Every good carpenter has a box of tools he carries from job to job: a hammer of just the right weight, a selection of drill bits, and so on. As he gains experience, his toolbox gets heavier with new, and sometimes specialized, equipment. Similarly, programmers accumulate their own tools as they move from job to job, but these tools are digital and often include snippets of code written over the years.
And that can create a problem, says Vishwanath Venugopalan, an enterprise software analyst with the 451 Group. These snippets are often reused unintentionally in a simple cut-and-paste operation without full knowledge of their former or current company's intellectual property (IP) policies. What's more, "the ubiquitous availability of code snippets in blogs and online tutorials poses a bigger risk to intellectual-property hygiene in a company," Venugopalan says.
Although the problem of IP pollution is probably greater in the open source world, the growing popularity of modular, reusable code (think about Salesforce.com's AppExchange) creates headaches for users and developers of commercial software as well. And that, in turn, is creating a business opportunity for a handful of specialized software companies, including Black Duck Software, Palamida, and most recently Protecode, a startup based in Ottawa, Canada.
Interestingly, none of the three major players in this niche are open source.
Protecode is a plug-in to the Eclipse IDE that detects and logs the content entering a software project, and then checks it against an online database called the Global Intellectual Property Server, or GIPS. That's much easier and more accurate than relying on memory and manual record keeping. Companies can set policies to restrict the code that can be brought into the project based on the license type (such as to restrict GPL code usage). If a programmer uses code that isn't yet licensed by the employer, Protecode will create a bill of materials needed to comply with licensing provisions.
Because Java, C, and C++ code can be developed in Eclipse, the product's integration into Eclipse lends its support for these programming languages. Protecode has indicated that Visual Basic support might be in the cards as well, says Venugopalan.