SlideShare ist ein Scribd-Unternehmen logo

Open Source Governance at HP

Bruno Cornec
Bruno Cornec

Open Source Governance at HP - Presentation made during the JDEV 2013

Technologie
1 von 28
Downloaden Sie, um offline zu lesen
Open Source Governance Bruno Cornec, HP EMEA Open Source and Linux Profession Lead September 2013 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Agenda ● Introduction ● Open Source & Licenses ● What is Open Source Governance ? – – ● Concepts Best practices Which Open Source Governance at HP ? 2 05/09/13 2
Introducing Myself Software engineering and Unices since 1988 ● – Mostly Configuration Management Systems (CMS), Build systems, quality tools, on multiple commercial Unix systems – Discover Open Source & Linux (OSL) & first contributions in 1993 – Full time on OSL since 1995, first as HP reseller then @HP Currently: – Master Technology Architect on OSL for the HP/Intel Solution Center, Grenoble ● – – 3 OSL HP Advocate EMEA OSL HP Profession Lead – Solutions Linux Conference and OWF board member. Conferences at WW level in LinuxCon, Linux.conf.au – MondoRescue, Dploy.org, Project-Builder.org Project Lead – LinuxCOE, mrepo, tellico, rinse, fossology, collectl contributor – FOSSBazaar and OSL Governance enthusiast – Mandriva, Mageia, Fedora packager
“Open Source” is three things Community Licenses 4 Almost 60 licenses today Some require that code changes be returned to the community at large These are called copyleft or reciprocal They are not viral This requirement is what makes the methodology work Other licenses are similar to the public domain and have few requirements Copyrights are still a core foundational element of all open source licenses Any collection of developers with a common interest Historically made up of free agents Increasingly funded by large companies sharing development costs Governments and academia also contributing at an increasing pace Methodology Communal, shared development Various projects each with their own subculture Governance models vary widely, some autocratic, others consensus based Very few roadmaps, but some projects are starting to publish them Influence and control is achieved by being integrated & involved Individuals are largely in control, not companies •You can use all three as a competitive advantage •The business model shifts to subscriptions and support •The more you get involved, the more you can influence/control 05/09/13 4
Free & Open Source Software (FOSS) Licenses no-charge software source code available binary-only source with limitations Adobe Reader 5 many java libraries freeware shareware 05/09/13 FOSS Sun SCSL no impact on other code copyleft Microsoft shared source GNU GPL GNU LGPL IBM W3C BSD Mozilla Reference URL: http://www.gnu.org/licenses/licenses.en.html Apache 5 MIT
Free & Open Source Licenses Key Points    Redistribution is permitted without a need to pay fees for distributed copies. Source code is available and may be modified. Modified versions may be distributed with permission for others to do all the above. FOSS goals are: 6 Knowledge sharing Modification to adapt Learn by looking inside 05/09/13 A FOSS is like a car whose hood is open 6
Open Source Governance Concepts © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
What is IT Governance? Specifying the decision rights and accountability framework to encourage desirable behavior in the use of IT. (Weill & Ross, “IT Governance”) IT Governance is the organizational capacity exercised by the board, executive management and IT management to control the formulation and implementation of IT strategy and in this way ensure the fusion of business and IT. (Van Grembergen, 2002) 8 IT Governance is the effective management of all IT assets, functions & processes in support of the enterprise’s business objectives. 05/09/13 8 HP Proprietary 8
Scope of IT Governance • IT operating principles • − Changes brought by extensive FOSS usage on operational principles (buy, build, reuse, ...) IT project portfolio • Enterprise Architecture • • IT application portfolio − Impact of mixing stacks using FOSS, evaluation of the technical fit first. • IT finance • IT infrastructure / operations 9 Project/Program methodology − FOSS program office addition impact, FOSS review in the development process • Human capital − Employee participation, performance plan impact, employment contract impact • Software Development Life Cycle − Interaction with FOSS communities, its viability IT procurement • IT sourcing • − Impact of FOSS on In/Out sourcing − FOSS deployment and management impacts CRM / SRM Open Source will effect many areas within an organization’s IT governance structure depending upon the organization’s business model • 05/09/13 9
Open Source Governance: Why now? ● ● ● ● 10 Compelling FOSS value proposition leading to increased pervasiveness. FOSS usage & contributions often unclear, under the radar. 80% of IT environments WW (Gartner) include or will include open source SW, but less than 10% are conscious of the risks incurred. Increasing worldwide requirements for compliance – Distribution & acquisitions issues. Current IT policies and processes not always designed for open source: – Usage must be reviewed in context. – Legal exposure from ~60 OSI “approved” licenses (HP tracks 400+). License violations can have different consequences than traditional software. Best practices and streamlined processes required to reap benefits and mitigate risks => Eliminate (perceived) risk of using Open Source. – 05/09/13 10
Why FOSS is any different than Commercial Software? To use commercial software in your development process, you must go through…. 11 Procurement! 05/09/13 11
Accepting and Managing Open Source ● The question is not if an enterprise should use FOSS, but rather when, how, where, and with whom. ● FOSS is unavoidable, it's even already there. ● Questions that need to be answered: – – Where does it come from? – How and where is it used? – How is it supported? – 12 How is FOSS chosen and acquired? What version should I be running? – Is it LSB compliant? – What are the license obligations? – How is it deployed, managed, updated and secured? – How is it tracked (how is the project tracked)? 05/09/13 12
What is Open Source Governance? Image source: http://www.niehs.nih.gov/kids/illusion/illusions7.htm 13 Open source governance is a framework of policies, processes and tools that helps an organization effectively manage all of its interactions with open source software resulting in optimal use and reduced risk. 05/09/13 13
Depends on who you ask ... What OSS is contained in this product I just purchased from my ISV partner? (Procurement) • What are the license obligations for using this OSS in our company's products? (Legal) • Which of these open source LDAP servers will best suit my IT infrastructure? (IT Department) • Is this open source xml parser really going to save me 20% of my engineer's time? (Engineering manager) • So, you work on our flagship management software product, but you also want to contribute to nagios? (IP Department) • Will statically linking this OSS library to my application cause me any problems? (S/W developer) • 14 05/09/13 14
Open Source Governance Best practices © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
