Written by Aashish Aryan | New Delhi | Updated: May 28, 2020 7:42:51 am Aarogya Setu is a contact-tracing app developed by the National Informatics Centre (NIC) under the Ministry of Electronics and Information Technology. (File Photo)

On Tuesday, the Ministry of Electronics and Information Technology announced that it has released the source code of Aarogya Setu app to promote transparency and collaboration with the software developer community. The IT Ministrys move came in the wake of demands from cyber law experts and critics who had said the app was too closed in nature and without adequate data protection measures.

What does an open-source software mean?

Software can be divided into two broad categories, proprietary and open source.

Any software that has to be bought or licensed from the creator of the software is called a proprietary or closed-source software. Examples include Microsoft Windows, Google Earth and Adobe Photoshop. The intellectual property rights of the software, even if bought or licensed, remains with the creator.

Open-source software requires no licensing and need not be bought. Its source code is open for everyone to download, examine, redistribute, and improve upon if they can, with an acknowledgment to the original software coder or the company. Examples of such software are WordPress, VLC Media Player, and the Mozilla browser.

Express Explainedis now onTelegram. Clickhere to join our channel (@ieexplained)and stay updated with the latest

Why has the source code of Aarogya Setu been made public?

When launching the app on April 2, the IT ministry had explicitly mentioned in the terms of use that no one was allowed to reverse-engineer the app or alter with the coding of the app. This led to critics questioning whether the app could be used for surveillance and go beyond its mandate of contact tracing. Cyber law experts and the software developer community called upon the government to allow reverse engineering and also publish the source code of the app so that it could be seen by anyone.

Read |Mandating use of Aarogya Setu app illegal, says Justice B N Srikrishna

While releasing the source code on Tuesday, the government said it was doing so to promote transparency and ensure security and integrity of the app. The source code, the government said, was released in line with its Policy on Adoption of Open Source Software for Government of India.

Does that address security and privacy concerns?

It is too early to tell, say experts. Now that the source code has been released, software developers from around the world will be able to go through the code and point out vulnerabilities or fix loopholes, if any, by writing fresh codes and suggesting these to the government, Udbhav Tiwari, Public Policy Advisor at Mozilla said.

Besides, the government has not yet released the server-side code of the app. Kazim Rizvi, founder of policy think-tank The Dialogue, said the server-side code must be released to further assuage privacy and security concerns.

Also read |Aarogya Setu: Who can access your data, and when?

With the opening up of the source code for developers as well as the announcement of a bounty scheme for finding bugs in the Aarogya Setu app, the government has opened itself to scrutiny of coders across the world. This will, however, restore some faith in skeptical minds as they can now read and understand the code for themselves. It will also help in assuaging the data privacy and security concerns surrounding the app.

What purpose will open-sourcing the server-side code serve?

Any applications or functionalities on mobile phones and other handheld devices need Internet connectivity to run. Sending and processing of such data is done on the server. By having access to the server-side data, individuals can check whether the data provided to the app is flowing directly to the dedicated servers or not. If not, either the discrepancy can be reported or clarifications can be sought from the government.

The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines

For all the latest Explained News, download Indian Express App.

The Indian Express (P) Ltd

More:
Explained: What making Aarogya Setu open-source means - The Indian Express

Editors note: Nicole Catchpole is Senior Analyst at Technology Business Research.

HAMPTON, N.H. The open source proposition has been embedded in Red Hats roots since the companys founding in 1993 and has since remained at the core of its guiding principles, with Linux operating system (OS) at the heart of all its innovations. Vendor loyalty and clearly charted paths were the mantras many companies operated on for years, while digital transformation was barely on an enterprises short-term road map.

Then a decade ago, cloud adoption surged, creating the impetus to embrace more agile and flexible development models, and open source technologies emerged.

While business models centered on open source software have proved challenging for many, Red Hats pre-established culture and leadership around open source communities solidifies the Raleigh-based Red Hatbrand, paving the way for rapid scale, as the company has captured over 90% of the Fortune 500 as clients and in 2019 became the first open source-defined company to reach $3 billion in annual revenue.

Inside IBM: Partnerships with India-based peers, Red Hat mean cloud opportunities

During a recent conference, Products and Technologies EVP Matt Hicks discussed how Red Hat is leveraging its foundational strengths in an open hybridcloudapproach, which, by virtue of being open, goes beyond technology and extends to processes, cultures and transformation, to further differentiate.

