Part 3: OpenEXR Today
OpenEXR became an ASWF project in 2019. Today, Cary chairs OpenEXR’s Technical Steering Committee (TSC), which also includes Rod, Peter, and several other industry leaders. The TSC meets fortnightly on Zoom and is dedicated to maintaining OpenEXR as an open standard image format for entertainment content creation. The ASWF just released OpenEXR version 3.0 on April 1, introducing several new features and security improvements.
Cary Phillips: I’ve thought a lot about OpenEXR in the context of the broader mission of the ASWF. Open source projects go through a life cycle where they’re started by an expert team or an organization that works together to develop something that benefits not only that organization but that whole industry, so they share it – but at some point, no internal group is actively developing it anymore, and as a result the maintenance of it may start to languish. Florian and Rod had both left ILM and some colleagues took over the maintenance but it got progressively lower on the priority list. Part of the impetus for the formation of the ASWF was to address this very type of problem – when a piece of software exists that’s critical to the industry but no longer has a lot of active development on it. OpenEXR is a library that defines the core image representation in our industry, so it values dependability and continuity, as opposed to new advanced features. It’s not that the industry needs it to advance, they just need it to remain reliable as the software ecosystems around it evolve. That need is exemplified by the evolution of OpenEXR, and that’s one of the main things that led to the formation of the foundation.
Today, one of the TSC’s main priorities is security.
Cary Phillips: Before the ASWF was established, the responsibility for fixing bugs and addressing security issues was resting solely on ILM. Now that responsibility is shouldered by people throughout the industry which is a much better position to be in.
Peter Hillman: My current focus with OpenEXR is on library security. As OpenEXR becomes more widely adopted, there has been increased interest in security. An attacker could trick someone into opening a specially made OpenEXR image which exploits some bug in the library and use that to take control of the victim’s machine, or perhaps cause it to crash or slow down. Various teams are regularly testing the OpenEXR library in an effort to discover such issues. A common approach is to use fuzz testing, which is where we run randomly modified OpenEXR images through the library’s reading code to look for issues. Special flags in compilers enable sanitizers which perform extra integrity tests while the code runs to ensure it behaves correctly. When a team finds a file which causes an issue, they report it to us, and I look to see if I can fix the library to prevent the problem from occurring again.
Cary Phillips: One of the things we’ve dealt with a lot lately is that the OpenEXR library has been integrated into operating systems and software applications in a deep way, so fuzz testing is really crucial. OpenEXR is one of the few software projects within the ASWF that really faces this particular kind of challenge, and it faces it simply because it’s so widely used, there are so many packages that allow a user to load an OpenEXR image, they’re used in all kinds of applications outside of the film industry. So validating the security is really important and another kind of challenge that I think is uniquely suited to the ASWF. We’ve spent a lot of time fixing bugs that nobody at a VFX company is ever likely to suffer from. We fix these problems in order to validate that this library is safe to use, this file format is safe to use, within VFX or anywhere.
As the ASWF continues to shepherd OpenEXR forward, its key creators enjoyed the chance to reflect on the impact it has had on the industry, and to consider its future with its new home at the ASWF.
Florian Kainz: I think the biggest impact of OpenEXR is that it made floating point imagery, or high dynamic range imagery in general, popular for the visual effects industry.
Rod Bogart: It’s a lot to take credit for in that respect but I think it’s true. That was a very unpopular notion – everything kind of worked with integers, people were afraid of working with values over 1.0, but this made it just seem doable and possible and a lot of great things have come because of that. I think also, from an open source standpoint, it opened the door to make it seem possible to do open source projects. People could point to this and say “well OpenEXR’s doing okay,” so Sony could do their OpenColorIO thing, and other people could do their own other activities. I think we did pave a little bit of the way to make it clear that this isn’t a crazy thing to do for an entertainment company, as opposed to the more common case, which was for an individual to do open source.
Florian Kainz: I think that’s true for the motion picture industry. In other industries open source has been much more prevalent – Google for example participates in a lot of open source projects, producing its own open source software, contributing to projects started by others, and examining projects for security holes. Open source in general has become much more popular than it was 18 years ago.
Rod Bogart: Right, when we did this it was a very unusual thing to consider, but now it’s kind of normal and accepted and encouraged.
Florian Kainz: I think a difference is that people in VFX used to think about software as this big trade secret that we could sell. Nowadays, of course there are still lots of trade secrets, but there are bits of software where there’s no reason to keep them secret, and sharing this stuff with other people can actually give you advantages, for example peer review for security holes, or data interchange.
Rod Bogart: I think that’s important because one of the shifts that was happening in the industry around that time was that visual effects movies were getting big enough that one company didn’t do the a whole movie — that didn’t used to be the case, back in the earlier 1990s, but then things started to get more distributed. So exchanging imagery across facilities in a consistent way started to really matter. Having OpenEXR as an open source standard allowed people to do that a little bit cleaner.
Cary Phillips: When ILM recently turned OpenEXR over to the foundation, the next step was to form a Technical Steering Committee which is the group that takes responsibility for the library. It felt right for somebody from ILM to be a leading part of that effort because of its heritage, so that’s one of the things that led me to step up. The TSC draws people from all over the industry, so the state of the project now is very different from the early days where it was just a core ILM team. This speaks to the benefits of the ASWF as a forum for the industry to come together and collaborate and be of service to the community. And I think ultimately this industry has a unique quality to it. The nature of the work that we do, where artists who are producing images work really closely with engineers, where people are so completely dependent on each other, I think that fosters a real sense of teamwork and camaraderie. That experience, that dependency on your colleagues in order to create art, it’s a very special bond. That applies to the TSC now for OpenEXR, even across studios – there’s something about being a part of this that’s personally enriching and alluring.
Florian Kainz is now a Senior Computer Scientist at Adobe.
Rod Bogart is now a Senior Software Engineer and Lead Color Scientist at Epic Games.
Cary Phillips remains at ILM, where he currently holds the role of R&D Supervisor.
Peter Hillman remains at Weta Digital, where he serves as a Senior Software Developer.
Andrew Pearce remains at DreamWorks, where is the VP of Global Technology.
OpenEXR, a project at the ASWF, is an HDR image file format for high-quality image processing and storage, originally developed by Industrial Light & Magic (ILM) in 1999 to fill a demand for higher color fidelity in VFX. Released to the public in 2003, it is one of the earliest open source software projects specific to VFX and set the industry on a new course. We caught up with some of OpenEXR’s key contributors from throughout the years to compile an oral history of the development, evolution, and ongoing impact of this groundbreaking file format.
Special thanks to Florian Kainz, Rod Bogart, Cary Phillips, Peter Hillman, and Andrew Pearce for taking the time to share their stories with the ASWF. Read part one of the OpenEXR Origin Story here. Read part two of the OpenEXR Origin Story here.