We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byGillian Wickersham
Modified over 2 years ago
Multi-Source Development: Enabling Faster, Lower Cost Innovation with Open Source Software Black Duck Software September 22, 2009
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. Introduction to Black Duck Software Mission Accelerate time-to-market and reduce development costs by providing products and services for finding, managing and deploying open source software in a multi-source development process, at-scale. Founded in 2002 and backed by top investors Over 600 customers worldwide Partnerships with global leaders
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. Agenda Market Dynamics Development Challenges Multi-Source Development Meeting the Challenges: Best Practices Case Studies Summary
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. Difficult Times Still Require Innovation Economic slowdown = budget cuts –Global IT spending is shrinking –Between 1/09 and 4/09 Gartner lowered their 2009 Global IT forecast by $270B Still need to innovate –Differentiation to respond to increased competition –Operational efficiencies to continue to execute Challenge: innovate more with less –How to lower the cost and risk of innovation, and accelerate time-to-solution?
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. Lowering the Cost of Innovation: the Compelling Economics of Open Source Linux Example: Leverage of 14:1 –Open source community contributes $1.4 Billion –Red Hat spends $100 Million Customer saves 88% of development –19K lines of new code, 140K lines of open source –Savings of approx. $20,000 for every 1,000 lines of code of OSS used “The fundamental economics of software development leads you to open-source software” – David Rivas, Nokia VP for S60 Software “The fundamental economics of software development leads you to open-source software” – David Rivas, Nokia VP for S60 Software
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. Potential of Open Source Gartner estimates the impact of open source: $37B in 2009 –Infrastructure Software: $30B –Application Software: $ 7B $77B by 2012: –Infrastructure software: $58 billion –Application software: $19 billion Source: Gartner November 2008
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. The Future of Software is Open Software development has changed forever –Internet, community development & OSS licensing –Componentization and re-use –Agile methods OSS has gone mainstream –85% of enterprises use OSS today –45% of OSS use is Running Mission-critical applications –70% of OSS contributors are corporate developers –Microsoft OSS code repository (CodePlex) Large pool of proven, reusable software –Over 200,000 OSS projects –5+ billion lines of code
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. Top 20 Most Commonly Used Licenses in Open Source Projects Source: Black Duck Software Note: The table above illustrates the top 20 licenses that are used in open source projects, according to the Black Duck Software KnowledgeBase. This data is updated daily. This snapshot was taken on September 1, 2009. Visit: http://www.blackducksoftware.com/oss/licenses#top20 Top 10 licenses account or 93% of OSS projects Top 20 licenses account for 97% Rank by # of OSS projects using the license
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. Development Challenges: What We’re Hearing Goals for reuse/standardization of up to 80%; build / fix / fit 20% Scale – ad hoc use of hundreds of OSS components has led to a management/tracking nightmare Increase agility, velocity of development Desire to take advantage of the benefits of open source but need to have oversight and control –Manual governance, compliance and approval processes are cumbersome/burdensome to developers, prone to error, often ignored $7800/yr to manage OSS components (Source: Black Duck)
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. Challenges of Using Open Source at Scale Manual management methods are inadequate, prone to error…when open source usage proliferates –E.g., version proliferation raises complexity and likelihood of errors When managed poorly, use of open source can introduce risks and challenges: –Legal exposure due to unmet license obligations –Security vulnerabilities –Regulatory violations –Unsupported open source –Version proliferation
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved.Copyright © 2007 Black Duck Software, Inc. All Rights Reserved. Confidential and Proprietary. The Story of Cisco’s Software Supply-Chain Developers modified firmware turning a low-end ($60) device into a high-function router The story continues... embedded the code in one of its chipsets used GPL code to customize Broadcom’s standard Linux distribution bought for $500M in 2003 adopted this technology into its WRT54G wireless broadband router Source code made available by FSF accused Cisco of a license violation
Meeting the Challenges
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. Multi-Source Development with Open Source is the “New Normal” YOUR COMPANY Software Application Open Source Software Internally Developed Code Outsourced Code Development Commercial 3 rd - Party Code Individuals Universities Corporate Developers Code Obligations
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. Meeting the Challenges: Best Practices Best practices fall into three areas: 1.Standardization and reuse 2. Automated Collaboration 3.Compliance
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. 1. Standardization and Reuse Typical Problems –“Don’t know what I’ve got” – difficult to leverage knowledge across teams –Version proliferation –Unnecessary rework Reinventing the wheel when code already exists Seeking approval for previously approved components Best Practices –Create a catalog of approved components to promote/enforce standardization and reuse across the development organization Approval process integrates company policy to increase efficiency Enhance internal catalog with company specific attributes/metadata –Make better decisions early in dev process Automated code search –Automatically track “where used” Improves maintainability Remediating security and quality issues