[Hybrid cloudis acloudcomputing environment that uses a mix of on-premises, privatecloudand third-party, publiccloudservices with orchestration between the two platforms, according to WhatIs.com]

Red Hat is releasing new offerings to capture opportunities around hybrid infrastructures, application development and management while rapidly scaling up the integration of technologies such as AI and edge, bolstered by collaborative engines like its Innovation Labs.

Originally scheduled to be hosted in San Francisco, Red Hat Summit 2020 went virtual and offered participants numerous opportunities to virtually engage in hands-on labs, converse with industry leads and hear from Red Hat customers, and it did so while maintaining the spirit of openness and collaboration for which Red Hat is known.

While the topic of COVID-19 did not overtly dominate the discussions or significantly color the overarching Red Hat messaging, it became clear that the ability to pivot rapidly, embrace change and remain flexible will underscore Red Hats efforts to successfully promote transformation amid the pandemic. Red Hats reputation has historically been predicated on its open and agile approach to development and deployment, long before such attributes were considered valuable, let alone essential.

Register to view this content in full.

(C) TBRI

More here:
Inside Red Hat: Its open source heritage means big opportunity in cloud computing - WRAL Tech Wire

How many vulnerabilities lurk inside the bazillions of open source libraries that todays developers happily borrow to build their applications?

Predictably, the answer is a lot, at least according to application security company Veracode which decided to scan 85,000 applications to see how many flaws it could turn up in the 351,000 libraries used by them.

All told, around seven in ten applications had a security vulnerability traceable to one or more of those libraries, which might come as a shock to the developers who thought they were getting something for free.

But as the companys State of Software Security (SOSS): Open Source Edition aptly puts it:

That free puppy that you adopt still needs to be fed, walked, and taken to the vet.

However, how much walking application users will end up doing varies considerably depending on the language used to create it, with JavaScript software using the most open source libraries over 1,000 in some cases.

At the other end of the scale was Python, using a hundredth the number of libraries as JavaScript applications, with .NET, Java, and Ruby somewhere in between.

When it came to flaws in the libraries themselves, the greatest density was found in PHP and Swift, the latter a specialised language used in Apple development. Again, despite the size of .NET, it had the lowest percentage of flaws of any library.

Nearly 30% of flaws were Cross-Site Scripting (XSS), with PHP (27.1%), Java (15.7%), and .NET (14.2%) manifesting the highest number of public proof-of-concept exploits. The equivalent figure for JavaScript was only 6.5%.

Importantly, many flaws are never assigned a Common Vulnerabilities and Exposures (CVE) ID, with six out of ten JavaScript vulnerabilities falling into this category.

That means developers cant just add up CVEs to get some idea of which libraries and languages represent the biggest risk.

Nevertheless, this analysis suggests that if a generalisation can be made its that Java, JavaScript and Python are the library languages that cause flaw counts in applications to rise.

So how might developers counter flaws in libraries?

The good news is that three quarters can be fixed with a minor non-breaking update that can be implemented to the library without causing wider disruption to the application this held true even for almost all the most concerning one percent of flaws that might be being actively exploited.

Veracode chief research officer Chris Eng commented:

Open source software has a surprising variety of flaws. An applications attack surface is not limited to its own code and the code of explicitly included libraries, because those libraries have their own dependencies.

But as long as developers realise this and apply fixes, they can reduce the risk.

Theres also the issue of how many people are out there looking for flaws on everyone elses behalf. Right now, thats become a popular pastime, with at least one recent report finding that the number of flaws in open source software reached a record 6,000 in 2019.

Open source libraries have become a ubiquitous part of software development. Flushed by the success of this, the next battle is to make sure that doesnt create problems for the near future.

See the original post here:
Open source libraries a big source of application security flaws - Naked Security

On the internet there are many sites that perform an exchange function, exchange currency with a commission. In these spaces you can speculate on the oscillations. Once you buy in bitcoin then then does the coin become impossible to trace?

Yes and no: if I buy an asset whose value fluctuates and sell it with a profit, then it will be up to me to declare (or not) the capital gain. But once turned into bitcoin, isn't it money that is no longer traceable?

No, the exchange accounts are verified with an identity card and often with proof of residence, you are super-registered. Then, in the network there are various mixing systems - as it is called - that allow you to lose track of who bought what.

We at bitcoin speak as if it were a simple coin, but in reality all this is made possible by the blockchain database, which gives a series of guarantees to the algorithm.