HP’s interaction with FOSS ● Internal Usage – ● Incorporated in our Software Products – ● Red Hat, Suse, Debian, Ubuntu etc… Embedded in our hardware products 16 – ● OpenView, Insight Manager, SSSTK, PSP, WebOS, CloudOS… many software products including kernel modules Ship Open Source Distributions – ● OpenLDAP, Jabber (XMPP), bind (DNS), postfix (SMTP), sympa, mediawiki, etc… Printers, televisions, storage devices, etc… Active participants in the communities – Contributors in dozens of projects (including Linux, OpenLDAP, Samba, bind, sympa, ...) – Maintainers in several projects (including Debian, OpenStack, LinuxCOE, MondoRescue, cciss, ...) 05/09/13 http://opensource.hp.com/opensource_projects.html 16
Open Source Governance Maturity Model Level HP today 5 Open source librarian and quality assurance 4 “Golden” repository of software and metadata 3 17 2 1 05/09/13 Automated tools and workflow Policy and processes Training and awareness Most customers 17
HP Open Source Governance IP Best Practices (HP internally-developed): • Defined and communicated corporate-wide policies, with upper management support • Open Source Program Office Central place where all open source activities are understood for consistent communication inside/outside the company. Reponsible of http://opensource.hp.com and HP's promotion. • 18 • Open Source Review Board Core Governance process evolving throughout years, controlled by a virtual team of Open Source experts. Control FOSS used, delivered, shipped, new FOSS products, employee contributions, ... Tools  Fossology  PTS  Internal mailing list Docs  Open Source Policy Manual  Training material / Webinars  Knowledge base / Web portal Legal and IP FOSS expertise 05/09/13 18
HP Open Source Program Office Fast track OSRB Proposals: (New & Resubmit) Submitter 19 Attorney Review OSRB check for Add’l info Go OSRB PreReview Go OSRB IP Review Go OSRB Final Review Approved. Reject On-hold Request for Add’l info Feedback: Go/No Go, Add’l Info Automated Communications 05/09/13 Manual Activities 19
PTS: Proposal Tracking System - Internal tool (2nd generation) to help manage Open Source usage in HP - HP contributions requests - Personal contributions requests - Software components reuse - Interface with library DB to ease declaration - Workflow to support previous OSRB review - Online help - Champions community per BU - Fast track possibility for obvious case - Support up to the most complex cases (GPLv3 proposals, license modification, mixed contributions) - History of modifications to proposals 20 05/09/13 20
HP FOSS Governance Initiative Major HP's intellectual property contribution: • An international open source community program launched focussed on FOSS governance including − FOSSBazaar: a Web based community to develop, share and provide information and industry best practices to take advantage of FOSS benefits, Founded by HP along with partners: Coverity, Google, Linux Foundation, Novell, Olliance Group, OpenLogic and SourceForge − FOSSology: a Web based community to develop an architectural SIs/VARs framework and tools to analyze FOSS, founded by HP. − SPDX: a Linux Foundation standard for license identification in Academia upstream software − An ecosystem 21 • Centered on FOSSBazaar • Partners/Corp and academia developers, best practices and tools • HP C&I and Partners Services − Bridging • The FOSS and the Business Communities 05/09/13 21 7 mars 2008 IT Mgmt Gov/Pub Sector Service Providers ISVs & IHVs Corp Developers Developing and supporting the utilization of open standards 21
License Discovery and Analysis (1) License claims cannot be trusted • Example open source project - OpenOffice − Claimed license is LGPL (http://www.openoffice.org/license.html) • Is this for the entire package? • Has this been verified? • Does it include other components that are under a different license? − Discovered license(s) • • • • • • 22 05/09/13 From openoffice.org2_1.9.129-0.1ubuntu4.dsc (breezy) 2706 LGPL 421 OpenGroup-style 327 BSD-style 103 MIT-style 48 GPL 22
License Discovery and Analysis (2) Licenses change, all the time • Example open source project - elfutils − Core component of RedHat Linux distributions − elfutils-0.89-1 in RHEL-3 was licensed under the OSL (v1.0) − elfutils-0.91-3 in RHEL-3.1 was licensed under GPL (v2.0) • HP did not ship RHEL-3 to customers due to elfutils' license • With HP's help, license was changed to GPL for next revision of package • Typical Linux distributions contain 1000's of packages 23 05/09/13 23
Key Paradigm Tools are NOT a replacement for Open Source governance processes but will improve the processes by providing: • Enablement (manual process not viable) • Efficiencies (improved TCO) • Agility (improved time-to-market) 24 • Reliability (license detection) • Scalability (single package as well as complete distribution) • Traceability (record proposals and history) 05/09/13 24
Open Source Governance Workshop Workshop designed to guide through the top issues around management of Open Source in the enterprise. Targeted at a cross-organizational audience, including auditing, legal, procurement, operational risk management, technology strategy, and line-of-business departments • Open Source Baseline • − Business Drivers − Various open source touch points in your company − Awareness, responsibilities , risks, processes • •   Legal Aspects of Open Source Governance − Assessment of Free and Open source software phenomenon − Detailed discussion of Open Source Licenses − Bridging the legal and technical communities − Other considerations: WEB-based services, mergers and acquisitions, other 25 Open Source Policy Best Practices Automating Open Source Compliance − Open Source discovery − License detection and analysis 05/09/13   • Use of open source – when appropriate, when not appropriate for your business Review of licenses, product distribution considerations Considerations for employee contribution to open source community Company relationship with community Open Source Governance Processes    Best practices for open source tracking, review and management Open Source Compliance Lifecycle, workflow Building Internal Open Source Communities 25
Company FOSS Policies and Guidelines Considerations Recommend joint development by all involved company departments: Legal (requires FOSS legal expertise, local or outsourced), IP (patents portfolio management), IT (in charge of tooling), Development (developers trained), Business management (Risk management) Grouped in an Open Source Review Board to define the FOSS Governance: • Company use of Open Source: Define Policies & Processes •Business Drivers •Infrastructure, required tools to perform mandatory analyzes •Development Projects responsabilities •FOSS Usage models •Technical contributions, FOSS usage, shipments/distribution, ... 26 • • • • • Employee Open Source Contributions Relationships with Open Source Community Awareness, Docs, Communication and Compliance Licensing, Copyrights and Patent Guidelines Employee and Manager Responsibilities 05/09/13 26
27 05/09/13 27
Contact - Thanks Bruno.Cornec@hp.com (Open Source and Linux Technology Architect at the HP/Intel Solution Center) http://www.hp.com/linux http://opensource.hp.com Thanks goes to: 28 Linus Torvalds, Richard Stallman, Eric Raymond, Nat Makarevitch, René Cougnenc, Eric Dumas, Rémy Card, Bdale Garbee, Bryan Gartner, Craig Lamparter, Lee Mayes, Gallig Renaud, Andree Leidenfrost, Phil Robb, Bob Gobeille, Martin Michlmayr among others, for their work and devotion to the Open Source Software cause... and my family for their patience :-) « Changes are never easy to make. There is comfort and safety in tradition, but change must come, no matter how painful or expensive it may be. » Bill Hewlett

