nach oben

Erschienen in:

2018 | OriginalPaper | Buchkapitel

Understanding Industry Requirements for FLOSS Governance Tools

verfasst von : Nikolay Harutyunyan, Andreas Bauer, Dirk Riehle

Erschienen in: Open Source Systems: Enterprise Software and Solutions

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Almost all software products today incorporate free/libre, and open source software (FLOSS) components. Companies must govern their FLOSS use to avoid potential risks to their intellectual property resulting from the use of FLOSS components. A particular challenge is license compliance. To manage the complexity of license compliance, companies should use tools and well-defined processes to perform these tasks time and cost efficiently. This paper investigates and presents common industry requirements for FLOSS governance tools, followed by an evaluation of the suggested requirements by matching them with the features of existing tools.

We chose 10 industry leading companies through polar theoretical sampling and interviewed their FLOSS governance experts to derive a theory of industry needs and requirements for tooling. We then analyzed the features of a governance tools sample and used this analysis to evaluate two categories of our theory: FLOSS license scanning and FLOSS in product bills of materials. The result is a list of FLOSS governance requirements based on our qualitative study of the industry, evaluated using the existing governance tool features. For higher practical relevance, we cast our theory as a requirements specification for FLOSS governance tools.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Mining and Linking Open Economic Data from Governmental Communities

Nächstes Kapitel Building a Social Platform Using FLOSS to Support Collaborative Communities: The ReWeee Case Study

Aksulu, A., Wade, M.: A comprehensive review and synthesis of open source research. J. Assoc. Inf. Syst. 11(11), 576 (2010)

Black Duck Software: 2017 Open Source Security and risk analysis. Center for Open Source Research & Innovation. In: (self-published white paper) (2017)

Bonaccorsi, A., Rossi, C.: Why open source software can succeed. Res. Policy 32(7), 1243–1258 (2003)CrossRef

Capra, E., Francalanci, C., Merlo, F.: An empirical study on the relationship between software design quality, development effort and governance in open source projects. IEEE Trans. Softw. Eng. 34(6), 765–782 (2008)CrossRef

Charmaz, K.: Constructing Grounded Theory. Sage, Thousand Oaks (2014)

Corbin, J., Strauss, A.: Basics of Qualitative Research: Techniques and Procedures for Developing Grounded Theory. Sage Publications, Thousand Oaks (2014)

Cruz, D., Wieland, T., Ziegler, A.: Evaluation criteria for free/open source software products based on project analysis. Softw. Process Improv. Pract. 11(2), 107–122 (2006)CrossRef

Deprez, J.-C., Alexandre, S.: Comparing assessment methodologies for free/open source software: OpenBRR and QSOS. In: Jedlitschka, A., Salo, O. (eds.) PROFES 2008. LNCS, vol. 5089, pp. 189–203. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-69566-0_17CrossRef

Deshpande, A., Riehle, D.: The total growth of open source. In: Russo, B., Damiani, E., Hissam, S., Lundell, B., Succi, G. (eds.) OSS 2008. ITIFIP, vol. 275, pp. 197–209. Springer, Boston, MA (2008). https://doi.org/10.1007/978-0-387-09684-1_16CrossRef

10.

Emde, C., Jaeger, T.: Open source license obligations checklists (version 5). In: Open Source Automation Development Lab (self-published white paper) (2017)

11.

European Commission: The economic and social impact of software & services on competitiveness and innovation (SMART 2015/0015). Publications Office of the European Union, Luxembourg, pp. 197–198 (2017)

12.

Fitzgerald, B.: The transformation of open source software. MIS Q. 30(3), 587–598 (2006)CrossRef

13.

Gangadharan, G.R., De Paoli, S., D’Andrea, V., Weiss, M.: License compliance issues in free and open source software. In: MCIS 2008 Proceedings, vol. 2 (2008)

14.

Gangadharan, G.R., D’andrea, V., De Paoli, S., Weiss, M.: Managing license compliance in free and open source software development. Inf. Syst. Front. 14(2), 143–154 (2012)CrossRef

15.

German, D.M., Hassan, A.E.: License integration patterns: Addressing license mismatches in component-based development. In: Proceedings of the 31st International Conference on Software Engineering, pp. 188–198. IEEE Computer Society, May 2009

16.

German, D.M., Di Penta, M., Davies, J.: Understanding and auditing the licensing of open source software distributions. In: 2010 IEEE 18th International Conference on Program Comprehension (ICPC), pp. 84–93. IEEE, June 2010

17.

German, D.M., Manabe, Y., Inoue, K.: A sentence-matching method for automatic license identification of source code files. In: Proceedings of the IEEE/ACM International Conference on Automated Software Engineering, pp. 437–446. ACM, September 2010

18.

Gobeille, R.: The fossology project. In: Proceedings of the 2008 International Working Conference on Mining Software Repositories, pp. 47–50. ACM, May 2008

19.

Hammond, J., Santinelli, P., Billings, J.J., Ledingham, B.: The tenth annual future of open source survey. In: Black Duck Software (2016). (self-published presentation)

20.

