Strategies for Commercial Software Developers Using Open Source Code in Proprietary Software
-
Upload
mary-lou-wakimura -
Category
Software
-
view
54 -
download
0
Transcript of Strategies for Commercial Software Developers Using Open Source Code in Proprietary Software
Strategies for Commercial Software Developers Using Open Source Code
in Proprietary Software
October 4, 2016
2Offices
BostonSeaport Innovation District
ConcordRoute 128 Technology Corridor
By the Numbers
1980Year Founded
22Technology Specialties
BioinformaticsBiotechnology & Life SciencesBiologics & ImmunotherapeuticsChemical EngineeringPharmaceuticalsChemistryMaterial SciencesClean TechnologyMedical DevicesMedical ImagingMechanical EngineeringElectrical EngineeringSemiconductorsOpticsRoboticsMobileInternet of ThingsNetwork InfrastructureTelecommunicationsComputer HardwareComputer SoftwareBusiness Methods
37Attorneys,
Patents Agents, Technology Specialists
19Firm accolades since
2010, including:
4
5
Mary Lou WakimuraPrincipal Hamilton Brook Smith Reynolds
Giovanna FessendenOf CounselHamilton Brook Smith Reynolds
Thomas SchubertLead Counsel Software Licensing Siemens AG
Background of Open SourceLicensing and IP Law
Open Source Software (OSS)
Copyrighted but access to source code with rights to modify
Licensee may copy and make derivative works
If distribute derivative works, then perpetuate original OSS terms
6
Key Goals of Commercial Software Vendors Who Use OSS
Maintain ability to deliver
Protect IP from devaluation
Mitigate security vulnerabilities
Control contributions to OSS community
Avoid exposure to Copyright Trolls
7
Main Challenges: Most of today’s commercial software contains Open Source A typical complex application contains 30-80 OSS
components Each OSS component contains one or several licenses• Example: Linux Kernel has about 95 different licenses and
license combinations Minor license violation may terminate your right to use• Example: You must ship a copy of the GPL license with your
product
Maintain Ability to Sell Products
Strategies to consider:1. Pass OSS usage policy and enforce it without imposing unnecessary
bureaucracy on the organization2. Build the right team (lawyers with software knowhow, engineers with
licensing expertise)3. Procure the right clearing platform4. Install a high-performance process close to the engineering operation5. Don’t forget to also tackle commercial standard software (COTS)6. Be aware of potential OSS license incompatibilities (rarely a problem)7. Ensuring compliance throughout the supply chain is difficult
• Actively solicit OSS information from your suppliers• Treat absence of OSS information like a product defect• Secure your position by including contractual language around OSS matters
Maintain Ability to Sell Products
Main Challenges: Uncontrolled use of OSS with viral licenses may devalue your
software assets• Example: The use of code under viral licenses (e.g. GPL) may
require you to provide any derivative works (this could be your product) free of charge to the OSS community (worst case)
Asset devaluation may require asset write-downs
Strategies to consider: Make software clearing an integral part of the software
development process Continuously monitor your software code for Copyleft code When buying a software company, spend some money on an OSS
assessment
Protect IP From Devaluation
Mitigate Security Vulnerabilities
Main Challenges: You can only manage vulnerabilities that you know To know what’s in your code, you must monitor usage of OSS
Strategies to consider: Obtain Common Criteria (CC) certification /evaluation Analyze the application environment for possible threats Enable users and the software to self-report detected issues Use special scanners to identify security issues in real time Require developers to use OSS only from trusted sites
11
Control Contributions to the Open Source Community
Main Challenges: Most companies take OSS without giving (enough) back
Strategies to consider: Define your level of interaction with the OSS community Can you afford not contributing to the OSS community? Consider contributing to projects of strategic importance Avoid unnecessary OSS forks in your company
12
Open Source software: A promising arena for IP litigators?
Next wave of industrial progress is software-driven
Software patents can be difficult to obtain
Legislators have started to discourage
Patent Trolls
Avoid Exposure to Copyright Trolls
© Hugh D’Andrade, CC BY 2.0
Two main types of Open Source enforcers: “Good Guys”: E.g. Free Software Foundation
• Community-oriented enforcement
• Goal: Compliance through education and assistance
• “Legal action is a last resort”
The “bad guys”: Trolls• A few individuals
• Goal: Making money
Strategy to consider: Do not “blindly” accept a troll’s claim
Try settling on favorable terms
Avoid Exposure to Copyright Trolls
Basics:
If you have no OSS policy, create one
If your developers are unaware of OSS pitfalls, train them
Next steps:
Assess your demand for software clearing
Develop an appropriate clearing process
Consider a make/buy decision:
• Outsource the whole clearing process to a supplier, or
• Build up a clearing team (considering offshore options)
Start before commercially licensing out your IP
OSS Strategies for Smaller Entities
17
Thank you!
Mary Lou WakimuraHamilton Brook Smith [email protected] x 3214
Giovanna FessendenHamilton Brook Smith [email protected] x 3466
Thomas SchubertSiemens [email protected]