Empfohlen

Lenovo Blade Portfolio
Lenovo Blade PortfolioLenovo Blade Portfolio
Lenovo Blade Portfolio
Lenovo Data Center
 
Presentation on linux
Presentation on linuxPresentation on linux
Presentation on linux
Veeral Bhateja
 
JMI Techtalk: 한재근 - How to use GPU for developing AI
JMI Techtalk: 한재근 - How to use GPU for developing AIJMI Techtalk: 한재근 - How to use GPU for developing AI
JMI Techtalk: 한재근 - How to use GPU for developing AI
Lablup Inc.
 
Blazor + Bot Framework = a Microsoft Teams Platform Dream Team
Blazor + Bot Framework = a Microsoft Teams Platform Dream TeamBlazor + Bot Framework = a Microsoft Teams Platform Dream Team
Blazor + Bot Framework = a Microsoft Teams Platform Dream Team
Thomas Gölles
 
Tips and tricks for complex migrations to SharePoint Online
Tips and tricks for complex migrations to SharePoint OnlineTips and tricks for complex migrations to SharePoint Online
Tips and tricks for complex migrations to SharePoint Online
Andries den Haan
 
A Peek into Google's Edge TPU
A Peek into Google's Edge TPUA Peek into Google's Edge TPU
A Peek into Google's Edge TPU
Koan-Sin Tan
 
Cpu scheduling algorithm on windows
Cpu scheduling algorithm on windowsCpu scheduling algorithm on windows
Cpu scheduling algorithm on windows
siddhartha pande
 
Linux introduction
Linux introductionLinux introduction
Linux introduction
Md. Zahid Hossain Shoeb
 

Empfohlen

Lenovo Blade Portfolio
Lenovo Blade PortfolioLenovo Blade Portfolio
Lenovo Blade Portfolio
Lenovo Data Center
 
Presentation on linux
Presentation on linuxPresentation on linux
Presentation on linux
Veeral Bhateja
 
JMI Techtalk: 한재근 - How to use GPU for developing AI
JMI Techtalk: 한재근 - How to use GPU for developing AIJMI Techtalk: 한재근 - How to use GPU for developing AI
JMI Techtalk: 한재근 - How to use GPU for developing AI
Lablup Inc.
 
Blazor + Bot Framework = a Microsoft Teams Platform Dream Team
Blazor + Bot Framework = a Microsoft Teams Platform Dream TeamBlazor + Bot Framework = a Microsoft Teams Platform Dream Team
Blazor + Bot Framework = a Microsoft Teams Platform Dream Team
Thomas Gölles
 
Tips and tricks for complex migrations to SharePoint Online
Tips and tricks for complex migrations to SharePoint OnlineTips and tricks for complex migrations to SharePoint Online
Tips and tricks for complex migrations to SharePoint Online
Andries den Haan
 
A Peek into Google's Edge TPU
A Peek into Google's Edge TPUA Peek into Google's Edge TPU
A Peek into Google's Edge TPU
Koan-Sin Tan
 
Cpu scheduling algorithm on windows
Cpu scheduling algorithm on windowsCpu scheduling algorithm on windows
Cpu scheduling algorithm on windows
siddhartha pande
 
Linux introduction
Linux introductionLinux introduction
Linux introduction
Md. Zahid Hossain Shoeb
 
Ubuntu installation-presentations
Ubuntu installation-presentationsUbuntu installation-presentations
Ubuntu installation-presentations
PrimeAsia University
 
desktop support engineer
desktop support engineerdesktop support engineer
desktop support engineer
ALOK SINGH
 
Linux basic commands
Linux basic commandsLinux basic commands
Linux basic commands
Sagar Kumar
 
Linux Interrupts
Linux InterruptsLinux Interrupts
Linux Interrupts
Kernel TLV
 
Linux Introduction
Linux IntroductionLinux Introduction
Linux Introduction
Libsoul Technologies Pvt. Ltd.
 
