Black Duck Blog

Peter Vescuso
Executive Vice President of Marketing and Business Development
pvescuso@blackducksoftware.com
We participated in the Linux Foundation’s premiere Linux technical event this week, LinuxCon 2010 which was held here in Boston (Black Duck was an event sponsor).

It was an upbeat event and well attended (approx. 600). The Linux Foundation announced their Open Compliance Program (OCP) as well as the v1.0 beta of a new OSS data exchange standard called SPDXTM. Black Duck contributed content to the compliance program – we were referenced in Jim Zemlin’s keynote presentation — and has been a major contributor to the SPDX standard.

Some people asked if the OCP announcement is good for us. We believe what’s good for OSS is good for us and this is clearly good for open source. At the highest level, it serves to build awareness for the need to manage and control open source and, yes, Black Duck will benefit by supplying tools to automate those processes. We issued our own press release.

Paula Rooney of Ziff-Davis wrote a good article on SPDX.

From an attendee’s perspective there was a lot of buzz around Android, which I attribute to its meteoric success (in Q2 it has #3 market share world wide for smartphones ahead of Apple, behind RIM). That success led to some heated discussion in one of the sessions between members of the mainstream Linux kernel community and Android/Google proponents around some of the power saver features in Android (“wakelocks”) that have not made it into the mainstream Linux kernel.

Eben Moglen of the Software Freedom Law Center gave a passionate presentation on “current legal issues in FOSS.” He first acknowledged that we have proven that open source and commercial companies are not inconsistent. He then focused on the next big issue, software patents, which he is against (we believe the system can be improved), and how he believes the concept impedes innovation. Whether you agree with Eben’s views or not, you can’t argue that he is an exceptional speaker. He received a standing ovation, not something I’ve seen at a Linux event before!

Forrester’s Jeff Hammond delivered a keynote presentation on open source software in Enterprise IT. Jeff’s overall message was that in Enterprise IT open source has “Crossed the Chasm” and is now widely adopted and receiving management support. Jeff reviewed a number of case studies (a number from companies that use Black Duck), including a financial service company that demonstrated per project software costs savings from OSS that range from 30% to 80%. He also featured Sabre, a travel reservation service provider that has saved millions of dollars using OSS.

Sabre’s software acquisition policy reflects the enthusiasm I sensed at the show: “OSS first, buy next, build last.”

Were you there, what were your impressions?

Peter Vescuso
Executive Vice President of Marketing and Business Development
pvescuso@blackducksoftware.com
If anyone out there is still questioning the strategic importance of open source software among enterprise development organizations, the recent findings of an Accenture survey provide yet another validation point that OSS use is growing rapidly and for good reason.

Accenture’s survey of executives at 300 large organizations in both the private and public sector found that 69 percent expect to increase OSS investment in 2010. More than a third said they plan to migrate mission-critical software to open source in the next twelve months.

The reasons for greater use of OSS cited by respondents also point to a maturing market place. Cost savings have historically been the prime motivator, but that’s changed according to Accenture’s findings. Respondents cited software quality, improved reliability and better security/bug fixing as the top benefits, pointing to the growing strategic value of OSS. In their December 2009 Climate Change report, the 451 Group found that not cost but flexibility was the #1 benefit cited by open source user.

The survey is chock full of useful information and worth checking out (the press release includes download links to access reports), but Black Duck’s research and client experience counters one of Accenture’s conclusions. Referring to remaining roadblocks to OSS use, Accenture’s analysis indicates that “training developers how to use open source” remains one of the biggest challenges to greater adoption. Black Duck has found quite the opposite. Developers have been and continue to be the trail blazers and early adopters of OSS – also the chief advocates for more widespread usage across the enterprise. If you listened to our webinar with SAP, you would have heard that grass-roots developer efforts contributed to the sea change on OSS policy. In fact, what we’ve seen is many developers and development organizations have been increasing OSS use for quite some time, but due to a lack of corporate support – any many times in the face of policies against using OSS – developers have no mechanism to report or use OSS in secret.

Lack of senior management support and awareness is the main barrier, not developers. Once senior management becomes aware and accepts the fact that OSS plays a crucial role in the development process, the next logical step is to develop policies for usage, licensing, monitoring, reporting and contributing back to the community. These are the areas where we’ll see the next steps in the evolution of open source software in multi-source development.

For more perspectives on the Accenture survey, check out Dana Blankenhorn’s blog post (Accenture hands open source a hockey stick). You can also get perspectives on growing usage of OSS from Red Monk’s Stephen O’Grady in a blog post I wrote based on Stephen’s recent presentation at Black Duck (The Rise of Open Source).

What’s your take on the remaining barriers to greater OSS usage?

