SlideShare ist ein Scribd-Unternehmen logo

EOLE / OWF 12 - License compatibility analysis and components based systems in public research - presentation of a practical approach-magali fitzgibbon (eole2012)

Paris Open Source Summit
Paris Open Source Summit
1 von 28
Downloaden Sie, um offline zu lesen
License compatibility analysis and component based systems in public research: presentation of a practical approach EOLE Conference – 12/10/2012 Magali Fitzgibbon – Technology Transfer and Innovation Department - CC BY-NC-ND 2.0
CONTEXT Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
A (very) short presentation of Inria… Inria : French National Institute for Research in Computer Science and Automatic Control 8 research centers in France + head office (corporate level and local TTOs) Missions include: => fundamental and applicative research => dissemination of scientific knowledge => contributing to standardization => providing prototypes (technology transfer) Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
Software prototypes @Inria - Important number of software distributed under a FLOSS license - Technology transfer includes operations based on open source software (in particular by spin-off creation) - Reuse of open source preexisting components is a usual developing practice at Inria. => This leads de facto to license compatibility issues… Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
Software development process (seen from the legal / TTO point of view) Licensing in  STRATEGY (legal compatibility)  Licensing out Code reuse Software : set of components exploitation (pre-existing components) (with new “ex-nihilo”components) L Licensing out 1 choice Component Licensing in based systems Policy Legal status of software (Not so easy to defined) Legal status of components Component’s licence Usually well defined Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
Such an exercise can turn out to be difficult… License compatibility – the difficulties encountered by lawyers and TT managers: • To be familiar and deal with an important number and diversity of FLOSS licenses (jungle) • Vocabulary used in FLOSS licenses is not standardized But not only… Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
Reality is more than a theoretical comparison of several licenses – context/object of analysis are crucial • Great diversity of software and software architecture (how can architecture be useful for the analysis?) • Inria’s software can be made of an important number of preexisting components, usually under a FLOSS license … • … and can be developed on long period of times (10-15 years) by numerous contributors (How do you actually identify the licenses to be analyzed?) • Licensing out strategies may change during software’s life cycle (What incidence on license compatibility issues?) Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
Given these elements, what could be a good approach for license compatibility issues in component based systems? Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
I. License compatibility analysis and software’s architecture/detailed description Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
The 3 good reasons to ask for software’s detailed description  Identify the scope of the analysis… and be sure that everyone actually talks of the same thing!  Easier in case of software with a “modular licensing strategy”  Makes dialogue easier with researchers/developers Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
Using software’s architecture – the example of DIET software (monitoring High Performance Computing Infrastructures) Source: Qualipso – Report on the proposed IPR tracking methodology – 16/12/2009 – www.qualipso.org Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
II. How can I identify licenses to be analyzed in a (large) component based system? Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
Asking the development/research team: Software’s contributors point of view and memory is essential (Inria assume people are of good faith)… … but it is nevertheless often incomplete! ⇒ Components’ origin and license issues are not always a priority at the beginning of a project (POC) ⇒ Keeping a good track of what happened in a 5, 10 or 20 year development period is difficult in public research (people come and go) Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
Example of a representation of authors’ appearance/disappearance and evolution of % contribution to source code A different (and complementary) source of information is usually needed… Source/copyright owner: Antelink - CC BY-NC-ND 2.0 Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
Looking « by hand » in all header files to check for licenses Costs of analysis quickly turn to be high… Example: a software of 100 000 files = you can keep a lawyer busy a few weeks… … which means that ROI is not always satisfactory. Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
Using tools: the « industrial way » Code mining tools, license checkers…  They allow to gain time…  … and can therefore reduce costs of analysis! Components’ license information in header files can now be as « opened » as open source software! The experienced turned out be positive as far as Inria is concerned Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
However… Never forget that information still needs to be qualified! • Identifying licenses is only a start… • Comparing a list of licenses, obtained with a tool, with your licensing-out strategy is not sufficient for analysis to be efficient/complete! • Tools help/provide assistance but do not fulfill the analysis Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
Examples 1. An important number of files identified in one of Inria’s software with an Eclipse public license But… … after qualifying this information, the « EPL files » turned out to be source code generated by Inria’s developers with Eclipse’s framework 2. Incompatible License identified in one of Inria’s software But… It turned ou that headers were not up-to-date concerning license information Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
Qualifying information requires discussion between lawyers, TT managers and researchers/developers Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
III. Licensing-out strategy’s evolution during life cycle : what is the incidence? Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
What changing of licensing-out strategy means • The previous licensing-in policy (if any!) may not be pertinent anymore… • … which means that software’s exogenous components’ licenses may not be compliant with the new licensing-out strategy… • What if the previous software’s license is compatible with the new one? => Beware! Does not mean that components’ licenses are compliant! Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
Example  A software initially distributed under a GNU LGPL v2.1 license  A licensing-in policy was defined  Research team’s intentions change in favour of a dual licensing scheme : GNU GPL v2 and proprietary license Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
What the analysis revealed about the past… Example of licenses found during Compliance with the analysis (for exogenous previous GNU LGPL components) strategy Apache v.1 YES Apache v.2 YES Eclipse public license YES BSD (new) YES Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
What the analysis revealed about the present/future… Example of licenses found during Compliance with GNU the analysis (for exogenous GPL v2 components Apache v.1 NO Apache v.2 NO Eclipse public license NO BSD (new) YES Hopefully, solutions could be found… But shows that costs to make software legally compliant, when strategy changes, can actually become an issue Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
The 2nd part of the « story »: the legal issue did not turned out to be the only one…  Was the dual scheme really pertinent/appropriate? People are willing to pay for a proprietary license if they wish to redistribute themselves under a proprietary license (and avoid GNU GPL’s constraints) But, if a similar version is available somewhere under the GNU LGPL…  GNU GPL version of software needs to be sufficiently different from the previous GNU LGPL version! Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
What comparison of source code revealed Source/copyright owner: Antelink - CC BY-NC-ND 2.0 Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
Conclusion License compatibility analysis for components based systems in public research is always :  the encounter between particular software, a development and an exploitation strategies  Team work between lawyers, TT managers and researchers/developpers  And therefore a smart use and combination of people’s competence/experience and tools Which means that lawyers do not only need to rely on their « legal » expertise:  basic knowledge and curiosity of what are software and software development, is helpful Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
Thank you! www.inria.fr Report on the proposed IPR Tracking methodology (L. Grateau, M. Fitzgibbon, G. Rousseau) http://www.inria.fr/content/download/6143/55776/version/2/file/Methodologie-d-analyse-IPR.pdf Qualipso EU funded project www.qualipso.org Guide d’approche et d’analyse des licences de logiciels libres (S. Steer, M. Fitzgibbon) http://www.inria.fr/content/download/5892/48431/version/2/file/INRIA_guide_analyse_licences_libres_vf.pdf Recueil de fiches explicatives de licences libres (S. Steer, M. Fitzgibbon) http://www.inria.fr/content/download/5892/48431/version/2/file/INRIA_guide_analyse_licences_libres_vf.pdf Magali Fitzgibbon magali.fitzgibbon@inria.fr http://www.linkedin.com/pub/magali-fitzgibbon/3a/390/76a