Rules for bitcoin

To be a currency, it must respect certain rules - it cannot be duplicated, it must be expendable only by those who have it. These are problems of an economic nature: bitcoin has developed despite not being a currency due to a question of trust between the parties. That said, the block chain is nothing more than a chain of transactions. The miner cannot mine a block that does not exist, which does not belong to the chain that started in 2008. To resolve a block, the miner must make sure that the block is part of the chains.

For https://de.bitcoinscycle.com, it was still slightly profitable. It was still little more than a game, I had made a small investment but I was able to return. There is talk of two or three years ago, and the mining market had not yet closed in favor of the big miners. Just in the hours before the Brexit referendum vote, there was a noticeable drop in bitcoin - by 23% - and then immediately afterwards there was a boom in return. In finance, it is a fairly usual thing. What exactly happened in those days?

Although bitcoin in times like these can be considered a safe haven asset, let's remember that its total capitalization is around 10 billion dollars.

They are nothing compared to the capitalization of assets, of government bonds circulating in global finance. It can be a forcing to say that it is mathematical that when there is a mistrust crisis, bitcoin automatically goes up. When it seemed that they remain winning bitcoin had gone down - even the stock exchanges had closed higher. As a result, bitcoin was doomed to go down because it reversed the trend - you could see how it could have returned to a stable downturn, but not. It was brought up precisely by the volumes pushed in those days there and that I personally experienced that night.

There is talk of halving daily bitcoin production. What's up? Because? Who decides it?

Bitcoin work as open source software:

Bitcoin is open source software that runs on nodes distributed on the network.

The process is followed by a remarkable developer community - also thanks to them bitcoin is the leading cryptocurrency.

In January, there was an important discussion about the size in megabytes of the block in which transactions are threaded every ten minutes, and this could even lead to a fork in the chain - there were Chinese people who wanted to use one standard over another, but in the end nothing was done.

This is to say that nobody has decided, if not the programmers who initially thought the software. The halving every 4 years balances the distribution of money, so that by 2020 80% of bitcoins will be mined. The rest will be mined in 100 years with a relatively low mining speed - there is talk of 6 bitcoins approximately every 20 minutes since 2021. Most of the coins are being created now, when the development of the currency and the demand become substantial. With the new coin existence profit also get increased.

Continue reading here:
Bitcoin Is Open Source Software That Runs on Nodes Distributed on The Network - Siliconindia.com

The open source movement has changed the way we make software. The developer community always has access to publicly available code to edit and improve software quality.

A good deal of mission-critical software is open source today. The Linux operating system is probably the poster child for open source development. Kubernetes and Docker are open source too. And of course Microsoft a company that historically never met a piece of free code it didnt like has made open source strides. The entire source code for .NET the essential framework for programming in a Windows environment is open source. This includes not only the cross-platform versions of the core libraries, but also the common language runtime code, which allows developers to write .NET code is a variety of programming languages.

The pull request process plays a major role in open source software development. But how could it work outside those walls?

The value proposition for open source hinges around if a projects code is exposed to the public, it will create a community of developers interested in the code at a very detailed level. As more developers learn the details of the software, theyll ideally see opportunities to improve and add to the codebase. Some developers might contribute out of a sense of community while others do so to boost their ego. In any case, its a typical case of how a rising tide raises all boats. In the developer sense, the boats might be big-name companies such as Red Hat, Google or Amazon, which only adds to the movements viability.

While anybody can contribute to an open source project, it doesnt necessarily mean that every contribution will be a good one.

For example, as good as my Node.JS programming skills might be and on a good day they can be quite good do you really want me to have my way with the Docker engine source? First off, I dont have any real expertise with Go the language in which Docker and the Docker engine are written beyond writing a Hello World. Second, even if I could program effectively in Go, I dont have the proper understanding about the Docker engine required to make a useful contribution. But as the saying goes, give a developer a source code editor, a compiler and an internet full of documentation and the next thing you know, for better or worse, youll have code that wants to make its way into the world.

How do we make sure that all the open source code that wants to make its way into the world is actually good and production-ready? This is where the pull request process come in.

The pull request process starts when I write some code that I think has value to an open source project. Then I submit my code to the project via a pull request. A pull request is a mechanism that says to the project maintainers, hey, heres some code Ive made. Please look at it and see if it meets your quality standards and has value. If it does, please merge it to the code base.

The projects maintainers a group of experts on the projects code look at what Ive done. If the code makes the grade, it gets merged into the codebase. If not, the maintainers make comments about what I need to do to get the code into an acceptable state. I take their comments and go back to the drawing board, so to speak.

