Open Source License Inconsistencies on GitHub [TOSEM Journal]

Abstract: Almost all software, open or closed, builds on open source software and therefore needs to comply with the license obligations of the open source code. Not knowing which licenses to comply with poses a legal danger to anyone using open source software. This article investigates the extent of inconsistencies between licenses declared by an open source project at the top level of the repository, and the licenses found in the code. We analysed a sample of 1,000 open source GitHub repositories. We find that about half of the repositories did not fully declare all licenses found in the code. Of these, approximately ten percent represented a permissive vs. copyleft license mismatch. Furthermore, existing tools cannot fully identify licences. We conclude that users of open source code should not only look at the declared licenses of the open source code they intend to use, but rather examine the software to understand its actual licenses.

Continue reading “Open Source License Inconsistencies on GitHub [TOSEM Journal]”

Challenges of Working From Home in Software Development During COVID-19 Lockdowns [TOSEM Journal]

Abstract: The COVID-19 pandemic of 2020-2022 and the resulting lockdowns forced many companies to switch to working from home, swiftly, on a large scale, and without preparation. This situation created unique challenges for software development, where individual software professionals had to shift instantly from working together at a physical venue to working remotely from home. Our research questions focus on the challenges of software professionals who work from home due to the COVID-19 pandemic, which we studied empirically at a German bank. We conducted a case study employing a mixed methods approach. We aimed to cover both the breadth of challenges via a quantitative survey, as well as a deeper understanding of these challenges via the follow-up qualitative analysis of fifteen semi-structured interviews. In this paper, we present the key impediments employees faced during the crisis, as well as their similarities and differences to the known challenges in distributed software development (DSD). We also analyze the employees’ job satisfaction and how the identified challenges impact the job satisfaction. In our study, we focus on challenges in collaboration, communication, management, and tooling. The findings of the study provide insights into this emerging topic of high industry relevance. At the same time, the study contributes to the existing academic research on work from home and on the COVID-19 pandemic aftermath.

Continue reading “Challenges of Working From Home in Software Development During COVID-19 Lockdowns [TOSEM Journal]”

Management Accounting Concepts for Inner Source Software Engineering [ICSOB 2022]

Abstract: Inner source software development is the use of open source development’s best practices inside a company. In inner source, developers collaborate on reusable software components across company-internal organizational silo boundaries for mutual benefit. As such, inner source goes against the grain of traditional management techniques. In this article, we present two conceptual models of management accounting for inner source. We derived these prototypes by performing a literature review and triangulating the results with interviews of industry practitioners. We demonstrate how the conceptual models can be used for monitoring and controlling inner source projects and to determine their future viability.

Continue reading “Management Accounting Concepts for Inner Source Software Engineering [ICSOB 2022]”

A Research Model for the Economic Assessment of Inner Source Software Development [HICSS 2023]

Abstract: Inner source is the use of open-source practices within companies. It enables more efficient software development, shortens time-to-market, and lowers costs through increased company-internal collaboration. While existing studies examine social and organizational impact factors on inner source adoption, only a few have looked at measuring and economically assessing inner source. This article presents an overview of current research regarding inner source, its measurement, economic assessment, and impact on businesses and their processes. Based on a systematic literature review we build a research model for economic inner source assessment. This research model shows thematic dependencies between the economic impact of inner source and its measurement. Additionally, it proposes research questions and hypotheses on measuring, economically assessing, and subsequently adopting inner source.

Continue reading “A Research Model for the Economic Assessment of Inner Source Software Development [HICSS 2023]”

Open Source Software Governance: A Case Study Evaluation of Supply Chain Management Best Practices [HICSS 2023]

Abstract: Corporate open source governance aims to manage the increasing use of free/libre and open source software (FLOSS) in companies. To avoid the risks of the ungoverned use, companies need to establish processes addressing license compliance, component approval, and supply chain management (SCM). We proposed a set of industry-inspired best practices for supply chain management organized into a handbook. To evaluate the handbook, we ran a one-year case study at a large enterprise software company, where we performed semi-structured interviews, workshops, and direct observations. We assessed the initial situation of open source governance, the implementation of the proposed SCM best practices, and the resulting impact. We report the results of this study by demonstrating and discussing the artifacts created while the case study company implemented the SCM-focused governance process. The evaluation case study enabled the real-life application and the improvement of the proposed best practices.