Empfohlen

How to help development team to manage foss during the whole industrial proc...
How to help development team to manage foss during the whole industrial proc...How to help development team to manage foss during the whole industrial proc...
How to help development team to manage foss during the whole industrial proc...Antelink
 
Ipross
IprossIpross
IprossCarlo Daffara
 
Euro petition review evaluation
Euro petition review evaluationEuro petition review evaluation
Euro petition review evaluationEdinburgh Napier University
 
FITT Toolbox: Standardisation in Media Formats
FITT Toolbox: Standardisation in Media FormatsFITT Toolbox: Standardisation in Media Formats
FITT Toolbox: Standardisation in Media FormatsFITT
 
Efficient and Enhanced Proxy Re Encryption Algorithm for Skyline Queries
Efficient and Enhanced Proxy Re Encryption Algorithm for Skyline QueriesEfficient and Enhanced Proxy Re Encryption Algorithm for Skyline Queries
Efficient and Enhanced Proxy Re Encryption Algorithm for Skyline Queriesijtsrd
 
OWF12/Open Standards for Cloud - Eu cloud strategy_sde_20121012
OWF12/Open Standards for Cloud - Eu cloud strategy_sde_20121012OWF12/Open Standards for Cloud - Eu cloud strategy_sde_20121012
OWF12/Open Standards for Cloud - Eu cloud strategy_sde_20121012Paris Open Source Summit
 
Owf12 open forges summit scott wilson, oss watch
Owf12 open forges summit scott wilson, oss watchOwf12 open forges summit scott wilson, oss watch
Owf12 open forges summit scott wilson, oss watchParis Open Source Summit
 
OWF13 -October 3 - Open World Forum - Make It Happen!
OWF13 -October 3 - Open World Forum - Make It Happen!OWF13 -October 3 - Open World Forum - Make It Happen!
OWF13 -October 3 - Open World Forum - Make It Happen!Paris Open Source Summit
 

Empfohlen

How to help development team to manage foss during the whole industrial proc...
How to help development team to manage foss during the whole industrial proc...How to help development team to manage foss during the whole industrial proc...
How to help development team to manage foss during the whole industrial proc...Antelink
 
Ipross
IprossIpross
IprossCarlo Daffara
 
Euro petition review evaluation
Euro petition review evaluationEuro petition review evaluation
Euro petition review evaluationEdinburgh Napier University
 
FITT Toolbox: Standardisation in Media Formats
FITT Toolbox: Standardisation in Media FormatsFITT Toolbox: Standardisation in Media Formats
FITT Toolbox: Standardisation in Media FormatsFITT
 
Efficient and Enhanced Proxy Re Encryption Algorithm for Skyline Queries
Efficient and Enhanced Proxy Re Encryption Algorithm for Skyline QueriesEfficient and Enhanced Proxy Re Encryption Algorithm for Skyline Queries
Efficient and Enhanced Proxy Re Encryption Algorithm for Skyline Queriesijtsrd
 
OWF12/Open Standards for Cloud - Eu cloud strategy_sde_20121012
OWF12/Open Standards for Cloud - Eu cloud strategy_sde_20121012OWF12/Open Standards for Cloud - Eu cloud strategy_sde_20121012
OWF12/Open Standards for Cloud - Eu cloud strategy_sde_20121012Paris Open Source Summit
 
Owf12 open forges summit scott wilson, oss watch
Owf12 open forges summit scott wilson, oss watchOwf12 open forges summit scott wilson, oss watch
Owf12 open forges summit scott wilson, oss watchParis Open Source Summit
 
OWF13 -October 3 - Open World Forum - Make It Happen!
OWF13 -October 3 - Open World Forum - Make It Happen!OWF13 -October 3 - Open World Forum - Make It Happen!
OWF13 -October 3 - Open World Forum - Make It Happen!Paris Open Source Summit
 
Student x
Student xStudent x
Student xguesta20cea
 
COSCUP2020-GPL-3.0、Tivo、User Product and Security–新版開源授權對嵌入式資安防護的挑戰及因應
COSCUP2020-GPL-3.0、Tivo、User Product and Security–新版開源授權對嵌入式資安防護的挑戰及因應COSCUP2020-GPL-3.0、Tivo、User Product and Security–新版開源授權對嵌入式資安防護的挑戰及因應
COSCUP2020-GPL-3.0、Tivo、User Product and Security–新版開源授權對嵌入式資安防護的挑戰及因應Lucien C.H. Lin
 
