ARM hasn’t been paying attention. While the rest of the world has turned to open source for essential infrastructure software, ARM’s Mbed operating system for the Internet of things (IoT) is proprietary, with just enough open source sprinkled in to attract developers.

ARM insists this is necessary to prevent Mbed from becoming fragmented, which is a reasonable concern. What may not be reasonsable, however, is relying on a proprietary operating system to dominate IoT.

Open source: Essential to IoT developers

While most focus on nodes as the big deal in IoT (26 billion devices by 2020, according to Gartner), the more important number is the total number of IoT developers. Today there are an estimated 300,000 IoT developers, with 70,000 developers working on Mbed, according to ARM.

But VisionMobile projects a 4.5 million-strong IoT developer population by 2020, which indicates a 57 percent compound annual growth rate and a major opportunity. The opportunity? To attract developers to the emerging IoT platforms.

She who has the most developers wins.

The problem with ARM’s approach, however, is that it seems to be stingy with one of the most critical ingredients of developer outreach: open source. While open source isn’t a panacea, it’s increasingly a must have for infrastructure software.

Given the magnitude of IoT’s importance, it’s no surprise that a bevy of open source and open standards initiatives have exploded to tackle it, like the AllSeen Alliance. After all, as Cloudera co-founder Mike Olson insists, “closed” is no longer an option for essential infrastructure:

There's been a stunning and irreversible trend in enterprise infrastructure. If you're operating a data center, you're almost certainly using an open source OS, database, middleware, and other plumbing. No dominant platform-level software infrastructure has emerged in the last 10 years in closed-source, proprietary form.

Olson’s conclusion? “You can no longer win with a closed-source platform.”

Didn’t ARM get the memo?

We want to save you from yourselves

According to ARM CTO Mike Muller, the company “wanted to make it easy to build these connected, secure, and simple platforms," and worries that opening up Mbed would expose it to the risk of fragmentation. It’s a fair concern, but in a developer-oriented world, “easy” increasingly rhymes with “open.”

Mbed is not open. Yes, it’s free, and that matters, as Tim O’Reilly has suggested. But free does not equal open -- and open matters more.

Some parts of Mbed are open source, like the SDK, which ARM says allows “developers [to] shar[e] thousands of open source repositories and build an extensive cookbook of recipes that can be reused to build their products.” While its device server is closed, it “utilizes open source protocols like CoAP/HTTP, MQTT, TLS/TCP, DTLS/UDP and OMALWM2M for data communication and device management.”

But most of the code is closed. Apparently only the on-ramps to Mbed need to be fully open source. Again, according to ARM, this is to protect the platform from fragmentation.

In other words, open is good. At least, when it involves other people giving ARM code.

Not that ARM has completely distanced itself from openness. Like Google Android before it, ARM’s Mbed has instituted a quasi-open development process, as the company mentions:

The development of Mbed OS happens directly with partners and in our open source beta channel. Based on our existing v2.0 platform, these major enhancements and changes will be regularly released ahead of the first full platform release to give early access and in-depth testing of the platform components.

Open for beta, closed for production seems to be the thinking. Or as open source software architect Justin Cormack indicates, Mbed “never had an open process [and is] very much throw-it-over-wall open source.”

The resemblance to Android is uncanny. Some claim Android is a highly closed open source project. Like Mbed, Android is developed by one company without much external input. So far, so like Android, right?

Except it isn’t -- not where it matters most. As open source luminary Brian Behlendorf once said, the cardinal right in open source is the right to fork. Unlike Mbed, Android can be (and has been) forked, or copied and turned into a competitive project.

While Google now appears to be using its Play services to limit Android fragmentation, the reality is that keeping its source code open was essential to its success, and it will remain so.

Don’t fear the fork

Regardless, ARM’s fear of forks is unwarranted. As researchers have shown recently, despite an explosion in open source projects, the number of forks has remained relatively constant ... and vanishingly small. This despite software forks proving to be consistently successful.

The reality is it’s a nontrivial undertaking to fork an open source project, and developers tend to avoid it at (almost) all costs, preferring collaboration to confrontation.

ARM’s Mbed project is promising, with technology that promises to resolve some of IoT’s biggest challenges, such as power consumption. But until it opens up, it’s hard to imagine the OS winning over many long-term developer converts even if it, like iOS in the smartphone market before it, manages to score early market share.