Abstract: Virtually all software products incorporate free/libre and open source software (FLOSS) components. However, ungoverned use of FLOSS components can result in legal and nancial risks, and risks to a rm’s intellectual property. To avoid these risks, companies must govern their FLOSS use through open source governance processes and by following industry best practices. A particular challenge is license compliance. To manage the complexity of governance and compliance, companies should use tools and well-de ned processes. This paper investigates and presents industry requirements for FLOSS governance tools, followed by an evaluation of the suggested requirements. We chose eleven companies with an advanced understanding of open source governance and interviewed their FLOSS governance experts to derive a theory of industry requirements for tooling. We list tool requirements on tracking and reuse of FLOSS components, license compliance, search and selection of components, and architecture model for software products. For practical relevance, we cast our theory as a requirements speci cation for FLOSS governance tools. We then analyzed the features of leading governance tools and used this analysis to evaluate two categories of our theory: FLOSS license scanning and FLOSS components in product bills of materials.
Keywords: Open Source Software, FLOSS, FOSS, Open Source Governance, FLOSS governance tools, company requirements for FLOSS tools.
Reference: Harutyunyan, N., Bauer, A., & Riehle, D. (2019). Industry Requirements for FLOSS Governance Tools to Facilitate the Use of Open Source Software in Commercial Products. Journal of Systems and Software vol. 158 (2019), 110390.
Self-enlightened contributions to open source projects are (code) contributions that come about because a company chooses to contribute. The opposite is forced open sourcing, which typically happens when a reciprocal license like the GPLv2 forces a company to lay open some source code.
I’m happy to report that the third article in the new Open Source Expanded column of IEEE Computer has been published.
Open Source License Compliance–Why and How?
Open Source Software, Licenses, Software Packages
Hendrik Schoettle, Osborne Clarke, Munich, Germany
Computer vol. 52, no. 8 (August 2019), pp. 63-67
Abstract: Compliance with open source software (OSS) license requirements is necessary but often overlooked. This article explains how OSS license compliance differs from compliance with commercial software licenses, why it is necessary even though OSS is generally free, and what requirements have to be met with OSS.
I’m proud to report that we are finally providing our license compliance seminar to the general public: License-compliant Delivery of Software Products That Use Open Source Software (both a seminar and a handbook). Feel free to contact me if you are interested.
Abstract: This installment of Computer’s series exploring free and open source software confronts a pressing issue, free and open source software licenses: what they are, the rights they convey, and the restrictions they impose.
Here is the simplest eye-opener that I have found in my consulting practice to convince management of the need for an open source program office:
Ask your manager to look at the open source license section under legal notices on their mobile phone. Ask them to scroll down to the end (they’ll never finish). Then point out that your product needs the same but doesn’t have it yet (if it doesn’t).
The reasoning behind this recommendation is that many managers simply don’t understand the extent to which open source is in their products. There is no better demonstration than to show them using a device they use frequently.
I view open source mostly from an economic perspective. From this point of view, some of the words people use are curious. For example, people like to talk about “giving back” to the community or “donating a project” to the public. These idioms have community building power, like insider speak among those who speak it, but to non-insiders, they are mostly confusing.
I feel pretty certain that these idioms slowed down the growth and adoption of open source. So let me use the two I just picked as an example and translate them.
Abstract: Open source has given us many innovations. This article provides an overview of the most important innovations and illustrates the impact that open source is having on the software industry and beyond. The main innovations of open source can be grouped into four categories: Legal innovation, process innovation, tool innovation, and business model innovation. Probably the best known innovations are open source licenses, which also define the concept.
Keywords: Open source, open collaboration, open innovation, software industry, business models
Reference: Riehle, D. (2019, April). The Innovations of Open Source. Computer vol. 52, no. 4, pp. 59-63.
Open Source Expanded is the name of a new column (open-ended article series) that I’m editing for IEEE Computer Magazine. Expect a new article on open source and how it is changing the world every two months!
The first article on the innovations of open source was just published, kicking of the column. I could not negotiate an open license, however, all articles will be free to read and download.
A German trade magazine for IT professionals just published an article on the state of open source (in German). Yours truly and many others are featured in there, commenting (or lamenting) on how Germany needs to catch-up on open source, a propellant of digitalization, as the author notes.