Mobile Processors
Mobile ProcessorsMobile Processors
Mobile Processors
PreethiSureshkumar1
 
CPU
CPUCPU
CPU
Munsur Abd
 
5G Cellular D2D RDMA Clusters
5G Cellular D2D RDMA Clusters5G Cellular D2D RDMA Clusters
5G Cellular D2D RDMA Clusters
Yitzhak Bar-Geva
 
Introduction to Linux basic
Introduction to Linux basicIntroduction to Linux basic
Introduction to Linux basic
f114n
 
Introduction to TensorFlow Lite
Introduction to TensorFlow Lite Introduction to TensorFlow Lite
Introduction to TensorFlow Lite
Koan-Sin Tan
 
Core I3 Vs Core I5
Core I3 Vs Core I5Core I3 Vs Core I5
Core I3 Vs Core I5
Ayeshasidhu
 
FOSS
FOSS FOSS
FOSS
Dr. Malliga P
 
Ntroduction to computer architecture and organization
Ntroduction to computer architecture and organizationNtroduction to computer architecture and organization
Ntroduction to computer architecture and organization
Fakulti seni, komputeran dan indusri kreatif
 
CentOS Operating System Presentation (Southeast University)
CentOS Operating System Presentation (Southeast University)CentOS Operating System Presentation (Southeast University)
CentOS Operating System Presentation (Southeast University)
Mahmudul Hasan Porag
 
Ubuntu
UbuntuUbuntu
Ubuntu
home
 
An Introduction to Linux
An Introduction to LinuxAn Introduction to Linux
An Introduction to Linux
anandvaidya
 
5 p9 pnor and open bmc overview - final
5 p9 pnor and open bmc overview - final5 p9 pnor and open bmc overview - final
5 p9 pnor and open bmc overview - final
Yutaka Kawai
 
Linux fundamentals
Linux fundamentalsLinux fundamentals
Linux fundamentals
Raghu nath
 
High Performance Computing - The Future is Here
High Performance Computing - The Future is HereHigh Performance Computing - The Future is Here
High Performance Computing - The Future is Here
Martin Hamilton
 
Linux.ppt
Linux.ppt Linux.ppt
Linux.ppt
onu9
 
Open Source Governance for your Organization
Open Source Governance for your OrganizationOpen Source Governance for your Organization
Open Source Governance for your Organization
Robert Sutor
 
Open source governance with Dejacode
Open source governance with DejacodeOpen source governance with Dejacode
Open source governance with Dejacode
nexB Inc.
 

Weitere ähnliche Inhalte

Was ist angesagt?

Core I3 Vs Core I5
Core I3 Vs Core I5Core I3 Vs Core I5
Core I3 Vs Core I5
Ayeshasidhu
 
Linux fundamentals
Linux fundamentalsLinux fundamentals
Linux fundamentals
Raghu nath
 

Was ist angesagt? (20)

Ubuntu installation-presentations
Ubuntu installation-presentationsUbuntu installation-presentations
Ubuntu installation-presentations
 
desktop support engineer
desktop support engineerdesktop support engineer
desktop support engineer
 
Linux basic commands
Linux basic commandsLinux basic commands
Linux basic commands
 
Linux Interrupts
Linux InterruptsLinux Interrupts
Linux Interrupts
 
Linux Introduction
Linux IntroductionLinux Introduction
Linux Introduction
 
Mobile Processors
Mobile ProcessorsMobile Processors
Mobile Processors
 
CPU
CPUCPU
CPU
 
5G Cellular D2D RDMA Clusters
5G Cellular D2D RDMA Clusters5G Cellular D2D RDMA Clusters
5G Cellular D2D RDMA Clusters
 
Introduction to Linux basic
Introduction to Linux basicIntroduction to Linux basic
Introduction to Linux basic
 
Introduction to TensorFlow Lite
Introduction to TensorFlow Lite Introduction to TensorFlow Lite
Introduction to TensorFlow Lite
 
Core I3 Vs Core I5
Core I3 Vs Core I5Core I3 Vs Core I5
Core I3 Vs Core I5
 
FOSS
FOSS FOSS
FOSS
 
Ntroduction to computer architecture and organization
Ntroduction to computer architecture and organizationNtroduction to computer architecture and organization
Ntroduction to computer architecture and organization
 
CentOS Operating System Presentation (Southeast University)
CentOS Operating System Presentation (Southeast University)CentOS Operating System Presentation (Southeast University)
CentOS Operating System Presentation (Southeast University)
 
Ubuntu
UbuntuUbuntu
Ubuntu
 
An Introduction to Linux
An Introduction to LinuxAn Introduction to Linux
An Introduction to Linux
 
5 p9 pnor and open bmc overview - final
5 p9 pnor and open bmc overview - final5 p9 pnor and open bmc overview - final
5 p9 pnor and open bmc overview - final
 
Linux fundamentals
Linux fundamentalsLinux fundamentals
Linux fundamentals
 
High Performance Computing - The Future is Here
High Performance Computing - The Future is HereHigh Performance Computing - The Future is Here
High Performance Computing - The Future is Here
 
Linux.ppt
Linux.ppt Linux.ppt
Linux.ppt
 

Andere mochten auch

Project and portfolio management
Project and portfolio managementProject and portfolio management
Project and portfolio management
Lilian Schaffer
 
Project Governance Model
Project Governance ModelProject Governance Model
Project Governance Model
Constient
 

Andere mochten auch (15)

Open Source Governance for your Organization
Open Source Governance for your OrganizationOpen Source Governance for your Organization
Open Source Governance for your Organization
 
Open source governance with Dejacode
Open source governance with DejacodeOpen source governance with Dejacode
Open source governance with Dejacode
 
