Creativity & Problem-Solving

Frank Nagle, James Dana, Jennifer Hoffman, Steven Randazzo, and Yanuo Zhou. 3/2/2022. Census II of Free and Open Source Software — Application Libraries. The Linux Foundation. Harvard Laboratory for Innovation Science (LISH) and Open Source Security Foundation (OpenSSF). Publisher's Version Abstract

lfresearch_harvard_census_ii_1.pdf

Free and Open Source Software (FOSS) has become a critical part of the modern economy. There are tens of millions of FOSS projects, many of which are built into software and products we use every day. However, it is difficult to fully understand the health, economic value, and security of FOSS because it is produced in a decentralized and distributed manner. This distributed development approach makes it unclear how much FOSS, and precisely what FOSS projects, are most widely used. This lack of understanding is a critical problem faced by those who want to help enhance the security of FOSS (e.g., companies, governments, individuals), yet do not know what projects to start with. This problem has garnered widespread attention with the Heartbleed and log4shell vulnerabilities that resulted in the susceptibility of hundreds of millions of devices to exploitation.

This report, Census II, is the second investigation into the widespread use of FOSS and aggregates data from over half a million observations of FOSS libraries used in production applications at thousands of companies, which aims to shed light on the most commonly used FOSS packages at the application library level. This effort builds on the Census I report that focused on the lower level critical operating system libraries and utilities, improving our understanding of the FOSS packages that software applications rely on. Such insights will help to identify critical FOSS packages to allow for resource prioritization to address security issues in this widely used software.

The Census II effort utilizes data from partner Software Composition Analysis (SCA) companies including Snyk, the Synopsys Cybersecurity Research Center (CyRC), and FOSSA, which partnered with Harvard to advance the state of open source research. Our goal is to not only identify the most widely used FOSS, but to also provide an example of how the distributed nature of FOSS requires a multi-party effort to fully understand the value and security of the FOSS ecosystem. Only through data-sharing, coordination, and investment will the value of this critical component of the digital economy be preserved for generations to come.

In addition to the detailed results on FOSS usage provided in the report, we identified five high-level findings: 1) the need for a standardized naming schema for software components, 2) the complexities associated with package versions, 3) much of the most widely used FOSS is developed by only a handful of contributors, 4) the increasing importance of individual developer account security, and 5) the persistence of legacy software in the open source space.

Karim R. Lakhani, Anne-Laure Fayard, Manos Gkeredakis, and Jin Hyun Paik. 10/5/2020. “OpenIDEO (B)”. Publisher's Version Abstract

In the midst of 2020, as the coronavirus pandemic was unfolding, OpenIDEO - an online open innovation platform focused on design-driven solutions to social issues - rapidly launched a new challenge to improve access to health information, empower communities to stay safe during the COVID-19 crisis, and inspire global leaders to communicate effectively. OpenIDEO was particularly suited to challenges which required cross-system or sector-wide collaboration due to its focus on social impact and ecosystem design, but its leadership pondered how they could continue to improve virtual collaboration and to share their insights from nearly a decade of running online challenges. Conceived as an exercise of disruptive digital innovation, OpenIDEO successfully created a strong open innovation community, but how could they sustain - or even improve - their support to community members and increase the social impact of their online challenges in the coming years?

Races vs. Tournaments

Contests are frequently used to raise the workers’ productivity and innovation in business, government, and many other settings. They can take many different formats or designs, but two seem prevalent: the race and the tournament. Races set the incentives by rewarding the first person to meet a specified,... Read more about Races vs. Tournaments

Optimal Prize Structure

One of the strongest design parameters for contests is the prize structure, i.e., the number and level of prizes. In developing best practices, we are working to provide guidance to practitioners to optimize the use of prize funds. Optimal selection of prizes is a complex task. For tasks with diminishing returns to effort (the 100th hour of work improves the output less than the 1st hour),... Read more about Optimal Prize Structure

Best Management Practices

LISH is working to develop testable systems and methods to help open innovation (OI) practitioners explore techniques for best practices. To date, the lab has spent extensive time studying both contests and communities with profit companies, governments, academic research centers, and platforms. Research in these areas explore... Read more about Best Management Practices

Elizabeth E. Richard, Jeffrey R. Davis, Jin H. Paik, and Karim R. Lakhani. 4/25/2019. “Sustaining open innovation through a “Center of Excellence”.” Strategy & Leadership. Publisher's Version Abstract

This paper presents NASA’s experience using a Center of Excellence (CoE) to scale and sustain an open innovation program as an effective problem-solving tool and includes strategic management recommendations for other organizations based on lessons learned.

