This document discusses four lessons learned in handling license agreements:
1) Licenses always entail some risk to the licensee's freedom to operate as the licensee does not have complete control over the intellectual property.
2) Complex license structures can invite misunderstanding between the licensor and licensee.
3) Business people and lawyers may have different interests in structuring agreements, with lawyers focused on contingency and business people on timelines.
4) When negotiating, understand both sides' cost-benefit considerations, such as expected damages, legal fees, and the negotiation range.
These lectures has prepared for postgraduate student (Ophthalmology) according to the curriculum of Bangladesh College of Physician and Surgeons (BCPS) and Bangabondhu Sheikh Mujib Medical University (BSMMU) Bangladesh
Ophthalmic eye care presentation, medical residency training, health care and malaria, Vision and malaria, malaria blindness, complications of malaria, ocular malaria
These lectures has prepared for postgraduate student (Ophthalmology) according to the curriculum of Bangladesh College of Physician and Surgeons (BCPS) and Bangabondhu Sheikh Mujib Medical University (BSMMU) Bangladesh
Ophthalmic eye care presentation, medical residency training, health care and malaria, Vision and malaria, malaria blindness, complications of malaria, ocular malaria
Underlying principles governing relationship between partnersIntan Muhammad
P/S : Hi, I am sharing my personal notes of law-related subjects. Some parts of them are explained in a very informal-relaxed way and mix of languages (BM and English). Secondly, as law revolves every day, there will be outdated parts in my notes. Two ways of handling it.. (1) double check with the latest law and keep it to yourself (2) same with No. 1 coupled with your generosity to share with us, the LinkedIn users (hiks ^_^). Till then, have a nice day!
Self advocacy is about taking a proactive approach to all stages of health and illness: prevention, diagnosis, treatment, and recovery. When people take an active role in their care, research shows they fare better both in satisfaction and in how well treatments work. In this talk you will learn how to develop the skills to be a good self-advocate, communicate effectively with your doctors, evaluate the latest health news headlines and find the best health information online.
Health System Consortium Investigates Cost of Medical Device VariationTom McNaull
Thomas McNaull graduated from the Harvard Business School’s program for Owners/Presidents. He earned a MBA from Emory University and a BSBA with emphasis in Accounting from the University of Florida. He has managed the financial operations of health care organizations such as American MedTrust and the Abu Dhabi Health Services Company. In 2007, Thomas McNaull drew on his extensive experience to found MedStar and, as managing director, oversees the delivery of financial advisory services to client health care systems and physician groups.
A Step-by Step Guide to Starting a Nanotech Business
Objective: To build a viable business selling nanotechnology to make profit
How to:
1. Set up your nanotech business structure.
2. Raise financing, receive government grants and tax breaks.
3. Hire developers, employees, subcontractors and suppliers.
4. Protect ownership of your intellectual property in nanotechnology.
5. Use open innovation to enhance R&D.
6. Commercialize your nanotechnology by licensing and distribution.
You Need Defensive Patents but You Don't Have Any. Now What? A Case StudyErik Oliver
The setting is familiar: a large corporate asserter uses its patents against a smaller, high-growth company with no patents. Companies like Qualcomm, IBM, Nokia, and Microsoft regularly assert their patents. This case study describes how one of our clients included patent buying into their patent strategy to successfully defended against a corporate assertion by acquiring patents in the open market.
All entrepreneurs and small business owners encounter a number of critical legal issues as they open or expand their companies. Learn more about the legal decisions you’ll have to make as you set up your business, identify your customers and suppliers and protect yourself from liability.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
Licensing Theory And Practice
1. Licensing Issues In Theory And
Practice:
Four Lessons Learned Handling Licenses
John Storella
Presentation to the IP Society
August 2004
2. Four Lessons Learned Handling Licenses
A license always entails some risk to the licensee’s
1.
freedom to operate.
Complex license structures invite misunderstanding
2.
between the licensor and the licensee.
Business people and lawyers may have different
3.
interests and attitudes towards structuring and
concluding agreements.
When negotiating with the aggressive licensor,
4.
understand both sides’ cost/benefit considerations.
3. 1. A license always entails some risk to the
licensee’s freedom to operate
This is because the licensee does not have
complete control over the intellectual property it
needs to operate its business.
If circumstances change and you need to re-
negotiate the license terms, the licensor usually has
the upper hand.
Example: Licensee needs expanded fields of use,
rights to sublicense, rights to ancillary IP.
The amendment generally benefits the licensee more than
the licensor, so the licensor can exact a “transaction cost”
to amend the license.
4. 1. A license always entails some risk to the
licensee’s freedom to operate (cont’d)
If serious misunderstandings arise, the
licensor may send a notice terminating the
license, causing enormous problems for the
licensee.
Example: Ciphergen v. MAS.
Different understandings about the scope of the
MAS licenses to Ciphergen resulted in significant
market confusion and a lawsuit lasing over three
years.
5. 2. Complex license structures invite
misunderstanding between the licensor and
licensee
A good rule of thumb – In addition to the usual grant
language, one should, for clarity:
Specifically allow, without limitation, the activities you know
you want the licensee to do.
Specifically disallow, as a limitation, the activities you know
you do not want the licensee to do.
