Discover how others are doing with their OSPOs
- National Digital Twin Programme: Open source for a smarter, more sustainable future!
- Centreon: born open source, governance and manifesto!
- Localization in Action: Taiwan Open Culture Foundation’s Journey with GGI Handbook!
- ThalesGroup: OSPO in Action!
If you think that you also have experience to share, contact us.
National Digital Twin Programme (UK): Open source for a smarter, more sustainable future!
Hello, I’m Alex Atudosie, Programme Manager at National Digital Twin Programme (NDTP). I lead the OSPO in my role as Programme Manager, ensuring it is fully embedded within the programme’s strategy and delivery, and that it demonstrates an open, repeatable model others who work on complex innovation programmes can follow.
Context
The NDTP is a government-led initiative to grow the UK’s capability in digital twinning. Its core purpose is to develop the standards, frameworks, guidance, methodologies, and tools that will provide the foundations of a trustworthy and interoperable National Digital Twin (NDT).
Digital twins are virtual replicas of physical entities, systems, or processes, connected to real-world data flows. They play a crucial role in enabling faster and better-informed decision-making, improving efficiency, and unlocking value across sectors.
NDTP’s mission is to ensure that digital twins are safe, secure, and sustainable, while being accessible to organisations of all sizes. Open-source collaboration is central to this effort: by developing and sharing open, reusable assets, NDTP helps remove barriers to adoption, supports interoperability, and ensures that benefits can be realised nationally. Our approach is rooted in transparency, inclusivity, and community-driven innovation.
Pain Points
One of the challenges we face is that suppliers, from the largest organisations to SMEs, often have very different practices when it comes to engaging with government, particularly in an open-source context. Many are still relatively new to open sourcing, and part of our role is to provide clarity of governance and purpose, setting out clearly how we expect work to be undertaken so that outputs can be released as open source in line with our principles.
Another pain point is that innovation programmes are often deployed without a clear strategy for how intellectual property (IP) should be managed, and how assets developed with public funding are to be released for wider public benefit. We are firm believers that if something is developed with public money, it should benefit the public. For that reason, all suppliers who work with us confirm pre-contract that they are happy for all IP to belong to the Crown, and that everything we develop is done so it can be released by the Programme under a permissive licence.
This has practical implications too: we must ensure our codebase is “clean” and not inadvertently contaminated by code under restrictive or incompatible licences. This responsibility sits squarely with the OSPO, which is tasked with making sure our outputs are legally, technically, and ethically ready for release.
A key step in NDTP’s strategy has therefore been the establishment of an Open Source Program Office (OSPO). The OSPO is designed to promote best practice within the programme, but also to ensure that everything we develop is released publicly as open source under permissive licences, in a consistent and responsible way. Our aim is not only to publish open code, but to make the process of open sourcing exemplary, contributing to furthering best practice in the UK and beyond.
We recognise a gap in capability across the UK, where the challenge is often not knowing how to approach open sourcing rather than what should be open sourced. The purpose of our OSPO is also to lead from the front, providing an example of how this can be done in practice, embedding openness as a principle, and ensuring that the assets we develop are released incrementally, transparently, and with reusability in mind.
How we did it
The NDTP team has been following the OSPO Alliance’s work for some time and benefited from the Good Governance Handbook to help shape how we manage both our open public code and unreleased private code.
While we don’t yet have a dedicated OSPO page on our website, we are in the process of re-designing the entire site and plan to surface many materials that are currently only available to our suppliers.
For now, our website is www.ndtp.co.uk, and we have a developers section where we outline our approach to open sourcing, along with direct links to our GitHub organisation. Of particular note is our ospo-resources repository, which contains reusable GitHub Actions workflows and other resources that others may find useful.
Achievements
A significant achievement of the NDTP has been demonstrating how an OSPO can operate effectively within the context of a complex, government-funded, supplier-delivered open-source programme. This model, combining clear governance, consistent licensing, and incremental release, is already showing how it can be replicated elsewhere in government.
One example is the Integration Architecture, a core part of the NDTP codebase, which has already been adopted by the National Energy System Operator (NESO). NESO is using it to build the Data Sharing Infrastructure for the Virtual Energy System. This marks a major step towards a National Digital Twin, enabling interoperable data to be exchanged across organisational boundaries. It has also led to a closer collaborative relationship between NDTP and NESO: we are now co-developing the Integration Architecture, and the OSPO model we established for NDTP is serving as the starting point for an OSPO dedicated to the Integration Architecture as an open-source project. This brings additional benefits too. More organisations are contributing time and financial resources, and their suppliers are learning to work in this way too. Over time, this will help grow the supplier and commercial ecosystem in the UK, embedding open and collaborative development practices more widely.