OpenChain Monthly Meeting 2023-02-21 (North America and Asia)
OpenChain Monthly Meeting 2023-02-21 (North America and Asia)OpenChain Monthly Meeting 2023-02-21 (North America and Asia)
OpenChain Monthly Meeting 2023-02-21 (North America and Asia)Shane Coughlan
 
OpenChain Monthly Meeting North America - Europe - 2023-02-07
OpenChain Monthly Meeting North America - Europe - 2023-02-07OpenChain Monthly Meeting North America - Europe - 2023-02-07
OpenChain Monthly Meeting North America - Europe - 2023-02-07Shane Coughlan
 
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...Shane Coughlan
 
Antepedia Reporter and Fossology: Updates and new challenges toward software ...
Antepedia Reporter and Fossology: Updates and new challenges toward software ...Antepedia Reporter and Fossology: Updates and new challenges toward software ...
Antepedia Reporter and Fossology: Updates and new challenges toward software ...OW2
 
Generating SBOMS FROM FOSS (Detecting OSS licences)
Generating SBOMS FROM FOSS (Detecting OSS licences)Generating SBOMS FROM FOSS (Detecting OSS licences)
Generating SBOMS FROM FOSS (Detecting OSS licences)Thierry Gayet
 
Open Source in the Enterprise: Compliance and Risk Management
Open Source in the Enterprise: Compliance and Risk ManagementOpen Source in the Enterprise: Compliance and Risk Management
Open Source in the Enterprise: Compliance and Risk ManagementSebastiano Cobianco
 
Open Source Compliance at Orange, OW2online, June 2020
Open Source Compliance at Orange, OW2online, June 2020Open Source Compliance at Orange, OW2online, June 2020
Open Source Compliance at Orange, OW2online, June 2020OW2
 
Fundamentals of Using Open Source Code to Build Products
Fundamentals of Using Open Source Code to Build ProductsFundamentals of Using Open Source Code to Build Products
Fundamentals of Using Open Source Code to Build ProductsBrian Warner
 
2011 NASA Open Source Summit - Forge.mil
2011 NASA Open Source Summit - Forge.mil2011 NASA Open Source Summit - Forge.mil
2011 NASA Open Source Summit - Forge.milNASA Open Government Initiative
 
WP_Open-Source_Best_pratice_web
WP_Open-Source_Best_pratice_webWP_Open-Source_Best_pratice_web
WP_Open-Source_Best_pratice_webPaul Plaquette
 
Business models of open hardware
Business models of open hardwareBusiness models of open hardware
Business models of open hardwareRobert Viseur
 
Open Source Software Licence Compliance: Art or science?
Open Source Software Licence Compliance: Art or science? Open Source Software Licence Compliance: Art or science?
Open Source Software Licence Compliance: Art or science? Shane Coughlan
 
Antelink Project, OW2con11, Nov 24-25, Paris
Antelink Project, OW2con11, Nov 24-25, ParisAntelink Project, OW2con11, Nov 24-25, Paris
Antelink Project, OW2con11, Nov 24-25, ParisOW2
 
FITT Toolbox: Choosing the right License
FITT Toolbox: Choosing the right LicenseFITT Toolbox: Choosing the right License
FITT Toolbox: Choosing the right LicenseFITT
 
L'open hardware dans l'électronique (et au delà...)
L'open hardware dans l'électronique (et au delà...)L'open hardware dans l'électronique (et au delà...)
L'open hardware dans l'électronique (et au delà...)Robert Viseur
 
Session dédiée à l'analyse de la qualité du code Java - Cyril Picat - Februar...
Session dédiée à l'analyse de la qualité du code Java - Cyril Picat - Februar...Session dédiée à l'analyse de la qualité du code Java - Cyril Picat - Februar...
Session dédiée à l'analyse de la qualité du code Java - Cyril Picat - Februar...JUG Lausanne
 
TDC2016SP - Trilha Linux Embarcado
TDC2016SP - Trilha Linux EmbarcadoTDC2016SP - Trilha Linux Embarcado
TDC2016SP - Trilha Linux Embarcadotdc-globalcode
 
Open Source vs Proprietary
Open Source vs ProprietaryOpen Source vs Proprietary
Open Source vs ProprietaryM. Antoinette Jerom
 
#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...
#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...
#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...Paris Open Source Summit
 
#OSSPARIS19 : A virtual machine approach for microcontroller programming : th...
#OSSPARIS19 : A virtual machine approach for microcontroller programming : th...#OSSPARIS19 : A virtual machine approach for microcontroller programming : th...
#OSSPARIS19 : A virtual machine approach for microcontroller programming : th...Paris Open Source Summit
 

Weitere ähnliche Inhalte

Ähnlich wie EOLE / OWF 12 - License compatibility analysis and components based systems in public research - presentation of a practical approach-magali fitzgibbon (eole2012)

COSCUP2020-GPL-3.0、Tivo、User Product and Security–新版開源授權對嵌入式資安防護的挑戰及因應
COSCUP2020-GPL-3.0、Tivo、User Product and Security–新版開源授權對嵌入式資安防護的挑戰及因應COSCUP2020-GPL-3.0、Tivo、User Product and Security–新版開源授權對嵌入式資安防護的挑戰及因應
COSCUP2020-GPL-3.0、Tivo、User Product and Security–新版開源授權對嵌入式資安防護的挑戰及因應Lucien C.H. Lin
 
OpenChain Monthly Meeting 2023-02-21 (North America and Asia)
OpenChain Monthly Meeting 2023-02-21 (North America and Asia)OpenChain Monthly Meeting 2023-02-21 (North America and Asia)
OpenChain Monthly Meeting 2023-02-21 (North America and Asia)Shane Coughlan
 
