Open Source License Compliance and Work-for-Hire

A common question that I am asked in my seminar on license-compliant delivery of products that contain open source software is:

But what about a work-for-hire? We are a consulting company: As we work for our clients, and use open source software, do we have to create all those legal notices?

The answer, as so often is: It depends. With that, let’s tease the different situations apart.

Continue reading “Open Source License Compliance and Work-for-Hire”

Three Reasons Why Companies Are Creating Their Own Open Source Consortium

Most open source these days, certainly the most widely used open source, is developed by companies. Open source, by definition, is competitively non-differentiating, so companies can join forces in its development. To so do peacefully, however, they need good governance that preempts conflicts among the participating companies. Such governance is usually provided under the auspices of an open source foundation, of which the big three are the Apache Software Foundation, the Eclipse Foundation, and the Linux Foundation. Despite these existing foundations, many companies interested in developing a new open source software keep opting to create their own consortium.

Continue reading “Three Reasons Why Companies Are Creating Their Own Open Source Consortium”

Managing Your Open Source Supply Chain—Why and How? (Nikolay Harutyunyan, IEEE Computer Column)

I’m happy to report that the eigth article in the Open Source Expanded column of IEEE Computer has been published.

TitleManaging Your Open Source Supply Chain—Why and How?
KeywordsOpen source, software supply chain
AuthorsNikolay Harutyunyan, Friedrich-Alexander-University Erlangen-Nürnberg
PublicationComputer vol. 53, no. 6 (June 2020), pp. 77-81.

Abstract: More than 90% of software products include open source components, most of which are not directly added by your own developers. Instead, they are an inseparable part of the software supply chains that virtually all companies depend on. This article covers the related risks of ungoverned open source use and provides industry best practices to practitioners.

As always, the article is freely available (local copy).

Also, check out the full list of articles.

Is Inner Source Collaboration Like Shipping Boxes Between Companies? (Hint: No!!)

Most corporate compliance departments believe developer collaboration in inner source projects is like shipping boxes with stuff (products) between the involved parties, for example, companies in a holding. Therefore, they don’t have to change anything about tax accounting and transfer pricing.

They couldn’t be more wrong.

Continue reading “Is Inner Source Collaboration Like Shipping Boxes Between Companies? (Hint: No!!)”

Inner Source and Work-from-Home

Inner source is the use of open source best practices inside companies to develop shared components for use in the company’s products. Inner source software doesn’t have to become open source (but might). Like open source software development, inner source software development is inherently asynchronous, distributed, and multi-timezone.

Inner source is a match made in heaven for the new world of work-from-home.

All signals are clear: Many people love working from home, and developers are no exception. They will only return to the office, if forced, and it will come with a price for the company. Hence, those companies will be better off which can make work-from-home work out for their developers. This is in clear conflict with agile methods practices of co-location, regular stand-ups, etc.

Continue reading “Inner Source and Work-from-Home”

Teaching Software Product Management

Software product management is easily the least well understood yet most important business function in software companies. I have been teaching Software Product Management by Case for about ten years now, and it is time I change a gear or two. Hence, I’m asking whether anyone is interested in helping me teach this course, whether in small or large capacity. For details, please see this slide deck:

Ten Years of Student Startups

A main reason why I became a professor is to create and guide student startups, in general, and from my research projects in particular. It has been a bumpy ride, to say the least, but I guess, every learning curve is. Data points (startups) are still not plenty, but I can nevertheless discern some learnings. Without further ado, the usual bullet list of insights:

Learning is by person. Large companies can talk about organizational memory and capabilities building all they want, in a startup, knowledge walks in the door (and out) by person. A new person basically starts over and makes all the same mistakes the person they replace also made… two years later. So, avoid losing good people.

Continue reading “Ten Years of Student Startups”