Continue reading “Open Source Software Governance: A Case Study Evaluation of Supply Chain Management Best Practices [HICSS 2023]”

A Solution for Automated Grading of QDA Homework [HICSS 2023]

Abstract: Teaching research methods is important in any curriculum that prepares students for an academic career. While theoretical frameworks for qualitative theory building can be adequately conveyed through lecturing, the practices of qualitative data analysis (QDA) cannot. However, using experiential learning techniques for teaching QDA methods to large numbers of students presents a challenge to the instructor due to the effort required for the grading of homework. Any homework involving the coding of qualitative data will result in a myriad of different interpretations of the same data with varying quality. Grading such assignments requires significant effort. We approached this problem by using methods of inter-rater agreement and a model solution as a proxy for the quality of the submission. The automated agreement data serves as the foundation for a semi-automated grading process. Within this paper, we demonstrate that this proxy has a high correlation with the manual grading of submissions.

Continue reading “A Solution for Automated Grading of QDA Homework [HICSS 2023]”

Challenges to Open Collaborative Data Engineering [HICSS 2023]

Abstract: Open data is data that can be used, modified, and passed on, for free, similar to open-source software. Unlike open-source, however, there is little collaboration in open data engineering. We perform a systematic literature review of collaboration systems in open data, specifically for data engineering by users, taking place after data has been made available as open data. The results show that open data users perform a wide range of activities to acquire, understand, process and maintain data for their projects without established best practices or standardized tools for open collaboration. We identify and discuss technical, community, and process challenges to collaboration in data engineering for open data.

Continue reading “Challenges to Open Collaborative Data Engineering [HICSS 2023]”

Problems, Solutions, and Success Factors in the openMDM User-Led Open Source Consortium [CAIS Journal]

Abstract: Open-source software (OSS) development offers organizations an alternative to purchasing proprietary software or commissioning custom software. In one form of OSS development, organizations develop the software they need in collaboration with other organizations. If the software is used by the organizations to operate their business, such collaborations can lead to what we call “user-led open-source consortia” or “user-led OSS consortia”. Although this concept is not new, there have been few studies of user-led OSS consortia. The studies that examined user-led OSS consortia did so through the lens of OSS, but not from the inter-company collaboration perspective. User-led OSS consortia are a distinct phenomenon that share elements of inter-company collaboration, outsourcing software development, and vendor-led OSS development and cannot be understood by using only a single lens. To close this gap, we present problems and solutions in inter-company collaboration, outsourcing, and OSS literature, and present the results of a single-case study. We focus on problems in the early phases of a user-led open-source consortium, the openMDM consortium, and the solutions applied to these problems. Furthermore, we present the factors which lead this consortium to sustained growth.  

Continue reading “Problems, Solutions, and Success Factors in the openMDM User-Led Open Source Consortium [CAIS Journal]”

The Benefits of Pre-Requirements Specification Traceability [RE 2022]

Abstract: Requirements traceability is the ability to trace requirements to other software engineering artifacts. Traceability can be classified as either pre- or post-requirements specifications (RS) traceability. Pre-RS traceability is the ability to trace between requirements and their origin. However, the benefits of pre-RS traceability are often not clear. In this article, we systematically lay out the benefits of pre-RS traceability. We present results from both a literature review and a qualitative survey of practitioners involved with documenting and utilizing such trace links. We find that the benefits strongly depend on the practitioners, their tasks, and the project environment. Awareness of these relationships supports a clearer understanding of the benefits of pre-RS traceability and thus motivates successful implementation of the required practices. The results of our research motivates the adoption of pre-RS traceability and present problem areas for future research.

Continue reading “The Benefits of Pre-Requirements Specification Traceability [RE 2022]”

The Open Source Distributor Business Model [Computer Magazine]

I’m happy to report that the 18th article in the Open Source Expanded column of IEEE Computer has been published.

TitleThe Open Source Distributor Business Model
KeywordsOpen source distributor, open source distribution, open source business model, open source sustainability
AuthorsDirk Riehle
PublicationComputer vol. 54, no. 12 (December 2021), pp. 99-103

Abstract: This article defines and discusses one particular commercial open source business model, called the (open source) distributor model. It can attract significant venture capital, thereby contributing to the long-term sustainability of open source.

As always, the article is freely available (local copy, as PDF).

Also, check out the full list of articles.