OpenChain Monthly Meeting North America - Europe - 2023-02-07
OpenChain Monthly Meeting North America - Europe - 2023-02-07OpenChain Monthly Meeting North America - Europe - 2023-02-07
OpenChain Monthly Meeting North America - Europe - 2023-02-07Shane Coughlan
 
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...Shane Coughlan
 
Antepedia Reporter and Fossology: Updates and new challenges toward software ...
Antepedia Reporter and Fossology: Updates and new challenges toward software ...Antepedia Reporter and Fossology: Updates and new challenges toward software ...
Antepedia Reporter and Fossology: Updates and new challenges toward software ...OW2
 
Generating SBOMS FROM FOSS (Detecting OSS licences)
Generating SBOMS FROM FOSS (Detecting OSS licences)Generating SBOMS FROM FOSS (Detecting OSS licences)
Generating SBOMS FROM FOSS (Detecting OSS licences)Thierry Gayet
 
Open Source in the Enterprise: Compliance and Risk Management
Open Source in the Enterprise: Compliance and Risk ManagementOpen Source in the Enterprise: Compliance and Risk Management
Open Source in the Enterprise: Compliance and Risk ManagementSebastiano Cobianco
 
Open Source Compliance at Orange, OW2online, June 2020
Open Source Compliance at Orange, OW2online, June 2020Open Source Compliance at Orange, OW2online, June 2020
Open Source Compliance at Orange, OW2online, June 2020OW2
 
Fundamentals of Using Open Source Code to Build Products
Fundamentals of Using Open Source Code to Build ProductsFundamentals of Using Open Source Code to Build Products
Fundamentals of Using Open Source Code to Build ProductsBrian Warner
 
WP_Open-Source_Best_pratice_web
WP_Open-Source_Best_pratice_webWP_Open-Source_Best_pratice_web
WP_Open-Source_Best_pratice_webPaul Plaquette
 
Business models of open hardware
Business models of open hardwareBusiness models of open hardware
Business models of open hardwareRobert Viseur
 
Open Source Software Licence Compliance: Art or science?
Open Source Software Licence Compliance: Art or science? Open Source Software Licence Compliance: Art or science?
Open Source Software Licence Compliance: Art or science? Shane Coughlan
 
Antelink Project, OW2con11, Nov 24-25, Paris
Antelink Project, OW2con11, Nov 24-25, ParisAntelink Project, OW2con11, Nov 24-25, Paris
Antelink Project, OW2con11, Nov 24-25, ParisOW2
 
FITT Toolbox: Choosing the right License
FITT Toolbox: Choosing the right LicenseFITT Toolbox: Choosing the right License
FITT Toolbox: Choosing the right LicenseFITT
 
L'open hardware dans l'électronique (et au delà...)
L'open hardware dans l'électronique (et au delà...)L'open hardware dans l'électronique (et au delà...)
L'open hardware dans l'électronique (et au delà...)Robert Viseur
 
Session dédiée à l'analyse de la qualité du code Java - Cyril Picat - Februar...
Session dédiée à l'analyse de la qualité du code Java - Cyril Picat - Februar...Session dédiée à l'analyse de la qualité du code Java - Cyril Picat - Februar...
Session dédiée à l'analyse de la qualité du code Java - Cyril Picat - Februar...JUG Lausanne
 
TDC2016SP - Trilha Linux Embarcado
TDC2016SP - Trilha Linux EmbarcadoTDC2016SP - Trilha Linux Embarcado
TDC2016SP - Trilha Linux Embarcadotdc-globalcode
 

Ähnlich wie EOLE / OWF 12 - License compatibility analysis and components based systems in public research - presentation of a practical approach-magali fitzgibbon (eole2012) (20)

Student x
Student xStudent x
Student x
 
COSCUP2020-GPL-3.0、Tivo、User Product and Security–新版開源授權對嵌入式資安防護的挑戰及因應
COSCUP2020-GPL-3.0、Tivo、User Product and Security–新版開源授權對嵌入式資安防護的挑戰及因應COSCUP2020-GPL-3.0、Tivo、User Product and Security–新版開源授權對嵌入式資安防護的挑戰及因應
COSCUP2020-GPL-3.0、Tivo、User Product and Security–新版開源授權對嵌入式資安防護的挑戰及因應
 
OpenChain Monthly Meeting 2023-02-21 (North America and Asia)
OpenChain Monthly Meeting 2023-02-21 (North America and Asia)OpenChain Monthly Meeting 2023-02-21 (North America and Asia)
OpenChain Monthly Meeting 2023-02-21 (North America and Asia)
 
OpenChain Monthly Meeting North America - Europe - 2023-02-07
OpenChain Monthly Meeting North America - Europe - 2023-02-07OpenChain Monthly Meeting North America - Europe - 2023-02-07
OpenChain Monthly Meeting North America - Europe - 2023-02-07
 
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
 
Antepedia Reporter and Fossology: Updates and new challenges toward software ...
Antepedia Reporter and Fossology: Updates and new challenges toward software ...Antepedia Reporter and Fossology: Updates and new challenges toward software ...
Antepedia Reporter and Fossology: Updates and new challenges toward software ...
 