The beauty of the pull request process is that anybody can attempt to contribute to an open source project. The mechanics of the pull request provide the high degree of quality control necessary to make sure that contributions meet development standards and provide actual benefits to the project overall.

The pull request process creates a merit-based style of software development. It doesnt matter if the contributor is a high school student or owns a Ph.D. Want does matter is the quality and ingenuity of the code.

More companies now incorporate the pull request as the mechanism how new code is added to a companys codebase. The developer writes the code, creates the pull request with features that are typically built into modern source control management tools such as GitHub or Bitbucket and then awaits a response. The code gets merged or is sent back for improvement.

One nice thing about the pull request process is that when its done properly, its impersonal. All that matters is the code and the thinking behind the code. There wont be never-ending code review sessions that pick over each line of code youve written. In fact, if the corporate culture is benevolent and focuses on always helping a developer improve, a denied pull request can motivate and energize the developer.

Theres no doubt that the pull request is a powerful tool. Imagine what it would be like if organizations outside of IT used it.

Imagine what it would be like if a piece of legislation could be subject to a pull request. Interested parties could use the pull request to make suggestions on how to improve a piece of legislation. Then legislations maintainers in this example, the bills sponsors would review the proposed modifications. If the additions have value, theyre added into the bill. If there are shortcomings, the maintainers make comments and send the pull request back to the originators for revision.

Remember, the beauty of a pull request is that the value of the submission is judged on its merit. The status, background and other personal information about the submission have little if no affect determining the pull requests value. All that counts is the merit of the idea and just as importantly, the entire process is open and subject to public scrutiny.

We in the software business have come to understand the value of the pull request. The process is part of just about every open source project in the modern digital ecosystem today. If the pull request became a part of the legislative process it will create not only embed the spirit of continuous improvement in lawmaking but also make it so that any citizen can contribute beyond the ballot box.

Continue reading here:
Why the pull request process could work beyond development - Coffee Talk: Java, News, Stories and Opinions - TheServerSide.com

In this edition of the Embedded Insiders, Brandon and Rich wonder how the COVID-19 pandemic has been affecting the tech sector, both from a financial perspective and with regards to the productivity of engineers now working at home. Are those engineers executing, innovating, or just relaxing?

Later, Rich interviews Jean Labrosse, formerly a distinguished engineer and software architect at Silicon Labs. Jean shares some somewhat unpopular viewpoints on open source software in response to an Embedded Executives podcast with Gurjot Singh of Lynx Software Technologies in late April. Who can guarantee that open source software will work every time, all the time? And, what does that mean for open source in critical applications?

Finally, the Insiders circle back to highlight the Best-in-Show Winners from Embedded World 2020.

Tune in.

Brandon Lewis, Editor-in-Chief of Embedded Computing Design, is responsible for guiding the property's content strategy, editorial direction, and engineering community engagement, which includes IoT Design, Automotive Embedded Systems, the Power Page, Industrial AI & Machine Learning, and other publications. As an experienced technical journalist, editor, and reporter with an aptitude for identifying key technologies, products, and market trends in the embedded technology sector, he enjoys covering topics that range from development kits and tools to cyber security and technology business models. Brandon received a BA in English Literature from Arizona State University, where he graduated cum laude. He can be reached by email at brandon.lewis@opensysmedia.com.

Read more here:
Embedded Insiders: Tech in the Age of Pandemic-Driven Telecommuting - Embedded Computing Design

Most of us would have faced the issue of searching for a location without proper address on Google maps. Now, with a single tap on the blue dot, you can get the location code to an address, and share the alphanumeric code with others.

The Cybercrime Support Network and Google have partnered to develop an initiative to educate users on identifying and stopping online scams.

The Family Link app has two new improvements all with the latest Chrome OS update.

Microsoft and Google have collaborated to improve the spell check experience of Chrome and Edge browser users.

And lastly, Trump vs Twitter battle continues.

Share your location using Plus Codes

There have times when the address of the particular is not available. Lack of address information makes it hard to get products delivered to some locations.

Plus Codes was launched to solve that challenge. They are simply digital addresses formed using latitude and longitude coordinates. They reveal the location as an alphanumeric code.

You can now share your location information using Plus Codes on the Google Maps.

On the map, you will find a blue dot, which represents your current location. A tap on the dot, reveals the alphanumeric code. That can be copied and shared with others, like giving your phone number.

The codes will look similar to a regular address, except it wont have street name or number. Instead of it, it will have a code followed by city and state names.

In case you wish to know the code for another location, you have to move the blue dot to that place on the map. After placing there, just tap for the code.

