Black Duck Software, a small software startup, will make its debut at LinuxWorld next week by rolling out a package...
it believes can help developers manage and reduce the intellectual property risks of reusing and mixing both open source and proprietary software code.
Enterprise Edition, a management tool, integrates the development cycle starting from the initial concept, through code development and distribution, and finally provides an audit trail that tracks what technical contributions were made by each individual developer.
The software provides preconfigured views of activity for developers and their managers allowing them to see exactly what the activities of outsourcing and software development contractors are. It can also provide views tailored for business managers and attorneys.
"The increasing complexity of software licensing is a major issue among developers. There are 45 to 50 authorised open-source licences with another 20 to 30 unauthorised ones now in use. We are proponents of people using open-source software but the [licensing] complexity, especially when used in combination with proprietary code, is prohibitive," said Black Duck chief executive officer Doug Levin.
If a developer wants to combine proprietary code with other code under the General Public Licence (GPL), for instance, the company's Enterprise Edition presents them with all of the individual steps and associated issues that are related to combining that code. The product also presents developers with all the other licences that are derivatives of that particular proprietary and GPL-compliant code.
"On average there are two new open-source licences being authorised by http://www.osi.org every single month. So from a numbers standpoint alone, never mind the many conditions being laid down by them, that is introducing a lot of complexity into this area," Levin said. "But this software can present those licence conditions every time it detects an open software module, snippet, or an entire program that is being used."
Some analysts think Black Duck is breaking new ground in helping developers manage the licensing of software and think it will help increase the number of corporate and third-party projects as well as the acceleration of existing ones.
"As far as I know, Black Duck is the only company around with software that enables commercial OSS product development by automating the identification and verification of licences and their restrictions," said Bill Claybrook, an analyst at Aberdeen Group. "This can be very useful for companies developing proprietary software to run on Linux or porting existing proprietary software to Linux."
Because the Enterprise Edition is multi-user, this sort of information can be distributed simultaneously to product managers, business managers, internal lawyers, and legal consultants outside the company.
What is at the heart of the product is the Project Licence Profile (PLP), is a machine-readable form of a software licence which can be appended to whatever file a developer is working on. The PLP, which functions like a log that tracks issues related to the code under development, addresses issues having to do with distribution, ownership, trademarks, copyrights, special restrictions and economic issues including royalties due.
The company is expected to target corporate accounts as well as the government market, where there has been rapidly growing interest in Linux and other open-source technologies. Black Duck will also pursue outsourcing companies.
"Outsourcing among corporations taking their non-critical programming offshore to take advantage of low labour rates is growing. But when they do so, they lose control. We can give them a view of developers in the outsourced company to see what their proper or improper use of open source and proprietary software is, and what the productivity level of individual programmers is," Levin said.
The Enterprise Edition, which will be sold by subscription, will cost $995 per seat.
Ed Scannell writes for InfoWorld