Generating SBOMS FROM FOSS (Detecting OSS licences)
Generating SBOMS FROM FOSS (Detecting OSS licences)Generating SBOMS FROM FOSS (Detecting OSS licences)
Generating SBOMS FROM FOSS (Detecting OSS licences)
 
Open Source in the Enterprise: Compliance and Risk Management
Open Source in the Enterprise: Compliance and Risk ManagementOpen Source in the Enterprise: Compliance and Risk Management
Open Source in the Enterprise: Compliance and Risk Management
 
Open Source Compliance at Orange, OW2online, June 2020
Open Source Compliance at Orange, OW2online, June 2020Open Source Compliance at Orange, OW2online, June 2020
Open Source Compliance at Orange, OW2online, June 2020
 
Fundamentals of Using Open Source Code to Build Products
Fundamentals of Using Open Source Code to Build ProductsFundamentals of Using Open Source Code to Build Products
Fundamentals of Using Open Source Code to Build Products
 
2011 NASA Open Source Summit - Forge.mil
2011 NASA Open Source Summit - Forge.mil2011 NASA Open Source Summit - Forge.mil
2011 NASA Open Source Summit - Forge.mil
 
WP_Open-Source_Best_pratice_web
WP_Open-Source_Best_pratice_webWP_Open-Source_Best_pratice_web
WP_Open-Source_Best_pratice_web
 
Business models of open hardware
Business models of open hardwareBusiness models of open hardware
Business models of open hardware
 
Open Source Software Licence Compliance: Art or science?
Open Source Software Licence Compliance: Art or science? Open Source Software Licence Compliance: Art or science?
Open Source Software Licence Compliance: Art or science?
 
Antelink Project, OW2con11, Nov 24-25, Paris
Antelink Project, OW2con11, Nov 24-25, ParisAntelink Project, OW2con11, Nov 24-25, Paris
Antelink Project, OW2con11, Nov 24-25, Paris
 
FITT Toolbox: Choosing the right License
FITT Toolbox: Choosing the right LicenseFITT Toolbox: Choosing the right License
FITT Toolbox: Choosing the right License
 
L'open hardware dans l'électronique (et au delà...)
L'open hardware dans l'électronique (et au delà...)L'open hardware dans l'électronique (et au delà...)
L'open hardware dans l'électronique (et au delà...)
 
Session dédiée à l'analyse de la qualité du code Java - Cyril Picat - Februar...
Session dédiée à l'analyse de la qualité du code Java - Cyril Picat - Februar...Session dédiée à l'analyse de la qualité du code Java - Cyril Picat - Februar...
Session dédiée à l'analyse de la qualité du code Java - Cyril Picat - Februar...
 
TDC2016SP - Trilha Linux Embarcado
TDC2016SP - Trilha Linux EmbarcadoTDC2016SP - Trilha Linux Embarcado
TDC2016SP - Trilha Linux Embarcado
 
Open Source vs Proprietary
Open Source vs ProprietaryOpen Source vs Proprietary
Open Source vs Proprietary
 

Mehr von Paris Open Source Summit

#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...
#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...
#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...Paris Open Source Summit
 
#OSSPARIS19 : A virtual machine approach for microcontroller programming : th...
#OSSPARIS19 : A virtual machine approach for microcontroller programming : th...#OSSPARIS19 : A virtual machine approach for microcontroller programming : th...
#OSSPARIS19 : A virtual machine approach for microcontroller programming : th...Paris Open Source Summit
 
#OSSPARIS19 : RIOT: towards open source, secure DevOps on microcontroller-bas...
#OSSPARIS19 : RIOT: towards open source, secure DevOps on microcontroller-bas...#OSSPARIS19 : RIOT: towards open source, secure DevOps on microcontroller-bas...
#OSSPARIS19 : RIOT: towards open source, secure DevOps on microcontroller-bas...Paris Open Source Summit
 
#OSSPARIS19 : The evolving (IoT) security landscape - Gianluca Varisco, Arduino
#OSSPARIS19 : The evolving (IoT) security landscape - Gianluca Varisco, Arduino#OSSPARIS19 : The evolving (IoT) security landscape - Gianluca Varisco, Arduino
#OSSPARIS19 : The evolving (IoT) security landscape - Gianluca Varisco, ArduinoParis Open Source Summit
 
#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...
#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...
#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...Paris Open Source Summit
 
#OSSPARIS19 : Detecter des anomalies de séries temporelles à la volée avec Wa...
#OSSPARIS19 : Detecter des anomalies de séries temporelles à la volée avec Wa...#OSSPARIS19 : Detecter des anomalies de séries temporelles à la volée avec Wa...
#OSSPARIS19 : Detecter des anomalies de séries temporelles à la volée avec Wa...Paris Open Source Summit
 
#OSSPARIS19 : Supervision d'objets connectés industriels - Eric DOANE, Zabbix
#OSSPARIS19 : Supervision d'objets connectés industriels - Eric DOANE, Zabbix#OSSPARIS19 : Supervision d'objets connectés industriels - Eric DOANE, Zabbix
#OSSPARIS19 : Supervision d'objets connectés industriels - Eric DOANE, ZabbixParis Open Source Summit
 
#OSSPARIS19: Introduction to scikit-learn - Olivier Grisel, Inria
#OSSPARIS19: Introduction to scikit-learn - Olivier Grisel, Inria#OSSPARIS19: Introduction to scikit-learn - Olivier Grisel, Inria
#OSSPARIS19: Introduction to scikit-learn - Olivier Grisel, InriaParis Open Source Summit
 
#OSSPARIS19 - Fostering disruptive innovation in AI with JEDI - André Loesekr...
#OSSPARIS19 - Fostering disruptive innovation in AI with JEDI - André Loesekr...#OSSPARIS19 - Fostering disruptive innovation in AI with JEDI - André Loesekr...
#OSSPARIS19 - Fostering disruptive innovation in AI with JEDI - André Loesekr...Paris Open Source Summit
 
#OSSPARIS19 : Comment ONLYOFFICE aide à organiser les travaux de recherches ...
#OSSPARIS19 : Comment ONLYOFFICE aide à organiser les travaux de recherches ...#OSSPARIS19 : Comment ONLYOFFICE aide à organiser les travaux de recherches ...
#OSSPARIS19 : Comment ONLYOFFICE aide à organiser les travaux de recherches ...Paris Open Source Summit
 