These location codes can be accessed on regular search and on the map.

Plus codes are generated using open source software, and they are free to use, available offline, and can be printed on paper.

To use plus codes, update your Google Maps Android app in the next few weeks.

Stopping online scamsters

Consumers lost over $1.9 billion to online scams in 2019, according to US Federal Trade Commission. This means that about $3,600 is conned away every minute to scammers who hunt for victims with calls or emails.

In 2020, scammers are expected to steal over $2 billion, according to Scam Spotter, an initiative designed to help scam victims.

The scammers use different identities ranging from health experts to romantic partners, to lure consumers into sharing personal information or giving away cash.

That is why Scam Spotter is spreading knowledge on how people can identify scams, and stop them. The initiative is supported by Google and Cybercrime Support Network.

The team gets information from Google on common patterns adopted by scamsters, and provides practical advice to users on how not to fall prey to attacks.

Using that information, Scam Spotter has categorised scams and crafted three simple rules: to slow down, spot check, and dont send.

These golden rules help users to know what to do when they encounter an online scam.

While online scams are most prevalent among millennials, the biggest losers are seniors, with a median loss of double the average, Vint Cerf, Chief Internet Evangelist at Google, said.

Chromes new OS update for Family Link app

Google has made two updates to its Family Link app for Chromebook users. These improvements will be part of the new Chrome OS update.

Family Link app helps parents manage their childrens screen time, particularly on Google. The app gives parents control to set rules on screen time on phones, tablets and Chromebooks.

With the new OS update, Google will allow kids to download extensions from Chrome Web store. It will also set an option to limit usage time on apps downloaded from Play Store.

Parents can control what their wards download and the amount of time they spend of each app from the Family Link app.

The downloads happen after parents approve apps from Google Play Store for their childs account.

These improvements help children to browse and look up apps that might be of interest to them. And at the same time, parents hold the final okay for app to be installed on the Chromebook.

The in-app time restriction update will help parents to make their childs screen time in balance. This means they can allocate time for both educational and fun activities.

Approving extensions is simple. Parents just need to type in their password on the supervised Chromebook.

Trump vs Twitter continues

The short messaging platform Twitter has become a battleground lately, where 280 character-tweets are fired by President Trump.

Since Trumps mail-in ballots tweets were fact checked by Twitter, the President has taken it upon himself to remove the protection social media firms have under Section 230 of the Communications Decency Act.

In the most recent issue, Twitter has marked Trumps tweet on violence at Denver, Colorado as glorifying violence.

These THUGS are dishonoring the memory of George Floyd, and I wont let that happen. Just spoke to Governor Tim Walz and told him that the Military is with him all the way. Any difficulty and we will assume control but, when the looting starts, the shooting starts. Thank you, the president tweeted.

That tweet can be seen by twitterati; but cant be retweeted or replied to directly.

The tweet can be retweeted with a comment, which means the messages reach will be limited.

Microsoft, Google collaborated to improve spellcheck

Microsoft and Google partnered to improve the Chrome and Edge browsers spellcheck experience, TheVerge reported.

A built-in Windows spellcheck feature now powers the latest versions of Edge and Chrome browsers.

The built-in feature will provide better support for URLs, acronyms, additional languages and dialects, a shared custom dictionary, and email addresses.

Earlier version of Windows spell check used open-source proofing tools, which lack the above benefits.

This feature was developed as a collaboration between Google and Microsoft engineers in the Chromium project, enabling all Chromium-based browsers to benefit from Windows Spellcheck integration, Microsoft said in a blog post.

The new spellcheck feature is available in Microsoft Edge starting with version 83, it added.

For most users, no action is required to set up spell checking as it will automatically update based on preferred language settings from Windows.

Read more:
Todays cache | Location sharing using Plus Codes, and more - The Hindu

Although the coronavirus pandemic has dominated recent headlines, climate change hasnt gone away. Many experts are calling for a green economic recovery that directs investments into low-carbon energy sources and technologies.

Buildings account for 40% of total energy consumption in the U.S., compared to 32% for industry and 28% for transportation. States and cities with ambitious climate action plans are working to reduce emissions from the building sector to zero. This means maximising energy efficiency to reduce building energy use, and then supplying the remaining energy needs with electricity generated by carbon-free sources.

My colleagues and I study the best ways to rapidly reduce carbon emissions from the building sector. In recent years, construction designs have advanced dramatically. Net zero energy buildings, which produce the energy they need on site from renewable sources, increasingly are the default choice. But to speed the transition to zero carbon emissions, I believe we must think bigger and focus on designing or redeveloping entire communities that are zero energy.