Another area where the OSPO has delivered impact is through the development of an SBOM aggregator. In 2024, the UK’s National Cyber Security Centre (NCSC) highlighted the importance of Software Bills of Materials (SBOMs) for understanding software supply chains. That guidance set out the “what”: organisations need visibility into the software components they depend on in order to manage risk.
We focused on the “how”. Modern software depends on countless layers of code and third-party components, and without visibility into these, it is almost impossible to manage risk. When a new vulnerability is discovered, organisations need to know what’s inside their software — and they need that information fast.
The SBOM aggregator provides exactly that visibility. It pulls together information from multiple repositories and produces a single, coherent view of the components an application depends on. This helps organisations strengthen their resilience, improve transparency across their supply chains, and respond quickly when vulnerabilities arise.
We have released it publicly, under a permissive licence, to help others avoid reinventing the wheel. Our intention is that it will support better cybersecurity and resilience practices not only within digital twin systems but across the wider software ecosystem. It is another example of our philosophy in action - not just saying what should be done, but showing how it can be achieved in practice, openly and collaboratively.
Centreon: born open source, governance and manifesto!
Hello, I’m Vincent Untz, CTO of Centreon since 2023, and a long-time member of and contributor to the open source community.
Context
Centreon is an IT and OT monitoring solution that helps organizations ensure their infrastructure is always-on and optimize their performance. Created 20 years ago by French students, it has become a standard in the monitoring industry and is supported by the company of the same name.
Open source context
- Centreon has been open source from the start, with 250,000 users and new users and platforms deployed daily.
- Development continues publicly in an open-source manner.
- The company provides proprietary modules and a SaaS solution to customers.
- The company leadership team deeply understands open source and has fully integrated it into the business strategy.
- Technical teams have an open source culture and heavily use open source software. We encourage participation in open source events, and some team members contribute to open source projects.
- Some Centreon individuals are well-known in the French open source community. -The company is a member of several open source organizations, such as April and OW2.
Pain points
Although it may seem that there are no open-source-related issues within Centreon, some pain points emerged upon closer inspection:
- The company has grown significantly in recent years, and many new employees were unfamiliar with open source and its concepts, or how it can be a competitive advantage from a business perspective.
- Some perceived a conflict between the Centreon open source solution and the Centreon commercial solution. Occasionally, we would lose a prospect for the commercial solution to the open source solution. While still a win for Centreon, it wasn’t always perceived that way.
- The development teams sometimes struggled to manage technical contributions from the community effectively.
- There were weak signals from people active in the French open source community about the perception of Centreon slowly drifting away from open source.
Overall, open source was still part of daily life at Centreon, but perhaps not as prominent and not fully understood by everyone as I would have expected.
How we did it
After joining the company, I realized during discussions that not everyone was aligned on the benefits of open source or on where to put the cursor with regards to open source. We had a discussion about this within the leadership team and I had the nice surprise to see that at that level, there was no such issue. We agreed that creating a document explaining our relationship with open source would be a good step forward, and that’s how we started working on our open source manifesto.
With Pierrick Martel’s help, we quickly drafted a manifesto that explains why open source is essential in IT today, why it presents an opportunity, why it is compatible with a business like ours, and how we are proud to contribute to it. The text concludes with our explicit commitment to open source. I also wrote an open source policy as an addendum, to elaborate on technicalities such as license choice, how to contribute to our projects, how we choose to contribute upstream by default, and how we participate in the community in general.
We went back to the leadership team who approved without reservation the open source manifesto and the open source policy.
To announce the manifesto internally, we presented it at an all-hands event with a small workshop to explain how open source impacts everyone in their life, and not just at work. We also proudly display the manifesto in our office.
The next step was to share this work externally by providing it on our website (https://www.centreon.com/centreon-open-source-manifesto/) and explaining what we did and why. This included talks at events, podcasts, articles, and this testimonial!
Achievements
Creating the open source manifesto was a key event for Centreon in 2024, and has led to clear benefits:
- A clear and unambiguous confirmation that the company and the leadership team support open source as a strategic part of Centreon.