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. 2. Automated Collaboration Typical Problems: gap exists within development; between development and other functions –Difficult for developers to be on the same page Sharing information, components –Difficult to get legal and other roles on same page with developers –Manual review/approval of OSS components “Status” of OSS review is difficult to know Code approvals taking days/weeks Best Practice: automate key interactions –Automate group interaction Manage and automate complex review/approval processes across multiple roles/functions/groups Capture communication between users during review/approval (Comments, questions, learnings) –Notifications across functions Real time security vulnerability alerts Notification of approved/disapproved components
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. 3. Compliance Typical Problems –Lack of controls on open source use Un-vetted code gets into code base Difficult to validate that approved code is what’s shipped –Risk/exposure from unmet license obligations –Risk/exposure from export restrictions on crypto code Best Practices –Automate component request/approval –Continuous Validation Auto-scan code to identify OSS components and license obligations Integrate into build process to streamline development Integrate into issue tracking (remediation, unknown code, defect/issue, etc.) –Automatic documentation and reporting BoM Show met/unmet license obligation to guide legal/dev staff
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. Best Practice #0. Creating and Implementing an Open Source Policy Audit the company code base Evaluate open source use profiles Create open source policy Educate employees Monitor ongoing policy compliance –Trust, but verify Source: Navica
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. Samples Contents of A Concise Open Source Software Policy
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. Evaluating OSS Projects Current offering (maturity) Project governance Community participation License strategy Ecosystem Features, frequency and number of releases, bug fixes Leadership, structure, charter, goals, strategy Number of participants, activity level, frequency of commits Commercially friendly, viral, dual/multilicense Service, support, extensions, add-ons, training, consulting
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. Case Studies –Landmark Graphics –Reliant Security –Attivio –QNX
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. Case Study 1: Landmark Graphics Landmark Graphics supplies software to Oil and Gas industry across a broad variety of applications areas OSS Steward monitors policy compliance Prioritize standardization Restructured release process –Uses Black Duck Suite to monitor compliance –PM assumes responsibility for OSS –Remediate if/as violations are found Contributing back in limited cases Result: Rapid adoption of the latest models and technologies, with accurate identification of OSS dependencies
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. Case Study 2: Reliant Security Reliant sells PCI compliant in-store systems that include many OSS subsystems. Set a clear policy for OSS use Tuned acquisition policies –OSS first mandate –Prioritized “ilities” –Loosely coupled design Adjusted dev processes –OSS use identified at design –Developer on the hook for provenance Result: Significant customer savings over commercial alternatives
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. Case Study 3: Attivio Attivio’s unified information access platform extends enterprise search capabilities across documents, data and media. Result: Have been able to get to get to market faster and focus on true IP differentiators because of OSS. Simple OSS policy that is easy to understand OSS used for commodity architectural components Only using OSS components compatible with a commercial license Maintains a common folder of all approved OSS libraries Uses Black Duck Suite scan reports to prove active governance to sales prospects
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. Case Study 4: QNX QNX produces m iddleware, development tools, and real-time operating system software for the embedded market Using OSS for over 15 years, in production products Customers needed a license guide to manage product use Categorize all code components with 3 levels of risk Sensitize developers about use of OSS Use Black Duck to automate creation of license guide and track OSS evolution Publishing their own source for many components (but not as OSS) Result: Have been able to get to get to market faster and take advantages of third party components to broaden portfolio
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. Summary The pressure to do more with less is driving development organizations to multi-source development Using open source components at scale brings with it a variety of challenges Companies embracing open source have evolved best practices to tackle the challenges and thereby enjoy the benefits
Copyright © 2008 Black Duck Software, Inc. All Rights Reserved. Resources ROI Calculator –www.blackducksoftware.com/open-source-roi-calculatorwww.blackducksoftware.com/open-source-roi-calculator Search for open source code to reuse –www.koders.comwww.koders.com White Papers (ROI, Agile and OSS, Best Practices) –www.blackducksoftware.com/resources/whitepaperswww.blackducksoftware.com/resources/whitepapers Best Practices for Open Source Adoption with Jeff Hammond, Forrester Research –http://www.blackducksoftware.com/form/70160000000Hv0 6http://www.blackducksoftware.com/form/70160000000Hv0 6
Accelerating Development Using Open Source Software Black Duck Software Company Presentation.
Enabling Technology Innovation using Open Source Software
Open Health Tools Board Presentation June 30, 2010 Peter Vescuso EVP of Marketing and Business Development Black Duck Software, Inc.
Michael Saucier - OSIsoft Cliff Reeves - Microsoft Your Portal to Performance An Introduction to the RtPM Platform Copyright c 2004 OSIsoft Inc. All rights.
Robert Mahowald August 26, 2015 VP, Cloud Software, IDC
Motorola Mobility Services Platform
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Confidential 1 MAP Value Proposition.
Manage your technology for optimal return on investment (ROI) The Tivoli ® Configuration & Operations management solution from IBM.
© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE Holistic View of the Enterprise Business Development Operations.
Salesforce.com Migration Assessment with Microsoft Services Assess whether your current CRM implementation is the right solution for your current and future.