This paper defines four phases of implementing an open innovation program: Learn, Pilot, Scale and Sustain. It provides guidance on the time required for each phase and recommendations for how to utilize a CoE to succeed. Recommendations are based upon the experience of NASA’s Human Health and Performance Directorate, and experience at the Laboratory for Innovation Science at Harvard running hundreds of challenges with research and development organizations.

Lessons learned include the importance of grounding innovation initiatives in the business strategy, assessing the portfolio of work to select problems most amenable to solving via crowdsourcing methodology, framing problems that external parties can solve, thinking strategically about early wins, selecting the right platforms, developing criteria for evaluation, and advancing a culture of innovation. Establishing a CoE provides an effective infrastructure to address both technical and cultural issues.

The NASA experience spanned more than seven years from initial learnings about open innovation concepts to the successful scaling and sustaining of an open innovation program; this paper provides recommendations on how to decrease this timeline to three years.

Core Infrastructure Initiative

Despite its widespread use throughout myriad industries, the economic impact of Free and Open Source Software (FOSS) is poorly understood and poorly measured. Further, due to the decentralized nature of the OSS development process, security issues... Read more about Core Infrastructure Initiative

Robonaut 2 Challenges

The goal of this series of NASA challenges was to create algorithms to train and control Robonaut 2—the first humanoid robot in space. Robonaut 2 is used on the International Space Station (ISS) to help perform dangerous or routine tasks instead of astronauts. Run in 2016, this particular challenge... Read more about Robonaut 2 Challenges

Centers for Medicare & Medicaid Services Challenge Series

This 2013 series of challenges was to develop a software module for the Centers for Medicare & Medicaid Services that could be used across multiple states. Working with the Medicaid office of the state of Minnesota, these challenges developed... Read more about Centers for Medicare & Medicaid Services Challenge Series

ISS-FIT App

Sponsored by NASA, the goal of this 2013 series of challenges was to develop an iPad application for astronauts to use on the International Space Station (ISS) to track food intake. Astronauts on ISS have busy daily schedules and needed a simple way to record what they eat and drink in... Read more about ISS-FIT App

DNA Sequencing Challenge

In collaboration with the Broad Institute, the goal of this 2016 precision medicine contest was to find an algorithm that aligned multiple DNA sequences to a reference DNA for a simpler case. The reference DNA and the DNA from which the sequences originated had only minor differences. The task was to align these sequences fast and accurately,... Read more about DNA Sequencing Challenge

Antibody Clustering Challenge

The goal of this 2015 challenge, conducted in collaboration with the Scripps Research Institute on Topcoder, was to optimize and speed up an existing algorithm for clustering antibody sequences (see the problem statement). Clustering these sequences allows researchers to understand... Read more about Antibody Clustering Challenge

Integrating Crowds into Academic Labs

LISH is transforming the processes in which traditional academic research labs work through the integration of crowds and crowdsourcing methodologies. As the lab has had success with the use of crowds to solve complex problems... Read more about Integrating Crowds into Academic Labs

Optimal Design of Contests: Information Revelation in Contests

As part of determining best practices in crowdsourcing, we are working to develop the optimal design of contests by investigating the role of various parameters in contests including number of contestants, matching between tasks and solvers, information revelation, and prize structure.... Read more about Optimal Design of Contests: Information Revelation in Contests

EPA ToxCast Predication Challenge

The goal of this 2014 challenge series was to develop a model, based on data provided by the U.S. Environmental Protection Agency, to quantitatively predict a chemical’s systemic Lowest Effect Level (LEL) in a traditional animal toxicity study. The systemic LEL is the lowest dose that shows adverse effects in these animal toxicity tests.... Read more about EPA ToxCast Predication Challenge

Google Fonts