- Realignment of everyone in the company regarding our stance on open source, including understanding that it is part of our business strategy.
- Feedback from the community that Centreon is no longer perceived as drifting away from open source, but is indeed contributing to the community.
The development teams are also aware of the implications of receiving contributions and are working harder to integrate them.
Centreon does not have an OSPO as such because open source has been central to the company since its inception. Our organization being “born open source”, OSS governance is in our DNA, the notion of OSPO is distributed across all roles and when we look at the GGI, usage, trust, commitment and strategy are anchored in our operation. The manifesto allows us to strengthen and give direction to our culture and we believe it is an efficient and straightforward tool for explaining how an organization interacts with open source.”
Localization in Action: Taiwan Open Culture Foundation’s Journey with GGI Handbook!
Open Culture Foundation (OCF) has long supported Taiwan’s OSS community, promoting open-source principles among enterprises and government agencies through initiatives like OSPO and OpenChain. Notably, OCF had assisted KKCompany in obtaining Taiwan’s first ISO/IEC 5230 certification at 2022 and driven the “Public Money, Public Code” initiative by training government staff on open-source practices.
Our contribution
We’re excited to share that OCF contributed to localizing the GGI Handbook into Traditional Chinese, leveraging glossaries and technical expertise gained from our three-year localization project involving Taiwan’s government, industries, and communities. Our proficiency in integrating Weblate with Markdown to produce PDFs effectively solved font compatibility challenges between Traditional and Simplified Chinese. Additionally, we had a valuable opportunity to train translation interns from NTU’s Department of Foreign Languages, who actively collaborated in handbook translation, significantly enhancing their practical skills and community engagement. Our intern Ruei, participating in her first OSS project, was thrilled to see the handbook published!
Next …
This year, OCF will transform selected GGI handbook sections into educational materials, integrating them with our interactive “Open Starter Village” board game for engaging workshops. This combined approach helps enterprises grasp open-source collaboration concepts and formulate strategic approaches. Concurrently, we’re exploring ways to utilize handbook activities to assist Taiwanese government agencies in developing OSPO frameworks.
The structured GGI approach provides OCF with a clear roadmap, enabling us to efficiently identify organizational needs and gradually advance open-source governance—even without immediate ISO certification. We eagerly look forward to continuing to incorporate GGI insights into our workshops and regularly sharing our achievements and progress with the OSPO Alliance community!
ThalesGroup: OSPO in Action!
Hi, I am Sébastien Lejeune, Open Source Advocate at Thales working at the Group Technical Directorate.
Context
Thales is a multinational group with french roots that designs, develops and manufactures electronical systems as well as devices and equipment for the aerospace, defence, transportation and security sectors.
Open Source context:
- Open Source Software & Hardware are strategic pillars for Thales, we want to foster collaborations between the actors of these communities through our GitHub organization: https://github.com/ThalesGroup.
- We did set an OSPO up back in 2020 and we have put in place a unified process & tooling to help collaborators to contribute to existing open source projects and to share Thales assets in open source.
- Open Source is sponsored by the top management and clearly defined in the group strategy.
My pain points
- Raise Awareness: I aimed to spread awareness about this global initiative throughout the organization.
- Middle Management Buy-In: My goal was to persuade middle management to actively encourage their teams to participate.
- Scaling Up: I sought to increase the number of contributors, both within Thales and externally.
How I did it
I joined the OSPO Alliance in 2022 and became an active committer after few months.
I instanciated the GGI board into our internal Gitlab at Thales and it helped me to have an overview about all the activities I had already achieved but also a lot of relevant resources to legitimate Thales Open Source strategy and to share them with different involved people.
Achievements since 2020
- Established an OSPO: We created an Open Source Program Office (OSPO) to oversee our open-source efforts.
- Streamlined Processes: We implemented tools and streamlined processes to facilitate easy asset publishing and contributions by all collaborators.
- Comprehensive Documentation: A clear and accessible documentation was developed and shared across Thales.
- Foundation Memberships: We expanded our affiliations with prominent open-source foundations, including Eclipse, Linux Foundation, CNCF, and OpenHardware Group.
- Active Participation: Our involvement extended to various open-source working groups, such as Systematic Open Source Hub, Eclipse projects, CNCF projects, and the Good Governance Initiative.