6. Start with the basic patent license
grant:
Licensor grants licensee a license to make,
use, sell, offer for sale and import any
invention covered by the patent.
This grant gives the licensee the right to infringe
any claim in the patent with impunity.
Limitations on activity generally will not be implied.
7. First complication – Limitations based
on inventions:
Licensor grants licensee a license to make,
use, sell, offer for sale and import any
Licensed Product.
Need to define whether “Licensed Products”
include:
“Things,” i.e., machines, articles of manufacture
and compositions of matter, and
“Methods,” i.e., processes
8. Second complication – Intellectual
property beyond the patent:
Licensor grants licensee a license to make, use,
sell, offer for sale and import any Licensed Product
and to otherwise exploit the Licensed Technology.
The license may be meant to cover not only patents, but
associated technical information, such as trade secrets, not
strictly covered by the patent.
Contract law may place different exclusive powers on such
IP.
9. Third complication – Field of use
restrictions:
Licensor grants licensee a license to make,
use, sell, offer for sale and import any
Licensed Product and to otherwise exploit the
technology in the Field Of Use.
“Fields Of Use” can be limited by:
Customers
Place of use
Activities
Each can introduce ambiguity
10. Fourth complication – Parsing The
Grant Language:
Licensor grants licensee a license to make
and use but not to sell Licensed Products.
Licensor grants licensee a license to make
and sell but not to use Licensed Products.
What is the difference between “using” in the
Field Of Use” and “selling” into the Field Of
Use?
11. Solution: If the grant includes any kinds of limitations,
specify allowed or prohibited activities that may be
ambiguous
Licensor grants licensee a license … including,
without limitation, the right to both sell the product to
customers and use the product to sell services to
customers.
Licensor grants licensee a license … except that
licensee may only use the product that it makes for
its own use and may not sell product to customers.
Such statements reduce ambiguity and the chance of
misunderstanding.
The good litigator will use any ambiguity as a wedge
to move the solution toward what the client wants.
12. 3. Business people and lawyers may have different
interests and attitudes towards structuring and
concluding agreements
Lawyers’ interest: A clear document that has
every conceivable contingency covered.
Business persons’ interest: Concluding a
deal having an acceptable level of risk within
a time frame limited by market pressures.
As a lawyer, your job is to make sure the
business people understand the risks that
they cannot eliminate.
13. 4. When negotiating with the aggressive licensor,
recognize both sides’ cost/benefit analysis
Situation: Your Company is approached with
an offer of license by a desirous licensor
asserting that its patent covers certain of your
products or activities.
14. Some basic concerns:
Does the licensor actually have the undisputed right
to grant licenses under the patent?
What does the licensor believe is the scope of the
claims?
The licensor may have a surprisingly different interpretation
of the claims than you.
What does the licensor want as compensation for
the license, and how did the licensor arrive at this
amount?
What is a reasonable royalty and the royalty base?
15. To Determine The Amount Of Settlement,
Perform A Cost-benefit Analysis:
The ultimate choice is between
accepting an agreed-upon settlement amount
having a lawsuit
16. Cost/Benefit Of A Lawsuit
The licensor’s expected return on a lawsuit is, roughly:
(expected damages) – (legal fees) = Expected return
E.g., $3,500,000 (expected damages) - $3,000,000 (legal fees) =
$500,000 (expected return)
Factor-in other mitigating/augmenting factors such as finding of
non-infringement, loss of patent, countersuit, willfulness and
precedent.
The target’s expected cost of a lawsuit is, roughly:
(expected damages) + (legal fees) = Expected cost
E.g., $3,500,000 (expected damages) + $3,000,000 (legal fees) =
$6,500,000 (expected cost)
Factor-in other mitigating/augmenting factors such as finding of
non-infringement and willfulness.
17. Logic of the negotiation range:
If target offers more than $500,000 then
licensor should not sue
Because the expected return on suit is less than
the amount offered.
If licensor requests no more than $6,500,000
then target should accept settlement
Because the cost of settlement is less than the
cost of a lawsuit.
Negotiation range is $500,000 to $6,500,000!
18. Settling on a number:
Target can hold out until the offer approaches the
lower end of the range -- $500,000.
Any lawsuit by the licensor to compel the target
toward the high end of the range would amount to a
“spite” lawsuit – causing damage to both parties just
to inflict more damage on the target.
Spite lawsuits are not, rationally, in a party’s best interest.
Do not always expect your opponent to act rationally – you
are dealing with emotional human beings.
19. The Licensor Should:
Initially ask for an amount near the high end of the range.
Ask for a large royalty on a large royalty base.
Try to force the target to make mistakes and bid against itself.
Make the target go first in suggesting:
Scope of claims
Reasonable royalty
Their own activities
If you don’t like an offer, ask target to offer a better one
Rather than making a counter-offer
Make the negotiation process, itself, expensive for the target.
Hope the target prefers settlement to suit.
20. The Target Should:
Determine a reasonable claim scope.
Calculate a reasonable royalty for the
technology.
Apply it to the royalty base as per the claim
scope.
Offer an amount between this and the
licensor’s expected return on a lawsuit.
Stick to its guns, and hang on!