Hauge, Ø., Ayala, C., Conradi, R.: Adoption of open source software in software-intensive organizations–A systematic literature review. Inf. Softw. Technol. 52(11), 1133–1154 (2010)CrossRef

21.

Helmreich, M.: Best practices of adopting open source software in closed source software products. In: (Doctoral dissertation, Diplomarbeit, Friedrich-Alexander-Universität Erlangen-Nürnberg) (2011)

22.

Hummel, O., Janjic, W., Atkinson, C.: Code conjurer: pulling reusable software out of thin air. IEEE Softw. 25(5), 45–52 (2008)CrossRef

23.

Kaufmann, A., Riehle, D.: The QDAcity-RE method for structural domain modeling using qualitative data analysis. Requirements Eng. 1–18 (2017)

24.

von Krogh, G., Spaeth, S., Haefliger, S.: Knowledge reuse in open source software: An exploratory study of 15 open source projects. In: 2005 Proceedings of the 38th Annual Hawaii International Conference on System Sciences, HICSS 2005 p. 198b. IEEE, January 2005

25.

Von Krogh, G., Von Hippel, E.: The promise of research on open source software. Manage. Sci. 52(7), 975–983 (2006)CrossRef

26.

De Laat, P.B.: Governance of open source software: state of the art. J. Manage. Governance 11(2), 165–177 (2007)CrossRef

27.

Lakhani, K.R., Von Hippel, E.: How open source software works:“free” user-to-user assistance. Res. Policy 32(6), 923–943 (2003)CrossRef

28.

Lattemann, C., Stieglitz, S.: Framework for governance in open source communities. In: 2005 Proceedings of the 38th Annual Hawaii International Conference on System Sciences, HICSS 2005, p. 192a. IEEE, January 2005

29.

Lombard, M., Snyder-Duch, J., Bracken, C.C.: Content analysis in mass communication: assessment and reporting of intercoder reliability. Hum. Commun. Res. 28(4), 587–604 (2002)CrossRef

30.

OpenChain Specification (2018). https://www.openchainproject.org/spec

31.

Di Penta, M., German, D.M., Antoniol, G.: Identifying licensing of jar archives using a code-search approach. In: 2010 7th IEEE Working Conference on Mining Software Repositories (MSR), pp. 151–160. IEEE, May 2010

32.

Popp, K.M.: Best practices for commercial use of open source software. In: Business Models, Processes and Tools for Managing Open Source Software. BoD–Books on Demand (2015)

33.

Radcliffe, M., Odence, P.: The 2017 open source year in review. Black Duck Software, DLA Piper. (self-published presentation) (2017)

34.

Riehle, D.: The economic motivation of open source software: stakeholder perspectives. Computer 40(4), 25–32 (2007)CrossRef

35.

Riehle, D.: The commercial open source business model. In: Nelson, M.L., Shaw, M.J., Strader, T.J. (eds.) AMCIS 2009. LNBIP, vol. 36, pp. 18–30. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03132-8_2CrossRef

36.

Riehle, D.: Controlling and steering open source projects. IEEE Comput. 44(7), 93–96 (2011)CrossRef

37.

Riehle, D., Lempetzeder, B.: Erfolgsmethoden der Open-Source-Governance und-Compliance. In: Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU) (2014)

38.

Riehle, D., Harutyunyan, N.: License clearance in software product governance. In: NII Shonan (2017)

39.

Ruffin, C., Ebert, C.: Using open source software in product development: a primer. IEEE Softw. 21(1), 82–86 (2004)CrossRef

40.

Sadowski, B.M., Sadowski-Rasters, G., Duysters, G.: Transition of governance in a mature open software source community: Evidence from the debian case. Inf. Econ. Policy 20(4), 323–332 (2008)CrossRef

41.

Semeteys, R.: Method for qualification and selection of open source software. In: Open Source Business Resource, May 2008

42.

Software Package Data Exchange (SPDX) (2018). https://spdx.org/

43.

Sowe, S.K., Stamelos, I., Angelis, L.: Understanding knowledge sharing activities in free/open source software projects: an empirical study. J. Syst. Softw. 81(3), 431–446 (2008)CrossRef

44.

Tools for Managing Open Source Programs (2018). https://www.linuxfoundation.org/tools-managing-open-source-programs/

45.

Umarji, M., Sim, S.E., Lopes, C.: Archetypal internet-scale source code searching. In: Russo, B., Damiani, E., Hissam, S., Lundell, B., Succi, G. (eds.) OSS 2008. ITIFIP, vol. 275, pp. 257–263. Springer, Boston, MA (2008). https://doi.org/10.1007/978-0-387-09684-1_21CrossRef

46.

Wang, H., Wang, C.: Open source software adoption: a status report. IEEE Softw. 18(2), 90–95 (2001)CrossRef

Titel: Understanding Industry Requirements for FLOSS Governance Tools
verfasst von: Nikolay Harutyunyan
Andreas Bauer
Dirk Riehle
Verlag: Springer International Publishing
Buch: Open Source Systems: Enterprise Software and Solutions
Print ISBN: 978-3-319-92374-1

Electronic ISBN: 978-3-319-92375-8

Copyright-Jahr: 2018
DOI: https://doi.org/10.1007/978-3-319-92375-8_13

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"