Sdn presentation
Sdn presentation Sdn presentation
Sdn presentation
 
Inner Source Webinar Series: Open Source Community Development Methods
Inner Source Webinar Series: Open Source Community Development MethodsInner Source Webinar Series: Open Source Community Development Methods
Inner Source Webinar Series: Open Source Community Development Methods
 
The Right Tool for the Right Project
The Right Tool for the Right ProjectThe Right Tool for the Right Project
The Right Tool for the Right Project
 
HPE Agile Manager and Project and Portfolio Management PPM overview
HPE Agile Manager and Project and Portfolio Management PPM overview HPE Agile Manager and Project and Portfolio Management PPM overview
HPE Agile Manager and Project and Portfolio Management PPM overview
 
Project and portfolio management
Project and portfolio managementProject and portfolio management
Project and portfolio management
 
Get Ready to Modernize the Core
Get Ready to Modernize the CoreGet Ready to Modernize the Core
Get Ready to Modernize the Core
 
Cwin16 tls-partner-hpe-digital economy & Hybrid IT
Cwin16 tls-partner-hpe-digital economy & Hybrid ITCwin16 tls-partner-hpe-digital economy & Hybrid IT
Cwin16 tls-partner-hpe-digital economy & Hybrid IT
 
Hpe Intelligent Management Center
Hpe Intelligent Management CenterHpe Intelligent Management Center
Hpe Intelligent Management Center
 
Project Governance Model
Project Governance ModelProject Governance Model
Project Governance Model
 
Benefits of Transforming to a Hybrid Infrastructure - HPE
Benefits of Transforming to a Hybrid Infrastructure - HPEBenefits of Transforming to a Hybrid Infrastructure - HPE
Benefits of Transforming to a Hybrid Infrastructure - HPE
 
Cwin16 tls-partner-mark logic-an innovation journey in manufacturing
Cwin16 tls-partner-mark logic-an innovation journey in manufacturingCwin16 tls-partner-mark logic-an innovation journey in manufacturing
Cwin16 tls-partner-mark logic-an innovation journey in manufacturing
 
Program governance Structure
Program governance StructureProgram governance Structure
Program governance Structure
 
Project governance
Project governanceProject governance
Project governance
 

Ähnlich wie Open Source Governance at HP

KB Seminars: Working with Technology - Platforms; 10/13
KB Seminars: Working with Technology - Platforms; 10/13KB Seminars: Working with Technology - Platforms; 10/13
KB Seminars: Working with Technology - Platforms; 10/13
MDIF
 
GoOpen 2010: Sandro D'Elia
GoOpen 2010: Sandro D'EliaGoOpen 2010: Sandro D'Elia
GoOpen 2010: Sandro D'Elia
Friprogsenteret
 
Open Source Content Management Systems for Small and Medium Businesses, Chari...
Open Source Content Management Systems for Small and Medium Businesses, Chari...Open Source Content Management Systems for Small and Medium Businesses, Chari...
Open Source Content Management Systems for Small and Medium Businesses, Chari...
Will Hall
 

Ähnlich wie Open Source Governance at HP (20)

Open Source Governance v2.5
Open Source Governance v2.5Open Source Governance v2.5
Open Source Governance v2.5
 
Methods about Open Source Governance v2.5
Methods about Open Source Governance v2.5Methods about Open Source Governance v2.5
Methods about Open Source Governance v2.5
 
opensource.ppt
opensource.pptopensource.ppt
opensource.ppt
 
Identifying and managing the risks of open source software for PHP developers
Identifying and managing the risks of open source software for PHP developersIdentifying and managing the risks of open source software for PHP developers
Identifying and managing the risks of open source software for PHP developers
 
Open source presentation to lgma workshop april 2010
Open source presentation to lgma workshop april 2010Open source presentation to lgma workshop april 2010
Open source presentation to lgma workshop april 2010
 
KB Seminars: Working with Technology - Platforms; 10/13
KB Seminars: Working with Technology - Platforms; 10/13KB Seminars: Working with Technology - Platforms; 10/13
KB Seminars: Working with Technology - Platforms; 10/13
 
HP Fossology v5.3
HP Fossology v5.3HP Fossology v5.3
HP Fossology v5.3
 
Os Robb
Os RobbOs Robb
Os Robb
 
Open source presentation enterprise ireland 2010
Open source presentation enterprise ireland 2010Open source presentation enterprise ireland 2010
Open source presentation enterprise ireland 2010
 
GoOpen 2010: Sandro D'Elia
GoOpen 2010: Sandro D'EliaGoOpen 2010: Sandro D'Elia
GoOpen 2010: Sandro D'Elia
 
SIM RTP Meeting - So Who's Using Open Source Anyway?
SIM RTP Meeting - So Who's Using Open Source Anyway?SIM RTP Meeting - So Who's Using Open Source Anyway?
SIM RTP Meeting - So Who's Using Open Source Anyway?
 
lamp.pptx
lamp.pptxlamp.pptx
lamp.pptx
 
Open source: Making connections by Sunny Pai
Open source: Making connections by Sunny PaiOpen source: Making connections by Sunny Pai
Open source: Making connections by Sunny Pai
 
Open Source Content Management Systems for Small and Medium Businesses, Chari...
Open Source Content Management Systems for Small and Medium Businesses, Chari...Open Source Content Management Systems for Small and Medium Businesses, Chari...
Open Source Content Management Systems for Small and Medium Businesses, Chari...
 
