Celebrating two years of empowering public digital infrastructure

By Powen Shiah

In STF

Today marks the second anniversary of the Sovereign Tech Fund. There were many significant occasions to remember: momentous investments, thriving initiatives, and speaking at the United Nations.


Sustaining the open source ecosystem

Investing over €23 million in 60 open technologies

Throughout our second year, the Sovereign Tech Fund identified and invested in even more foundational open source technologies. With nearly 500 submissions proposing over €114 million in work since we started accepting applications, the need for support has never been more clear. By financing critical projects like Log4j, we’re commissioning much-needed maintenance, security work, and improvements in the public interest. The work on these components benefits all the companies, organizations, and individuals who depend on the open technologies that comprise our shared digital infrastructure.

Bug Resilience

The Bug Resilience Program, our proactive approach to increasing the resilience of open source software infrastructure projects, started accepting applications. Participating projects have been able to take advantage of the program’s services, from support with deal with technical debt, to code security audits to the bug & fix bounty platform to discover, responsibly report, and fix bugs.

There are now a total of seven projects participating in the bug & fix bounty program: systemd, Sequoia PGP, ntpd-rs, Apache Log4j, CycloneDX Rust, and Glib.

In September, we were also thrilled to announce the publication of Bug Bounties and FOSS: Opportunities, Risks, and a Path Forward, research by Dr. Ryan Ellis and Jaikrishna Bollampalli (Northeastern University) on the impact of public bug bounty programs on open source software security. This research was announced during an event hosted by us, presenting the key findings and insights in a keynote and panel discussion.

Dr. Ryan Ellis speaking at the event.

Panel discussion on the public sector’s role in public bug bounty programs.

The name badges designed by bleeptrack each feature a unique bug.

Fellowship for Maintainers

In August, we announced a new initiative, the fellowship for maintainers. It addresses a critical challenge in the open source ecosystem: how we can support the dedicated individuals who keep our digital infrastructure running. The fellowship is designed around the lived reality of how many maintainers work: stretched across multiple technologies, multi-faceted, and often behind the scenes. In the pilot year of the program, it will pay up to five maintainers of critical open source components for 12 months, for work that is hard to quantify for funding applications

We’re accepting applications through 20 October 2024 and are looking forward to welcoming the inaugural cohort of maintainers in the coming months.

Challenges

The second round of the Contribute Back Challenges continued in January and concluded successfully in April. Five teams received approximately €860,000 to working on improving developer tooling, securing software production, and documentation in free and open source (FOSS) projects: conda-store, Haskell Cabal, p5.js documentation, and Open Web Docs.

The two rounds of the Contribute Back Challenges lasted for a total of eight months, from September 2023 to April 2024. The challenges called companies, organizations, and others using free and open source software to participate actively in FOSS projects. It utilizes a funding and procurement format for what are known as “innovation competitions” to find new, faster ways to strengthen the FOSS ecosystem. The nine participating technologies received a total of €2.2 million to work on advancing and refining their proposed solutions.

We’re grateful to the participants for their hard work and new approaches to contributing to the open source ecosystem.


Thinking globally at the United Nations

In July, Germany was a host country of the 2nd UN summit on open source in New York. STF co-founders Adriana Groh & Fiona Krakenbürger shared our experiences so far in strengthening the FOSS ecosystem and how, together with the Center for Digital Sovereignty in the Public Administration (ZenDiS), we’re pioneering a holistic approach for the role governments can play.

It was an unique opportunity to speak about the Sovereign Tech Fund in front of a global audience and our hope is that this will provide a roadmap that the international community can collaborate on together.

Adriana Groh and Fiona Krakenbürger at the United Nations headquarters with other summit participants from Germany.

Andreas Reckert-Lodde (ZenDiS) and Adriana Groh speaking at the OSPOs for Good summit.

A global audience at the UN open source conference.

Building our team and capacity

As we develop more avenues and mechanisms to support digital infrastructure and address systemic challenges, our team is expanding as well. The members of the team bring many years of experience in open source, funding, technology, and software in the public and private sector, and are all driven by the mission of supporting digital infrastructure in the public interest.

We’re excited for each person who is part of this endeavor, and grateful for the skills, expertise, and knowledge they add to the organization.

Mirko Swillus and Theresa Röcher at the Bug Bounties & FOSS event in September 2024. (Alexander Rentsch)

The team at an off-site planning workshop in June 2024.

Powen Shiah, Lorenzo Sciandra, Mirko Swillus, Fiona Krakenbürger, Tara Tarakiyee, and Paul Sharratt at the Open Source Summit Europe in Vienna.

Our work has been accelerated thanks to SPRIND

Since the beginning, the Sovereign Tech Fund has been hosted and supported by SPRIND, Germany’s Federal Agency for Disruptive Innovation. SPRIND celebrated its five-year anniversary last week, and we’re thrilled that the Sovereign Tech Fund is part of their exciting story. We very much appreciate the ongoing support and work behind the scenes from the entire SPRIND team. They have made it possible for the Sovereign Tech Fund to hit the ground running: start up quickly, pioneer new approaches, and build up successful programs over the past two years.

As we progress and develop into an independent organization, this continued collaboration and connection with SPRIND is invaluable. Thanks for all the help and advice so far — and in the future!

Co-founder Adriana Groh on screen at the SPRIND 5-year anniversary in October 2024. (SPRIND / Felix Adler)

Looking towards 2025

The Sovereign Tech Fund was founded two years ago as a special initiative — the first of its kind — to increase the resilience of the open source ecosystem. This signified a new way of thinking about how the public interest, governments, and digital infrastructure are interconnected. Over the last year, we’ve made much progress towards becoming an independent and permanent organization, working closely with SPRIND and our partners at German Ministry for Economic Affairs and Climate Action, which funds us.

Last week, the budget committee of the Bundestag decided to increase the Sovereign Tech Fund's allocation by €4 million for next year. We're honored and thankful for the German Parliament's recognition of the importance of open source technologies, and for their continued trust in our work.


More articles

All articles