#OSSPARIS19 : MDPH : une solution collaborative open source pour l'instructio...
#OSSPARIS19 : MDPH : une solution collaborative open source pour l'instructio...#OSSPARIS19 : MDPH : une solution collaborative open source pour l'instructio...
#OSSPARIS19 : MDPH : une solution collaborative open source pour l'instructio...Paris Open Source Summit
 
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...Paris Open Source Summit
 
#OSSPARIS19 : Publier du code Open Source dans une banque : Mission impossibl...
#OSSPARIS19 : Publier du code Open Source dans une banque : Mission impossibl...#OSSPARIS19 : Publier du code Open Source dans une banque : Mission impossibl...
#OSSPARIS19 : Publier du code Open Source dans une banque : Mission impossibl...Paris Open Source Summit
 
#OSSPARIS19 : Libre à vous ! Raconter les libertés informatiques à la radio -...
#OSSPARIS19 : Libre à vous ! Raconter les libertés informatiques à la radio -...#OSSPARIS19 : Libre à vous ! Raconter les libertés informatiques à la radio -...
#OSSPARIS19 : Libre à vous ! Raconter les libertés informatiques à la radio -...Paris Open Source Summit
 
#OSSPARIS19 - Le logiciel libre : un enjeu politique et social - Etienne Gonn...
#OSSPARIS19 - Le logiciel libre : un enjeu politique et social - Etienne Gonn...#OSSPARIS19 - Le logiciel libre : un enjeu politique et social - Etienne Gonn...
#OSSPARIS19 - Le logiciel libre : un enjeu politique et social - Etienne Gonn...Paris Open Source Summit
 
#OSSPARIS19 - Conflits d’intérêt & concurrence : la place de l’éditeur dans l...
#OSSPARIS19 - Conflits d’intérêt & concurrence : la place de l’éditeur dans l...#OSSPARIS19 - Conflits d’intérêt & concurrence : la place de l’éditeur dans l...
#OSSPARIS19 - Conflits d’intérêt & concurrence : la place de l’éditeur dans l...Paris Open Source Summit
 
#OSSPARIS19 - Table ronde : souveraineté des données
#OSSPARIS19 - Table ronde : souveraineté des données #OSSPARIS19 - Table ronde : souveraineté des données
#OSSPARIS19 - Table ronde : souveraineté des données Paris Open Source Summit
 
#OSSPARIS19 - Comment financer un projet de logiciel libre - LUDOVIC DUBOST, ...
#OSSPARIS19 - Comment financer un projet de logiciel libre - LUDOVIC DUBOST, ...#OSSPARIS19 - Comment financer un projet de logiciel libre - LUDOVIC DUBOST, ...
#OSSPARIS19 - Comment financer un projet de logiciel libre - LUDOVIC DUBOST, ...Paris Open Source Summit
 
#OSSPARIS19 - BlueMind v4 : les dessous technologiques de 10 ans de travail p...
#OSSPARIS19 - BlueMind v4 : les dessous technologiques de 10 ans de travail p...#OSSPARIS19 - BlueMind v4 : les dessous technologiques de 10 ans de travail p...
#OSSPARIS19 - BlueMind v4 : les dessous technologiques de 10 ans de travail p...Paris Open Source Summit
 
#OSSPARIS19 - Tuto de première installation de VITAM, un système d'archivage ...
#OSSPARIS19 - Tuto de première installation de VITAM, un système d'archivage ...#OSSPARIS19 - Tuto de première installation de VITAM, un système d'archivage ...
#OSSPARIS19 - Tuto de première installation de VITAM, un système d'archivage ...Paris Open Source Summit
 

Mehr von Paris Open Source Summit (20)

#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...
#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...
#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...
 
#OSSPARIS19 : A virtual machine approach for microcontroller programming : th...
#OSSPARIS19 : A virtual machine approach for microcontroller programming : th...#OSSPARIS19 : A virtual machine approach for microcontroller programming : th...
#OSSPARIS19 : A virtual machine approach for microcontroller programming : th...
 
#OSSPARIS19 : RIOT: towards open source, secure DevOps on microcontroller-bas...
#OSSPARIS19 : RIOT: towards open source, secure DevOps on microcontroller-bas...#OSSPARIS19 : RIOT: towards open source, secure DevOps on microcontroller-bas...
#OSSPARIS19 : RIOT: towards open source, secure DevOps on microcontroller-bas...
 
#OSSPARIS19 : The evolving (IoT) security landscape - Gianluca Varisco, Arduino
#OSSPARIS19 : The evolving (IoT) security landscape - Gianluca Varisco, Arduino#OSSPARIS19 : The evolving (IoT) security landscape - Gianluca Varisco, Arduino
#OSSPARIS19 : The evolving (IoT) security landscape - Gianluca Varisco, Arduino
 
#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...
#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...
#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...
 
#OSSPARIS19 : Detecter des anomalies de séries temporelles à la volée avec Wa...
#OSSPARIS19 : Detecter des anomalies de séries temporelles à la volée avec Wa...#OSSPARIS19 : Detecter des anomalies de séries temporelles à la volée avec Wa...
#OSSPARIS19 : Detecter des anomalies de séries temporelles à la volée avec Wa...
 
#OSSPARIS19 : Supervision d'objets connectés industriels - Eric DOANE, Zabbix
#OSSPARIS19 : Supervision d'objets connectés industriels - Eric DOANE, Zabbix#OSSPARIS19 : Supervision d'objets connectés industriels - Eric DOANE, Zabbix
#OSSPARIS19 : Supervision d'objets connectés industriels - Eric DOANE, Zabbix
 
#OSSPARIS19: Introduction to scikit-learn - Olivier Grisel, Inria
#OSSPARIS19: Introduction to scikit-learn - Olivier Grisel, Inria#OSSPARIS19: Introduction to scikit-learn - Olivier Grisel, Inria
#OSSPARIS19: Introduction to scikit-learn - Olivier Grisel, Inria
 
#OSSPARIS19 - Fostering disruptive innovation in AI with JEDI - André Loesekr...
#OSSPARIS19 - Fostering disruptive innovation in AI with JEDI - André Loesekr...#OSSPARIS19 - Fostering disruptive innovation in AI with JEDI - André Loesekr...
#OSSPARIS19 - Fostering disruptive innovation in AI with JEDI - André Loesekr...
 