Courtney Spencer
cspencer@blackducksoftware.com
Earlier this year Black Duck Software joined Open Health Tools (OHT). This week we had the opportunity to present at the OHT board member meeting chaired by Skip McGaughey, OHT Executive Director. Peter Vescuso, EVP of Marketing and Business Development, gave an overview of Black Duck’s business and solutions to the membership and outlined the ways we can support the OHT mission and membership.

OHT is an open source community creating an ecosystem of OSS developers and health care professionals dedicated to developing a health interoperability framework, including tools and reference applications. For example the OHT forge hosts Hitex, the Health Information Text Extraction system, one of the many OSS health care projects tracked by Black Duck. Hitex, which is built on top of the GATE framework, provides analysis pipelines and modules to extract health information from clinical documents.

The Black Duck KnowledgeBase of open source projects is a comprehensive information resource on all OSS projects. Within the Knowledgebase, we track and report on the OSS projects specific to healthcare: over 900 projects, representing124 million lines of code and $8B USD of development value and 45,000 staff years (see our analysis reported in the press release referenced above). We offered to the OHT membership to provide custom analysis and information on any and all of these projects to promote their use and adoption. In addition, we encouraged the use of our free code search website www.koders.com with over 3 billion lines of available code and offered our management best practices to the OHT community for managing development with open source to maximize the value while controlling its use.

We look forward to evangelizing the opportunity for OSS to improve the healthcare industry and to support the OHT community.

For more insight into OSS and the healthcare industry, check out the webinar we recently delivered with CollabNet and Brian Behlendorf on how OSS is revolutionizing healthcare.

Jim Berets
Vice President of Product Management
jberets@blackducksoftware.com
While this post is not about how software improves the environment, at least not directly, it is about how open source software encourages ‘green’ behavior by developers.

The catchphrase of green is Reduce-Reuse-Recycle. What better way to describe the benefits of open source software?

Reduce. In the green world, this means “consume less”: don’t run two separate errands when you can combine them into one car trip. Many organizations we speak with these days talk about their desire for simplification and “code reduction.” Their motivations range from decreased operating and maintenance costs to increased performance. Code reduction activities include examining existing applications and removing and/or creating reusable components out of duplicate code, and also eliminating unused (or lightly used) applications or software components entirely. Code reduction also includes management processes around incoming code, particularly open source – making sure that new open source software components are not introduced when others that serve the same function are already in use and suitable. The result: more efficient development organizations and applications.

Reuse. In the context of green, reuse means using the same item repeatedly: bring a cloth bag to the store instead of using disposable “paper or plastic.” Why? Less waste. Why do people find open source helpful? It’s the ability to reuse code someone else has already written, and avoid wasting resources (developers, time) re-inventing the wheel. It is also about standardizing on reusable components and versions like, for example, Apache Tomcat, Hibernate, Spring, and so on. The result: lower operating and support costs, and more shared expertise in the development team.

Recycle. Recycling is making something you have already used available for someone else to use, sometimes (but not always) in a different form. Let someone use your baby’s old crib rather than throwing it in the trash. Take a product and recast it into another form for a different use, incorporating the old material: plastic bottles are recycled into plastic decking. How is code recycled? Developers contribute code to open source projects, enabling it to be incorporated into other products or applications. OpenSSL, Expat, and zlib are contributed, and are subsequently ‘recycled’ by Android in cell phones. The result:higher function capabilities for Android with a faster time-to-market and lower development cost than starting with raw materials.

Here at Black Duck we seek to be ‘green.’ We build our applications using a common platform (reduce), use open source when it meets the business’s needs (reuse), and make improvements to projects like Apache Lucene and PostgreSQL (recycle).

Be a Green Coder. Reduce. Reuse. Recycle.

Peter Vescuso
Executive Vice President of Marketing and Business Development
pvescuso@blackducksoftware.com
It’s great to see a series of white papers from LF and Ibrahim Haddad on license compliance.

Too often people think talking about license compliance is unnecessary or worse fear-mongering, but it’s really about taking a pragmatic approach to ensuring development with open source software is successful from the start by ensuring you do the right thing – honor the intention of the original developers by respecting their license choices. It is a multi-source world where open source is integrated with internal code, commercial and outsourced code, so license compliance is incredibly important. Nevertheless ensuring compliance is not necessarily a developer’s expertise. At Black Duck we strive to make this as simple and transparent as possible by offering tools to automate compliance so it is “designed in” from the beginning. Making it easy for developers to do the right thing about compliance allows them to focus on their primary job of building apps and simplifies the task of meeting license obligations. We look forward to these papers as a way to educate, and salute the Linux Foundation for taking the initiative to set out the basics of compliance in a thoughtful, neutral and comprehensive way.