A small software startup will make its debut at LinuxWorld next week by rolling out a package it believes can help developers manage and mitigate the intellectual property risks of reusing and mixing both open source and proprietary software code.
Black Duck Software Inc. will introduce its Enterprise Edition, a management tool that integrates the development cycle starting from the initial concept, through code development and distribution, and finally provides an audit trail that tracks what technical contributions were made by each individual developer.
The software provides pre-configured views of activity for developers and their managers allowing them to see exactly what the activities of outsourcing and software development contractors are. It can also provide views tailored for business managers and attorneys.
"The increasing complexity of software licensing is a major issue among developers. There are 45 to 50 authorized open source licenses with another 20 to 30 unauthorized ones now in use. We are proponents of people using open source software but the (licensing) complexity, especially when used in combination with proprietary code, is prohibitive," said Doug Levin, Black Duck's CEO.
If a developer wants to combine proprietary code with other code under the General Public License (GPL), for instance, the company's Enterprise Edition presents them with all of the individual steps and associated issues that are related to combining that code. The product also presents developers with all the other licenses that are derivatives of that particular proprietary and GPL-compliant code.
"On average there are two new open source licenses being authorized by http://www.osi.org every single month. So from a numbers standpoint alone, never mind the many conditions being laid down by them, (that) is introducing a lot of complexity into this area," Levin said. "But this software can present those license conditions every time it detects an open software module, snippet, or an entire program that is being used."
Some analysts think Black Duck is breaking new ground in helping developers manage the licensing of software and think it will help increase the number of corporate and third-party projects as well as the acceleration of existing ones.
"As far as I know, Black Duck is the only company around with software that enables commercial OSS product development by automating the identification and verification of licenses and their restrictions," said Bill Claybrook, an analyst at Aberdeen Group Inc. "This can be very useful for companies developing proprietary software to run on Linux or porting existing proprietary software to Linux."
Because the Enterprise Edition is multi-user, this sort of information can be distributed simultaneously to CXOs, product managers, business managers, internal lawyers, and legal consultants being used outside the company.
What is at the heart of the product is the Project License Profile (PLP). The PLP, Levin explains, is a machine-readable form of a software license, which can be appended to whatever file a developer is working on. The PLP, which functions like a log that tracks issues related to the code under development, addresses issues having to do with distribution, ownership, trademarks, copyrights, special restrictions, and economic issues including royalties due.
The company is expected to target the product at corporate accounts as well as the government market, where there has been rapidly growing interest in Linux and other open source technologies. Black Duck will also pursue outsourcing companies, particularly those American high-tech companies outsourcing jobs to lower-cost labor markets such as India and China.
"Outsourcing among corporations taking their non-critical programming offshore to take advantage of low labor rates is growing. But when they do so, they lose control. We can give them a view of developers in the outsourced company to see what their proper or improper use of open source and proprietary software is, and what the productivity level of individual programmers is," Levin said.
The Enterprise Edition, which will be sold by subscription, will cost US$995 per seat.