Tackling energy use in buildings at the district level provides economies of scale. Architects can deploy large heat pumps and other equipment to serve multiple buildings on a staggered schedule across the day. Districts that bring homes, places of work, restaurants, recreation centres and other services together in walkable communities also significantly reduce the energy needed for transportation. In my view, this growing movement will play an increasingly important role in helping the U.S. and the world address the climate crisis.

Heating and cooling are the biggest energy uses in buildings. District design strategies can address these loads more efficiently.

District heating has long been used in Europe, as well as on some U.S. college and other campuses. These systems typically have a central plant that burns natural gas to heat water, which then is circulated to the various buildings.

To achieve zero carbon emissions, the latest strategy uses a design known as an ambient temperature loop that simultaneously and efficiently both heats and cools different buildings. This concept was first developed for the Whistler Olympic Village in British Columbia.

In a typical ambient loop system, a pump circulates water through an uninsulated pipe network buried below the frost line. At this depth, the soil temperature is near that of the yearly average air temperature for that location. As water moves through the pipe, it warms or cools toward this temperature.

Heat pumps at individual buildings or other points along the ambient loop add or extract heat from the loop. They can also move heat between deep geothermal wells and the circulating water.

The loop also circulates through a central plant that keeps it in an optimum temperature range for maximum heat pump performance. The plant can use cooling towers or wastewater to remove heat. It can add heat via renewable sources, such as solar thermal collectors, renewable fuel or heat pumps powered by renewable electricity.

One example of a potentially zero-energy district currently being developed, the National Western Center, is a multi-use campus currently under construction in Denver to house the annual National Western Stock Show and other public events focused on food and agriculture.

A 6-foot-diameter pipe carrying the citys wastewater runs underground through the property before delivering the water to a treatment plant. The water temperature stays within a narrow range of 61 to 77 degrees F throughout the year.

The wastewater pipe and a heat exchanger transfer heat to and from an ambient loop circulating water throughout the district. The system provides heat in winter and absorbs heat in the summer via heat recovery chillers, which are heat pumps that can simultaneously provide heating and cooling. This strategy serves individual buildings at very high efficiency.

Electricity used to operate the heat pumps, lighting and other equipment will come from on-site photovoltaics and wind- and solar-generated electricity imported from off-site.

Another district that will minimize carbon emissions is the Whisper Valley Community, under construction in Austin, Texas. This 2,000-acre multi-use development includes 7,500 all-electric houses, 2 million square feet of commercial space, two schools, and a 600-acre park. Its design has already received a green building award.

Whisper Valley will run on an integrated energy system that includes an extensive ambient loop network heated and cooled by heat pumps and geothermal wells located at each house. Each homeowner has the option to include a 5-kilowatt rooftop solar photovoltaic array to operate the heat pump and energy-efficient appliances, including heat pump water heaters and inductive stovetops. According to the developer, Whisper Valleys economy of scale allows for a median sale price US$50,000 below that of typical Austin houses.

The National Renewable Energy Laboratory, Lawrence Berkeley National Laboratory, and other project partners are developing an open source software development kit called URBANopt that models elements of zero energy districts, such as building efficiency/demand flexibility strategies, rooftop photovoltaic arrays, ambient loop district thermal systems. The software can be integrated into other computer models to aid in the design of zero energy communities. NREL engineers have been engaging with high-performance district projects across the country, such as the National Western Center, to help inform and guide the development of the URBANopt platform.

The projects Ive described are new construction. Its harder to achieve net zero energy in existing buildings or communities economically, but there are ways to do it. It makes sense to apply those efficiency measures that are the most cost-effective to retrofit, convert building heating and cooling systems to electricity and provide the electricity with solar photovoltaics.

Utilities are increasingly offering time-of-use rate schedules, which charge more for power use during high demand periods. Emerging home energy management systems will allow home owners to heat water, charge home batteries and electric vehicles and run other appliances at times when electricity prices are lowest. Whether were talking about new or existing buildings, I see sustainable zero energy communities powered by renewable energy as the wave of the future as we tackle the climate change crisis.

Charles F. Kutscher, Fellow and Senior Research Associate, Renewable & Sustainable Energy Institute, University of Colorado Boulder

This article is republished from The Conversation under a Creative Commons license. Read the original article.

Excerpt from:
Buildings consume lots of energy here's how to design whole communities that give back as much as they take - The Mandarin