How the Federal Reserve Bank of New York Navigates the 'Supply Chain' of Open Source Software

David Needle | Enterprise.Nxt | October 9, 2017

When you handle trillions of dollars a year in transactions and manage the largest known vault of gold in the world, security and efficiency are top priorities. Open source reusable software components are key to the New York Fed's successful operation.

Large companies have divisions and subsidiaries that make efficient organizational management a challenge. Perhaps no one recognizes that more than Colin Wynd, vice president and head of the Common Service Organization at the Federal Reserve Bank of New York. Wynd is charged with ensuring that software development practices and strategy are forward-thinking and secure, and adhere to compliance regulations. Several years ago, Wynd and his team started to think more holistically about how their developer teams worked, he explained in a presentation at the recent Jenkins World conference in San Francisco. They needed to transition decades of legacy applications to more modern, flexible alternatives.

“We were doing a lot of custom development, building databases, and implementing security such as authentication and authorization, all with custom logins. The joke was that we actually had more login utilities than we had applications,” recalled Wynd. “This was slightly crazy.” The New York Fed wanted to standardize its base technologies, development tooling, and architectural models. “Every user interface was a snowflake, completely different. An end user might use 15 different interfaces,” said Wynd.

Another goal was to use open source software to achieve far greater reuse of libraries and other common sets of code. Wynd took note of an evaluation from Sonatype, a company that specializes in software automation, that reported 75 to 80 percent of applications are made up of open source libraries. He saw value in open source adoption for the New York Fed. Doing so lets developers at the bank focus more on an application’s unique aspects, such as its business logic, rather than spend time building out the basic software plumbing, according to Wynd...