Business Productivity Infrastructure Optimization Campaign 1 Agenda: BPIO Partner Sales Readiness Workshop Day 3: Topic: Enterprise Content management.
Convergence – Driving down the Cost of Enterprise IT Christoph Rau BEA Vice President, Central & Eastern Europe October 23, 2003.
Microsoft.com/publicsector Records Management Microsoft Records Management for Government Agencies.
Gabriela Contreras, Continental Airlines Yvan Hennecart, SDL
Agile insurance carrier - What the carrier has to look like? Glenn Lottering Senior Director, EMEA Insurance Product Strategy and Sales Consulting.
Copyright © 2012 Accenture & Symantec. All rights reserved. This Sales Accelerator presentation is intended to provide sales teams fast facts on solutions.
Application Modernization Step by Step. Copyright ©2009, Oracle. All rights reserved. Oracle Confidential PACE OF BUSINESS Increasing expectations from.
Ingres, Enterprise OpenSource September Agenda Ingres Company v2 Enterprise… Open Source The Appliance concept Ingres Appliances offering.
Share common characteristics and priorities Architecture / Engineering / Construction & Real Estate Media and Entertainment Professional Services.
The Engine Driving Business Management in Project Centric Environments MAGSOFT INTERNATIONAL LLC.
The Engine Driving Purchasing Management in Complex Environments MAGSOFT INTERNATIONAL LLC.
© 2007 IBM Corporation Enterprise Content Management Integrating Content, Process, and Connectivity for Competitive Advantage Malcolm Holden October 2007.
Assessment of Innovative Environment
Software Product Testing Challenges. Industry Analysts Recognize Testing Outsourcing is gaining momentum and delivers value Multiple business drivers.
© 2002 IBM Corporation Confidential | Date | Other Information, if necessary June, 2011 Made available under the Eclipse Public License v Mobile.
It’s a Mixed Up World Deploying Unified Communications and Collaboration in Mixed Environments David J. Wippich Chief Executive Officer Ensim Corp.
Black Duck Offer for Open Health Tools Members Black Duck Software.
Accelerating Product Development with EPM. om PSG Services 25 public & private enrollment courses PMI Registered Educational Provider Partnership.
© Copyright Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.
MySQL Introduction to the MySQL products. Agenda Company Overview Open Source & MySQL Momentum Why MySQL? MySQL OEM, Community & Enterprise offerings.
IS Today (Valacich & Schneider) 5/e Copyright © 2012 Pearson Education, Inc. Published as Prentice Hall 12/7/ Chapter 7 Enhancing Business Processes.
Optimizing IT Operations Lessons From the Field A practical guide for maturing your IT Infrastructure Presenter’s name IT Architecture & Planning Microsoft.
Improving effectiveness of your tax operations 10 May 2012 CHARLOTTE RUSHTON MANAGING DIRECTOR, ASIA PACIFIC.
Accurate Consistent Compliant Contact: i4i the structured content company the structured content company.
Presentation Path Introduction to Ved Consultancy and OpenText Current Challenges The Valued Customers and Sectors Our Solutions Demo. Together,
Saba Confidential 1 Next Generation HCDM April 16, 2003 E-Learning Brazil Conference Magna Session Bobby Yazdani President and COO.
Introducing Open Platform for NFV Please direct any questions or comments to 1.
Open Source and IP Telephony: Myth Busters, Best Practices and Real Life Application in the Contact Center Kelly Duerr, Senior Product Manager Tom Chamberlain,
Supporting tools in an IT Project & Portfolio Management environment Ann Van Belle -
Ellis Paul Technical Solution Specialist – System Center Microsoft UK Operations Manager Overview.
ROI When Web Content Management Meets Knowledge Management
Project 2003 Presentation Ben Howard 15 th July 2003.
Leveraging Success Through Effective Project Management Tools and Processes Charlie Schloff Manager, C3P Project Office Ford Motor Company File: MPUG 2000.
MEASURING BPM SOFTWARE ROI AND ITS BENEFITS IN RISK MANAGEMENT PROCESS AUTOMATION Contact us at | Web :www.skelta.com | Tel: 1.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Automating Enterprise IT Management by Leveraging Security Content Automation Protocol (SCAP) John M. Gilligan May, 2009.
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 Cisco CloudVerse for Government: Helping Agencies Reduce Costs and Respond.
1. Windows Vista Enterprise And Mid-Market User Scenarios 2. Customer Profiling And Segmentation Tools 3. Windows Vista Business Value And Infrastructure.
David Wippich, CEO Ensim. What We’ll Talk About Today Crazy Market Dynamics Convergence of Convergence Unifying Unified Communications Benefits of Complexities.
Copyright: Avi Rosenthal, all rights reserved 1 Banking: Business and Technology Trends Avi Rosenthal Avi Rosenthal Independent Consultant
© 2017 SlidePlayer.com Inc. All rights reserved.