Open Source Software For Education (Mel Mc Intyre) Open App
Open Source Software For Education (Mel Mc Intyre) Open AppOpen Source Software For Education (Mel Mc Intyre) Open App
Open Source Software For Education (Mel Mc Intyre) Open App
 
Go open2010 sde_20100417
Go open2010 sde_20100417Go open2010 sde_20100417
Go open2010 sde_20100417
 
Fundamentals of Free and Open Source Software
Fundamentals of Free and Open Source SoftwareFundamentals of Free and Open Source Software
Fundamentals of Free and Open Source Software
 
My Seminar
My SeminarMy Seminar
My Seminar
 
FLOSS in SMEs
FLOSS in SMEsFLOSS in SMEs
FLOSS in SMEs
 
Single-Vendor Open Source at the Crossroads
Single-Vendor Open Source at the CrossroadsSingle-Vendor Open Source at the Crossroads
Single-Vendor Open Source at the Crossroads
 

Mehr von Bruno Cornec

Mehr von Bruno Cornec (20)

Diaporama-TMG.pdf
Diaporama-TMG.pdfDiaporama-TMG.pdf
Diaporama-TMG.pdf
 
Diaporama-2023.pdf
Diaporama-2023.pdfDiaporama-2023.pdf
Diaporama-2023.pdf
 
Concert Amicus Meus 2023
Concert Amicus Meus 2023Concert Amicus Meus 2023
Concert Amicus Meus 2023
 
Docker-v3.pdf
Docker-v3.pdfDocker-v3.pdf
Docker-v3.pdf
 
intro-linux-v4.pdf
intro-linux-v4.pdfintro-linux-v4.pdf
intro-linux-v4.pdf
 
Diaporama Exultate 2022
Diaporama Exultate 2022Diaporama Exultate 2022
Diaporama Exultate 2022
 
Diaporama-2021.pdf
Diaporama-2021.pdfDiaporama-2021.pdf
Diaporama-2021.pdf
 
Introduction à Linux et aux logiciels libres
Introduction à Linux et aux logiciels libresIntroduction à Linux et aux logiciels libres
Introduction à Linux et aux logiciels libres
 
Diaporama Variations 2019
Diaporama Variations 2019Diaporama Variations 2019
Diaporama Variations 2019
 
IPMI is dead, Long live Redfish
IPMI is dead, Long live RedfishIPMI is dead, Long live Redfish
IPMI is dead, Long live Redfish
 
Diaporama Exultate 2019
Diaporama Exultate 2019Diaporama Exultate 2019
Diaporama Exultate 2019
 
Diaporama Exultate 2018
Diaporama Exultate 2018Diaporama Exultate 2018
Diaporama Exultate 2018
 
Diaporama Exultate 2017
Diaporama Exultate 2017Diaporama Exultate 2017
Diaporama Exultate 2017
 
Diaporama 2018 Guerre de 100 ans
Diaporama 2018 Guerre de 100 ansDiaporama 2018 Guerre de 100 ans
Diaporama 2018 Guerre de 100 ans
 
Introduction aux logiciels libres et à Linux
Introduction aux logiciels libres et à LinuxIntroduction aux logiciels libres et à Linux
Introduction aux logiciels libres et à Linux
 
Diaporama 2011 Musique pour la Vierge
Diaporama 2011 Musique pour la ViergeDiaporama 2011 Musique pour la Vierge
Diaporama 2011 Musique pour la Vierge
 
Diaporama 2012 Musique polychorale
Diaporama 2012 Musique polychoraleDiaporama 2012 Musique polychorale
Diaporama 2012 Musique polychorale
 
Diaporama 2016 Musique Allemande
Diaporama 2016 Musique AllemandeDiaporama 2016 Musique Allemande
Diaporama 2016 Musique Allemande
 
Diaporama 2015 François Ier
Diaporama 2015 François IerDiaporama 2015 François Ier
Diaporama 2015 François Ier
 
Guide Open Source Syntec Numérique
Guide Open Source Syntec NumériqueGuide Open Source Syntec Numérique
Guide Open Source Syntec Numérique
 

Kürzlich hochgeladen

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Kürzlich hochgeladen (20)

AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 

Open Source Governance at HP

  • 1. Open Source Governance Bruno Cornec, HP EMEA Open Source and Linux Profession Lead September 2013 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 2. Agenda ● Introduction ● Open Source & Licenses ● What is Open Source Governance ? – – ● Concepts Best practices Which Open Source Governance at HP ? 2 05/09/13 2
  • 3. Introducing Myself Software engineering and Unices since 1988 ● – Mostly Configuration Management Systems (CMS), Build systems, quality tools, on multiple commercial Unix systems – Discover Open Source & Linux (OSL) & first contributions in 1993 – Full time on OSL since 1995, first as HP reseller then @HP Currently: – Master Technology Architect on OSL for the HP/Intel Solution Center, Grenoble ● – – 3 OSL HP Advocate EMEA OSL HP Profession Lead – Solutions Linux Conference and OWF board member. Conferences at WW level in LinuxCon, Linux.conf.au – MondoRescue, Dploy.org, Project-Builder.org Project Lead – LinuxCOE, mrepo, tellico, rinse, fossology, collectl contributor – FOSSBazaar and OSL Governance enthusiast – Mandriva, Mageia, Fedora packager
  • 4. “Open Source” is three things Community Licenses 4 Almost 60 licenses today Some require that code changes be returned to the community at large These are called copyleft or reciprocal They are not viral This requirement is what makes the methodology work Other licenses are similar to the public domain and have few requirements Copyrights are still a core foundational element of all open source licenses Any collection of developers with a common interest Historically made up of free agents Increasingly funded by large companies sharing development costs Governments and academia also contributing at an increasing pace Methodology Communal, shared development Various projects each with their own subculture Governance models vary widely, some autocratic, others consensus based Very few roadmaps, but some projects are starting to publish them Influence and control is achieved by being integrated & involved Individuals are largely in control, not companies •You can use all three as a competitive advantage •The business model shifts to subscriptions and support •The more you get involved, the more you can influence/control 05/09/13 4
  • 5. Free & Open Source Software (FOSS) Licenses no-charge software source code available binary-only source with limitations Adobe Reader 5 many java libraries freeware shareware 05/09/13 FOSS Sun SCSL no impact on other code copyleft Microsoft shared source GNU GPL GNU LGPL IBM W3C BSD Mozilla Reference URL: http://www.gnu.org/licenses/licenses.en.html Apache 5 MIT
  • 6. Free & Open Source Licenses Key Points    Redistribution is permitted without a need to pay fees for distributed copies. Source code is available and may be modified. Modified versions may be distributed with permission for others to do all the above. FOSS goals are: 6 Knowledge sharing Modification to adapt Learn by looking inside 05/09/13 A FOSS is like a car whose hood is open 6
  • 7. Open Source Governance Concepts © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 8. What is IT Governance? Specifying the decision rights and accountability framework to encourage desirable behavior in the use of IT. (Weill & Ross, “IT Governance”) IT Governance is the organizational capacity exercised by the board, executive management and IT management to control the formulation and implementation of IT strategy and in this way ensure the fusion of business and IT. (Van Grembergen, 2002) 8 IT Governance is the effective management of all IT assets, functions & processes in support of the enterprise’s business objectives. 05/09/13 8 HP Proprietary 8
  • 9. Scope of IT Governance • IT operating principles • − Changes brought by extensive FOSS usage on operational principles (buy, build, reuse, ...) IT project portfolio • Enterprise Architecture • • IT application portfolio − Impact of mixing stacks using FOSS, evaluation of the technical fit first. • IT finance • IT infrastructure / operations 9 Project/Program methodology − FOSS program office addition impact, FOSS review in the development process • Human capital − Employee participation, performance plan impact, employment contract impact • Software Development Life Cycle − Interaction with FOSS communities, its viability IT procurement • IT sourcing • − Impact of FOSS on In/Out sourcing − FOSS deployment and management impacts CRM / SRM Open Source will effect many areas within an organization’s IT governance structure depending upon the organization’s business model • 05/09/13 9
  • 10. Open Source Governance: Why now? ● ● ● ● 10 Compelling FOSS value proposition leading to increased pervasiveness. FOSS usage & contributions often unclear, under the radar. 80% of IT environments WW (Gartner) include or will include open source SW, but less than 10% are conscious of the risks incurred. Increasing worldwide requirements for compliance – Distribution & acquisitions issues. Current IT policies and processes not always designed for open source: – Usage must be reviewed in context. – Legal exposure from ~60 OSI “approved” licenses (HP tracks 400+). License violations can have different consequences than traditional software. Best practices and streamlined processes required to reap benefits and mitigate risks => Eliminate (perceived) risk of using Open Source. – 05/09/13 10
  • 11. Why FOSS is any different than Commercial Software? To use commercial software in your development process, you must go through…. 11 Procurement! 05/09/13 11
  • 12. Accepting and Managing Open Source ● The question is not if an enterprise should use FOSS, but rather when, how, where, and with whom. ● FOSS is unavoidable, it's even already there. ● Questions that need to be answered: – – Where does it come from? – How and where is it used? – How is it supported? – 12 How is FOSS chosen and acquired? What version should I be running? – Is it LSB compliant? – What are the license obligations? – How is it deployed, managed, updated and secured? – How is it tracked (how is the project tracked)? 05/09/13 12
  • 13. What is Open Source Governance? Image source: http://www.niehs.nih.gov/kids/illusion/illusions7.htm 13 Open source governance is a framework of policies, processes and tools that helps an organization effectively manage all of its interactions with open source software resulting in optimal use and reduced risk. 05/09/13 13
  • 14. Depends on who you ask ... What OSS is contained in this product I just purchased from my ISV partner? (Procurement) • What are the license obligations for using this OSS in our company's products? (Legal) • Which of these open source LDAP servers will best suit my IT infrastructure? (IT Department) • Is this open source xml parser really going to save me 20% of my engineer's time? (Engineering manager) • So, you work on our flagship management software product, but you also want to contribute to nagios? (IP Department) • Will statically linking this OSS library to my application cause me any problems? (S/W developer) • 14 05/09/13 14