#OSSPARIS19 : Comment ONLYOFFICE aide à organiser les travaux de recherches ...
#OSSPARIS19 : Comment ONLYOFFICE aide à organiser les travaux de recherches ...#OSSPARIS19 : Comment ONLYOFFICE aide à organiser les travaux de recherches ...
#OSSPARIS19 : Comment ONLYOFFICE aide à organiser les travaux de recherches ...
 
#OSSPARIS19 : MDPH : une solution collaborative open source pour l'instructio...
#OSSPARIS19 : MDPH : une solution collaborative open source pour l'instructio...#OSSPARIS19 : MDPH : une solution collaborative open source pour l'instructio...
#OSSPARIS19 : MDPH : une solution collaborative open source pour l'instructio...
 
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
 
#OSSPARIS19 : Publier du code Open Source dans une banque : Mission impossibl...
#OSSPARIS19 : Publier du code Open Source dans une banque : Mission impossibl...#OSSPARIS19 : Publier du code Open Source dans une banque : Mission impossibl...
#OSSPARIS19 : Publier du code Open Source dans une banque : Mission impossibl...
 
#OSSPARIS19 : Libre à vous ! Raconter les libertés informatiques à la radio -...
#OSSPARIS19 : Libre à vous ! Raconter les libertés informatiques à la radio -...#OSSPARIS19 : Libre à vous ! Raconter les libertés informatiques à la radio -...
#OSSPARIS19 : Libre à vous ! Raconter les libertés informatiques à la radio -...
 
#OSSPARIS19 - Le logiciel libre : un enjeu politique et social - Etienne Gonn...
#OSSPARIS19 - Le logiciel libre : un enjeu politique et social - Etienne Gonn...#OSSPARIS19 - Le logiciel libre : un enjeu politique et social - Etienne Gonn...
#OSSPARIS19 - Le logiciel libre : un enjeu politique et social - Etienne Gonn...
 
#OSSPARIS19 - Conflits d’intérêt & concurrence : la place de l’éditeur dans l...
#OSSPARIS19 - Conflits d’intérêt & concurrence : la place de l’éditeur dans l...#OSSPARIS19 - Conflits d’intérêt & concurrence : la place de l’éditeur dans l...
#OSSPARIS19 - Conflits d’intérêt & concurrence : la place de l’éditeur dans l...
 
#OSSPARIS19 - Table ronde : souveraineté des données
#OSSPARIS19 - Table ronde : souveraineté des données #OSSPARIS19 - Table ronde : souveraineté des données
#OSSPARIS19 - Table ronde : souveraineté des données
 
#OSSPARIS19 - Comment financer un projet de logiciel libre - LUDOVIC DUBOST, ...
#OSSPARIS19 - Comment financer un projet de logiciel libre - LUDOVIC DUBOST, ...#OSSPARIS19 - Comment financer un projet de logiciel libre - LUDOVIC DUBOST, ...
#OSSPARIS19 - Comment financer un projet de logiciel libre - LUDOVIC DUBOST, ...
 
#OSSPARIS19 - BlueMind v4 : les dessous technologiques de 10 ans de travail p...
#OSSPARIS19 - BlueMind v4 : les dessous technologiques de 10 ans de travail p...#OSSPARIS19 - BlueMind v4 : les dessous technologiques de 10 ans de travail p...
#OSSPARIS19 - BlueMind v4 : les dessous technologiques de 10 ans de travail p...
 
#OSSPARIS19 - Tuto de première installation de VITAM, un système d'archivage ...
#OSSPARIS19 - Tuto de première installation de VITAM, un système d'archivage ...#OSSPARIS19 - Tuto de première installation de VITAM, un système d'archivage ...
#OSSPARIS19 - Tuto de première installation de VITAM, un système d'archivage ...
 

EOLE / OWF 12 - License compatibility analysis and components based systems in public research - presentation of a practical approach-magali fitzgibbon (eole2012)

