Panel: Benefits and challenges
of integrating open source
components.

Copyright Antelink 2013 CC BY-NC-ND 3.0

How techni...
Copyright Antelink 2013 CC BY-NC-ND 3.0

When	
  can	
  you	
  talk	
  about	
  Legal	
  Quality	
  issue	
  ?	
  

Lack o...
Copyright Antelink 2013 CC BY-NC-ND 3.0

When	
  can	
  you	
  talk	
  about	
  Legal	
  Quality	
  issue	
  ?	
  

Spend ...
Copyright Antelink 2013 CC BY-NC-ND 3.0

When	
  can	
  you	
  talk	
  about	
  Legal	
  Quality	
  issue	
  ?	
  

Choose...
Copyright Antelink 2013 CC BY-NC-ND 3.0

When	
  can	
  you	
  talk	
  about	
  Legal	
  Quality	
  issue	
  ?	
  

Do not...
Copyright Antelink 2013 CC BY-NC-ND 3.0

Why	
  do	
  you	
  need	
  Tools	
  ?	
  
Produc@vity	
  (reduce	
  @me)	
  	
  ...
Copyright Antelink 2013 CC BY-NC-ND 3.0

When	
  do	
  you	
  have	
  to	
  use	
  state	
  of	
  art	
  tools	
  	
  
to	...
Why	
  do	
  you	
  have	
  to	
  use	
  tools	
  	
  ?	
  
	
  
•  This	
  is	
  the	
  state	
  of	
  art,	
  do	
  it	
...
Contact	
  
	
  
www.antelink.com	
  
contact@antelink.com	
  
	
  
+33	
  (0)1	
  42	
  39	
  30	
  78	
  

	
  

Copyrig...
Upcoming SlideShare
Loading in …5
×

Antepedia Reporter and Fossology: Updates and new challenges toward software tracking throught the whole software life cycle, Guillaume Rousseau, Antelink.

0 views
247 views

Published on

During this talk we will describe how tools dedicated to open source components and source code scanning like Fossology or Antepedia Reporter help development tools to enforce open source licensing policies. A particular scope will be provided on new trends and challenges regarding Software tracking issues which no longer focus on open source component tracking, but tracking of all artifacts produced over the whole software life cycle including source code items and build artifacts.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
0
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Antepedia Reporter and Fossology: Updates and new challenges toward software tracking throught the whole software life cycle, Guillaume Rousseau, Antelink.

  1. 1. Panel: Benefits and challenges of integrating open source components. Copyright Antelink 2013 CC BY-NC-ND 3.0 How technical solutions can help to reach legal quality Co-­‐author   /   IPR   Tracking:   A   methodology   for   Component   Based   and   Collabora@vely   Developed   soCware  (QualiPSo  A1)     Assistant  professor  at  INRIA/Univ.  Paris  Diderot     Co-­‐founder   of   Antelink,   INRIA   spinoff,   single   EU   player   developing  tools   Guillaume ROUSSEAU
  2. 2. Copyright Antelink 2013 CC BY-NC-ND 3.0 When  can  you  talk  about  Legal  Quality  issue  ?   Lack of contradictory evidences in the event of a litigation through the software supply chain.
  3. 3. Copyright Antelink 2013 CC BY-NC-ND 3.0 When  can  you  talk  about  Legal  Quality  issue  ?   Spend too much time to maintain qualified bill of materials from design to delivery over the whole software factory.
  4. 4. Copyright Antelink 2013 CC BY-NC-ND 3.0 When  can  you  talk  about  Legal  Quality  issue  ?   Choose the right components as soon as the design phase, with very few information about the components and their alternatives available.
  5. 5. Copyright Antelink 2013 CC BY-NC-ND 3.0 When  can  you  talk  about  Legal  Quality  issue  ?   Do not get full benefit of open source and proprietary reusable components because of missing third party components’ licenses compliance policy.
  6. 6. Copyright Antelink 2013 CC BY-NC-ND 3.0 Why  do  you  need  Tools  ?   Produc@vity  (reduce  @me)     Integrity  (quality  of  the  informa@on)    
  7. 7. Copyright Antelink 2013 CC BY-NC-ND 3.0 When  do  you  have  to  use  state  of  art  tools     to  increase  legal  quality      ?     •  Audit  your  soCware  asset  (your  first  BoM  J)   •  Set  up  Compliance  Policy   •  Provide  BoM  with  accurate  third  par@es  license  and   aSribu@on  informa@on.   •  Check  your  ability  to  answer  support  request  ?   •  Check  copyright  (who  developed/owned  your  soCware)   •  Scanner  for  informa@on  discovery   (Author  metrics,  copyright,   license,  vulnerability,  …)    
  8. 8. Why  do  you  have  to  use  tools    ?     •  This  is  the  state  of  art,  do  it  at  your  own  risk  if  your   are  not  using  them   •  Some   of   them   are   free   (fossology,   Oslc,   Reporter   free   edi@on,  …)   Copyright Antelink 2013 CC BY-NC-ND 3.0   •  Standard   like   SPDX   are   making   your   life   much   easier   (see   for   instance   compliance   table   comparing   policies   from  FSF,  Eclipse,  Apache  found.        
  9. 9. Contact     www.antelink.com   contact@antelink.com     +33  (0)1  42  39  30  78     Copyright Antelink 2013 – Do not distribute without prior written agreement

×