  • 15. Open Source Governance Best practices © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 16. HP’s interaction with FOSS ● Internal Usage – ● Incorporated in our Software Products – ● Red Hat, Suse, Debian, Ubuntu etc… Embedded in our hardware products 16 – ● OpenView, Insight Manager, SSSTK, PSP, WebOS, CloudOS… many software products including kernel modules Ship Open Source Distributions – ● OpenLDAP, Jabber (XMPP), bind (DNS), postfix (SMTP), sympa, mediawiki, etc… Printers, televisions, storage devices, etc… Active participants in the communities – Contributors in dozens of projects (including Linux, OpenLDAP, Samba, bind, sympa, ...) – Maintainers in several projects (including Debian, OpenStack, LinuxCOE, MondoRescue, cciss, ...) 05/09/13 http://opensource.hp.com/opensource_projects.html 16
  • 17. Open Source Governance Maturity Model Level HP today 5 Open source librarian and quality assurance 4 “Golden” repository of software and metadata 3 17 2 1 05/09/13 Automated tools and workflow Policy and processes Training and awareness Most customers 17
  • 18. HP Open Source Governance IP Best Practices (HP internally-developed): • Defined and communicated corporate-wide policies, with upper management support • Open Source Program Office Central place where all open source activities are understood for consistent communication inside/outside the company. Reponsible of http://opensource.hp.com and HP's promotion. • 18 • Open Source Review Board Core Governance process evolving throughout years, controlled by a virtual team of Open Source experts. Control FOSS used, delivered, shipped, new FOSS products, employee contributions, ... Tools  Fossology  PTS  Internal mailing list Docs  Open Source Policy Manual  Training material / Webinars  Knowledge base / Web portal Legal and IP FOSS expertise 05/09/13 18
  • 19. HP Open Source Program Office Fast track OSRB Proposals: (New & Resubmit) Submitter 19 Attorney Review OSRB check for Add’l info Go OSRB PreReview Go OSRB IP Review Go OSRB Final Review Approved. Reject On-hold Request for Add’l info Feedback: Go/No Go, Add’l Info Automated Communications 05/09/13 Manual Activities 19
  • 20. PTS: Proposal Tracking System - Internal tool (2nd generation) to help manage Open Source usage in HP - HP contributions requests - Personal contributions requests - Software components reuse - Interface with library DB to ease declaration - Workflow to support previous OSRB review - Online help - Champions community per BU - Fast track possibility for obvious case - Support up to the most complex cases (GPLv3 proposals, license modification, mixed contributions) - History of modifications to proposals 20 05/09/13 20
  • 21. HP FOSS Governance Initiative Major HP's intellectual property contribution: • An international open source community program launched focussed on FOSS governance including − FOSSBazaar: a Web based community to develop, share and provide information and industry best practices to take advantage of FOSS benefits, Founded by HP along with partners: Coverity, Google, Linux Foundation, Novell, Olliance Group, OpenLogic and SourceForge − FOSSology: a Web based community to develop an architectural SIs/VARs framework and tools to analyze FOSS, founded by HP. − SPDX: a Linux Foundation standard for license identification in Academia upstream software − An ecosystem 21 • Centered on FOSSBazaar • Partners/Corp and academia developers, best practices and tools • HP C&I and Partners Services − Bridging • The FOSS and the Business Communities 05/09/13 21 7 mars 2008 IT Mgmt Gov/Pub Sector Service Providers ISVs & IHVs Corp Developers Developing and supporting the utilization of open standards 21
  • 22. License Discovery and Analysis (1) License claims cannot be trusted • Example open source project - OpenOffice − Claimed license is LGPL (http://www.openoffice.org/license.html) • Is this for the entire package? • Has this been verified? • Does it include other components that are under a different license? − Discovered license(s) • • • • • • 22 05/09/13 From openoffice.org2_1.9.129-0.1ubuntu4.dsc (breezy) 2706 LGPL 421 OpenGroup-style 327 BSD-style 103 MIT-style 48 GPL 22
  • 23. License Discovery and Analysis (2) Licenses change, all the time • Example open source project - elfutils − Core component of RedHat Linux distributions − elfutils-0.89-1 in RHEL-3 was licensed under the OSL (v1.0) − elfutils-0.91-3 in RHEL-3.1 was licensed under GPL (v2.0) • HP did not ship RHEL-3 to customers due to elfutils' license • With HP's help, license was changed to GPL for next revision of package • Typical Linux distributions contain 1000's of packages 23 05/09/13 23
  • 24. Key Paradigm Tools are NOT a replacement for Open Source governance processes but will improve the processes by providing: • Enablement (manual process not viable) • Efficiencies (improved TCO) • Agility (improved time-to-market) 24 • Reliability (license detection) • Scalability (single package as well as complete distribution) • Traceability (record proposals and history) 05/09/13 24
  • 25. Open Source Governance Workshop Workshop designed to guide through the top issues around management of Open Source in the enterprise. Targeted at a cross-organizational audience, including auditing, legal, procurement, operational risk management, technology strategy, and line-of-business departments • Open Source Baseline • − Business Drivers − Various open source touch points in your company − Awareness, responsibilities , risks, processes • •   Legal Aspects of Open Source Governance − Assessment of Free and Open source software phenomenon − Detailed discussion of Open Source Licenses − Bridging the legal and technical communities − Other considerations: WEB-based services, mergers and acquisitions, other 25 Open Source Policy Best Practices Automating Open Source Compliance − Open Source discovery − License detection and analysis 05/09/13   • Use of open source – when appropriate, when not appropriate for your business Review of licenses, product distribution considerations Considerations for employee contribution to open source community Company relationship with community Open Source Governance Processes    Best practices for open source tracking, review and management Open Source Compliance Lifecycle, workflow Building Internal Open Source Communities 25
  • 26. Company FOSS Policies and Guidelines Considerations Recommend joint development by all involved company departments: Legal (requires FOSS legal expertise, local or outsourced), IP (patents portfolio management), IT (in charge of tooling), Development (developers trained), Business management (Risk management) Grouped in an Open Source Review Board to define the FOSS Governance: • Company use of Open Source: Define Policies & Processes •Business Drivers •Infrastructure, required tools to perform mandatory analyzes •Development Projects responsabilities •FOSS Usage models •Technical contributions, FOSS usage, shipments/distribution, ... 26 • • • • • Employee Open Source Contributions Relationships with Open Source Community Awareness, Docs, Communication and Compliance Licensing, Copyrights and Patent Guidelines Employee and Manager Responsibilities 05/09/13 26
  • 28. Contact - Thanks Bruno.Cornec@hp.com (Open Source and Linux Technology Architect at the HP/Intel Solution Center) http://www.hp.com/linux http://opensource.hp.com Thanks goes to: 28 Linus Torvalds, Richard Stallman, Eric Raymond, Nat Makarevitch, René Cougnenc, Eric Dumas, Rémy Card, Bdale Garbee, Bryan Gartner, Craig Lamparter, Lee Mayes, Gallig Renaud, Andree Leidenfrost, Phil Robb, Bob Gobeille, Martin Michlmayr among others, for their work and devotion to the Open Source Software cause... and my family for their patience :-) « Changes are never easy to make. There is comfort and safety in tradition, but change must come, no matter how painful or expensive it may be. » Bill Hewlett