
distribution rights packages. Our open source language distributions are renowned for
quality and are now the de-facto standards for millions of developers around the world.

The True Cost of Open Source Software:

Uncovering Hidden Costs and
Maximizing ROI

Like all open source code, ActiveState language distributions are provided free to the
community.
ActiveStates enterprise-level dynamic language expertise and reliable support for Perl,
Python and Tcl are designed to help organizations meet development deadlines and
keep overall costs down by allowing developers to focus on their core competencies.
ActiveState also provides Intellectual Property indemnification packages, which help
organizations building business-critical and mission-critical systems, minimize legal
risks, ensure compliance, and accelerate productivity. Enterprise-grade support and
licensing solutions minimize the hardships associated with code instability, unreliable
technical support and potential license infringement. From development troubleshooting
to emergency in-production coverage, ActiveState support ensures priority access to
open source language experts and includes unlimited incidents, guaranteed response
times, and fixes delivered to you quickly.
Dont reinvent the wheel in-house; avoid budget overruns and blown deadlines. Instead,
rely on our experts and commercial support and enjoy one more thing you dont have to
worry about.
In addition, if you are distributing, selling or bundling software, hardware or devices that
contain open source components, your organization may be exposed to serious legal risk.
Through OEM licensing, ActiveState offers turn-key redistribution rights, indemnification,
and commercial support to guarantee assurance to software and hardware vendors and
their customers removing any risks associated with copyright infringement lawsuits.

Who is ActiveState?

ActiveState, the dynamic languages company, is the world leader in enabling companies
to develop, manage, and distribute applications with dynamic languages from
mission-critical applications to open source projects. ActiveStates development tools,
commercial-grade language distributions, commercial support, indemnification, and
OEM solutions accelerate productivity, minimize risk, eliminate complexity, and ensure
compliance with use and distribution of dynamic languages. With a focus on Perl,
Python, Tcl and web languages, a strong community of 2 million developers and 97%
of the Fortune 1000 rely on ActiveState, including technology, finance, aerospace,
and government organizations such as Cisco, CA, Hewlett-Packard, Bank of America,
Siemens, Lockheed Martin.

The True Cost of Open Source Software:

Uncovering Hidden Costs and
Maximizing ROI

Footnotes
1 Peter Judge, Gartner: Open source will quietly take over, ZDNet UK, April 4, 2008, http://news.zdnet.
co.uk/software/0,1000000121,39379900,00.htm
2 DON CIO memo, Department of the Navy Open Source Software Guidance, of 05 June 07 and DOD
CIO memo, Clarifying Guidance Regarding Open Source Software (OSS), October 16 2009.
3 Cliff Saran, Tough times boost open source sales pitch, Computer Weekly, December 9, 2008.
4 Chris Kanaracus, Study Shows Open-source Code Quality Improving, PC World Business Center,
September 23, 2009. http://www.pcworld.com/businesscenter/article/172469/study_shows_opensource_
code_quality_improving.html
5 Jeffrey Hammond, What Developers Think, Dr. Dobbs, January 16, 2010, http://www.drdobbs.com/
architect/222301141.
6 Antony Savvas, Firms open to huge open source liabilities, Computer Weekly, November 18, 2008.
http://www.computerweekly.com/Articles/2008/11/24/233445/Firms-open-to-huge-open-source-liabilities.
htm
7 Alex Wied, Commercial open source is essential to enterprise IT, ComputerworldUK, August 13, 2009.
http://www.computerworlduk.com/community/blogs/index.cfm?entryid=2443
8 Ryan Paul, Cisco settles FSF GPL lawsuit, appoints compliance officer, ars technical, May 21, 2009,
http://arstechnica.com/open-source/news/2009/05/cisco-settles-fsf-gpl-lawsuit-appoints-complianceofficer.ars
9 Antony Savvas, Firms open to huge open source liabilities. Computer Weekly, November 18, 2008.
http://www.computerweekly.com/Articles/2008/11/24/233445/Firms-open-to-huge-open-source-liabilities.
htm.
10 Karim R. Lakhani and Eric von Hippel, How open source software works: free user-to-user
assistance, MIT Sloan School of Management, July 12, 2002.
11 Anuradha Shukla, IDC: Organisations adopt open source to reduce expenses, Computerworld,
September 29, 2009. http://news.idg.no/cw/art.cfm?id=073779BA-1A64-6A71-CE90B369D13FD0C2.

ActiveState Software Inc.

1700-409 Granville Street
Vancouver, BC V6C 1T2
Phone: +1.778.786.1100
Fax: +1.778.786.1133
business-solutions@activestate.com
phone: +1.778.786.1101
Toll-free in North America
1.866.510.2914