Marco Conoscenti

Marco Conoscenti is a postdoctoral researcher at the Nexa Center for Internet and Society (Polytechnic University of Turin). He received the Ph.D. degree in Computer Engineering from Polytechnic University of Turin in October 2019, with a thesis entitled "Capabilities and Limitations of Payment Channel Networks for Blockchain Scalability". His research interests include the blockchain and cryptocurrencies. In 2019, together with the Agency for Digital Italy (AgID), he worked at the definition of a procedure for assessing and comparing open source software.

EOLE 2020 / 2021

Webinar 5 "Open source tools for public administrations"

Marco will be speaking at this webinar on march 17 at 11:30 am and will present the Assessment of Open Source Software for Public Administrations.

In May 2019, AgID (the Agency for Digital Italy) published the guidelines on acquisition and re-use of software for the Public Administration. The guidelines aim to help the Public Administrations in reusing and acquiring software, promoting the share and use of open source software. In particular, the guidelines specify that, when searching for software, the Public Administrations must first take into consideration and assess software already used and shared by other Public Administrations, then open source software, and eventually-only if any suitable software has been found in previous steps-off the shelf software can be considered.

In this context, we at the Nexa Center for Internet and Society, in cooperation with AgID, defined a procedure to assess and compare open source software. The procedure fully conforms to AgID guidelines. The procedure consists first of a technical and economic assessment of the software solutions, secondly, all the software solutions under evaluation are compared according to results of the assessment previously performed, and finally a rank from the most to the least satisfactory solution is produced.

Regarding the technical assessment, each software solution under evaluation is quantitatively assessed using the assessment criteria defined in AgID guidelines. Specifically, these assessment criteria are: coverage of functional and non-functional requirements, interoperability, protection of personal data, security, accessibility, the presence of a maintainer, the presence of support for installation, the dependencies from other software, the competence of Public Administration in the use of the software, the number of Public Administrations interested in the software, and the vitality of the software project.

Regarding the economic assessment, the Total Cost of Ownership (TCO) of the software is estimated. To do so, we defined a new TCO model, which resulted from a review of the scientific literature on TCO, an analysis of some TCO models available online and feedback received from the Piedmont Region. The TCO model so formulated takes into consideration both capex and opex costs of acquiring a software.

After each software under evaluation is economically and technically assessed, in the proposed procedure we adopt a multi-criteria decision making algorithm to compare all the software solutions. As input, the algorithm takes the results of the economic and technical assessments and the weights of the assessment criteria (which we defined also in this work); as output, it produces a rank from the most to the least satisfactory software solution.

Finally, we proposed a possible extension of the software assessment criteria. In fact, we proved that there exists a mapping between the assessment criteria of AgID guidelines and the software quality characteristics of the ISO/IEC 25010:2011 standard (system and software quality models). Therefore, we proposed to also include the ISO/IEC 25010:2011 quality characteristics in the assessment criteria, at the discretion of the interested Public Administration.

The proposed procedure was tested by 7 Public Administrations in real cases. To analyze the effectiveness and ease of use of the proposed procedure, we asked these Administrations to reply to a survey. The main results of the survey are as follows. Among the 7 Public Administrations, one considered the procedure difficult to conduct, while the remaining ones considered it of medium difficulty or easy to compile, with respect to an average difficulty of their normal tasks. 6 over 7 Public Administrations completed the procedure in less than 4 hours and the remaining one between 4 and 8 hours.

Therefore, we can conclude that the proposed procedure is a simple and valid tool for assessing and comparing software and it can effectively support the Public Administrations in acquiring open source software.