  • 1. License compatibility analysis and component based systems in public research: presentation of a practical approach EOLE Conference – 12/10/2012 Magali Fitzgibbon – Technology Transfer and Innovation Department - CC BY-NC-ND 2.0
  • 2. CONTEXT Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 3. A (very) short presentation of Inria… Inria : French National Institute for Research in Computer Science and Automatic Control 8 research centers in France + head office (corporate level and local TTOs) Missions include: => fundamental and applicative research => dissemination of scientific knowledge => contributing to standardization => providing prototypes (technology transfer) Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 4. Software prototypes @Inria - Important number of software distributed under a FLOSS license - Technology transfer includes operations based on open source software (in particular by spin-off creation) - Reuse of open source preexisting components is a usual developing practice at Inria. => This leads de facto to license compatibility issues… Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 5. Software development process (seen from the legal / TTO point of view) Licensing in  STRATEGY (legal compatibility)  Licensing out Code reuse Software : set of components exploitation (pre-existing components) (with new “ex-nihilo”components) L Licensing out 1 choice Component Licensing in based systems Policy Legal status of software (Not so easy to defined) Legal status of components Component’s licence Usually well defined Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 6. Such an exercise can turn out to be difficult… License compatibility – the difficulties encountered by lawyers and TT managers: • To be familiar and deal with an important number and diversity of FLOSS licenses (jungle) • Vocabulary used in FLOSS licenses is not standardized But not only… Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 7. Reality is more than a theoretical comparison of several licenses – context/object of analysis are crucial • Great diversity of software and software architecture (how can architecture be useful for the analysis?) • Inria’s software can be made of an important number of preexisting components, usually under a FLOSS license … • … and can be developed on long period of times (10-15 years) by numerous contributors (How do you actually identify the licenses to be analyzed?) • Licensing out strategies may change during software’s life cycle (What incidence on license compatibility issues?) Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 8. Given these elements, what could be a good approach for license compatibility issues in component based systems? Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 9. I. License compatibility analysis and software’s architecture/detailed description Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 10. The 3 good reasons to ask for software’s detailed description  Identify the scope of the analysis… and be sure that everyone actually talks of the same thing!  Easier in case of software with a “modular licensing strategy”  Makes dialogue easier with researchers/developers Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 11. Using software’s architecture – the example of DIET software (monitoring High Performance Computing Infrastructures) Source: Qualipso – Report on the proposed IPR tracking methodology – 16/12/2009 – www.qualipso.org Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 12. II. How can I identify licenses to be analyzed in a (large) component based system? Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 13. Asking the development/research team: Software’s contributors point of view and memory is essential (Inria assume people are of good faith)… … but it is nevertheless often incomplete! ⇒ Components’ origin and license issues are not always a priority at the beginning of a project (POC) ⇒ Keeping a good track of what happened in a 5, 10 or 20 year development period is difficult in public research (people come and go) Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 14. Example of a representation of authors’ appearance/disappearance and evolution of % contribution to source code A different (and complementary) source of information is usually needed… Source/copyright owner: Antelink - CC BY-NC-ND 2.0 Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 15. Looking « by hand » in all header files to check for licenses Costs of analysis quickly turn to be high… Example: a software of 100 000 files = you can keep a lawyer busy a few weeks… … which means that ROI is not always satisfactory. Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 16. Using tools: the « industrial way » Code mining tools, license checkers…  They allow to gain time…  … and can therefore reduce costs of analysis! Components’ license information in header files can now be as « opened » as open source software! The experienced turned out be positive as far as Inria is concerned Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 17. However… Never forget that information still needs to be qualified! • Identifying licenses is only a start… • Comparing a list of licenses, obtained with a tool, with your licensing-out strategy is not sufficient for analysis to be efficient/complete! • Tools help/provide assistance but do not fulfill the analysis Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 18. Examples 1. An important number of files identified in one of Inria’s software with an Eclipse public license But… … after qualifying this information, the « EPL files » turned out to be source code generated by Inria’s developers with Eclipse’s framework 2. Incompatible License identified in one of Inria’s software But… It turned ou that headers were not up-to-date concerning license information Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 19. Qualifying information requires discussion between lawyers, TT managers and researchers/developers Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 20. III. Licensing-out strategy’s evolution during life cycle : what is the incidence? Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 21. What changing of licensing-out strategy means • The previous licensing-in policy (if any!) may not be pertinent anymore… • … which means that software’s exogenous components’ licenses may not be compliant with the new licensing-out strategy… • What if the previous software’s license is compatible with the new one? => Beware! Does not mean that components’ licenses are compliant! Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 22. Example  A software initially distributed under a GNU LGPL v2.1 license  A licensing-in policy was defined  Research team’s intentions change in favour of a dual licensing scheme : GNU GPL v2 and proprietary license Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 23. What the analysis revealed about the past… Example of licenses found during Compliance with the analysis (for exogenous previous GNU LGPL components) strategy Apache v.1 YES Apache v.2 YES Eclipse public license YES BSD (new) YES Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 24. What the analysis revealed about the present/future… Example of licenses found during Compliance with GNU the analysis (for exogenous GPL v2 components Apache v.1 NO Apache v.2 NO Eclipse public license NO BSD (new) YES Hopefully, solutions could be found… But shows that costs to make software legally compliant, when strategy changes, can actually become an issue Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 25. The 2nd part of the « story »: the legal issue did not turned out to be the only one…  Was the dual scheme really pertinent/appropriate? People are willing to pay for a proprietary license if they wish to redistribute themselves under a proprietary license (and avoid GNU GPL’s constraints) But, if a similar version is available somewhere under the GNU LGPL…  GNU GPL version of software needs to be sufficiently different from the previous GNU LGPL version! Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 26. What comparison of source code revealed Source/copyright owner: Antelink - CC BY-NC-ND 2.0 Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 27. Conclusion License compatibility analysis for components based systems in public research is always :  the encounter between particular software, a development and an exploitation strategies  Team work between lawyers, TT managers and researchers/developpers  And therefore a smart use and combination of people’s competence/experience and tools Which means that lawyers do not only need to rely on their « legal » expertise:  basic knowledge and curiosity of what are software and software development, is helpful Magali Fitzgibbon -Technology Transfer and Innovation Department - CC BY- NC-ND 2.0
  • 28. Thank you! www.inria.fr Report on the proposed IPR Tracking methodology (L. Grateau, M. Fitzgibbon, G. Rousseau) http://www.inria.fr/content/download/6143/55776/version/2/file/Methodologie-d-analyse-IPR.pdf Qualipso EU funded project www.qualipso.org Guide d’approche et d’analyse des licences de logiciels libres (S. Steer, M. Fitzgibbon) http://www.inria.fr/content/download/5892/48431/version/2/file/INRIA_guide_analyse_licences_libres_vf.pdf Recueil de fiches explicatives de licences libres (S. Steer, M. Fitzgibbon) http://www.inria.fr/content/download/5892/48431/version/2/file/INRIA_guide_analyse_licences_libres_vf.pdf Magali Fitzgibbon magali.fitzgibbon@inria.fr http://www.linkedin.com/pub/magali-fitzgibbon/3a/390/76a