Much of the critical infrastructure that supports industries such as healthcare, transportation and energy production rely on open-source software, and the federal government is making an $11 million investment in understanding how this software is used and how it can be better secured. The White House and Department of Homeland Security (DHS) announced the Open-Source Software Prevalence Initiative (OSSPI) last week. National Cyber Director Hary Coker announced the initiative at the DEF CON conference in Las Vegas last week, and told attendees the funding comes from the 2021 Bipartisan Infrastructure Law. The project seeks to learn how open-source software is used in critical infrastructure, with the ultimate goal of strengthening national cybersecurity. “We know that open source underlies our digital infrastructure, and it’s vital that as a government, we contribute back to the community as part of broader infrastructure efforts,” Coker told conference attendees. He said the government cannot do the work alone, and that it was imperative that the cybersecurity community get involved. “I know that the same value set that drives responsible vulnerability disclosure will lead you to continue to step up for the protection of the Internet. I know the Internet is a safer place today because of all of your efforts,” Coker said. Last week the White House also released the findings of its recent Request for Information in its Open-Source Software Security Initiative (OS3I). That report highlights 12 recommendations from the cybersecurity community including directives to advance research and development, secure package repositories and strengthen ties between the government and open-source communities.