Pause and networking

FOSSBazaar is an open community dedicated to the governance of open source. It aims to empower individuals and organizations across the enterprise to understand the issues that exist with free and open source software (FOSS), the processes that can assist to properly govern the implementation and deployment of FOSS, and the tools that can be used to assist these efforts across the lifecycle of an open source project. The vision of FOSSBazaar is to serve as a gathering place to discuss, explore, share experiences and cooperatively solve issues related to FOSS governance. As such, the site serves the open source community as a forum representative of open source users and providers worldwide.

QualiPSo, a unique alliance of ICT industry players, SMEs, governments and academics whose role it is to help industry and governments fuel innovation and competitiveness in the field of Open Source software. Founded at the end of 2006, the consortium sets out to define and implement the technologies, processes and policies needed to facilitate the development and use of Open Source software components with the same level of trust traditionally enjoyed by proprietary software. QualiPSo is the largest ever Open Source initiative funded by the European Commission, as part of the Information Society Technologies (IST) initiative. Projects details and contacts: http://www.QualiPSo.org

The objective of the talk is to present some of the best practices that were extracted from the experiences of the past EU projects in the area of OSS adoption, among them COSPA, tOSSAD, CALIBRE, FLOSSMETRICS and OpenTTT. For companies and public administrations that still are not using a structured adoption process, some simple, pragmatic rules have been found to substantially increase the probability of a successful OSS adoption. The talk will present a summary of the main results in this area, and will include some of those best practices and what kind of effort is necessary to implement them in companies of all sizes.

Despite many thousands of open source projects are enterprise ready, there is a general lack of knowledge about them and about how to find them. To qualify and select open source software factors that are open source specific - ranging from the sustainability of its community to the easiness to contribute to the code - have to be considered. The goal is to provide enterprises and organizations with a clear methodology supported by a collection of tools useful to determine the risk associated with the usage of specific open source software components. The presentation aims to provide a view into how is possible to identify open source candidates that are robust (stable, mature and backed by a viable community), supported (either by a community or vendors) and grant evolvability (readable and maintainable code).

I will present two case studies that illustrate the management of open source software in complex organizations. The presentation offers insight into best practices in the adoption of open source software and in the management of software licensing. The first case study describes how a premier Asian university system has developed policies and procedures to roll out and manage a mixed environment of open source and proprietary software. The second case study details issues faced by a major financial organization in implementing open source software and in constructing a policy framework in their enterprise. This study will also review what worked and what didn't for the organization.

Cocktail-Lunch and networking

The importance of the open source clearinghouse in SIEMENS AG: present and future perspectives, putting emphasis on the quality aspects as tools to improve the IT governance processes.

How much do you need to know about usage of open source software in your organization? How light or how deep do you need to go? Your mileage *does* vary and the level of depth and breadth needed is not the same for every organization.Join us for an review of the main open source re-use contexts and a discussion on how to better adapt open source governance practices to your context and your risk profile. If you work for an enterprise IT organization, a government IT organization, a software vendor or a device manufacturer in a legal, corporate development or software development capacity, this talk can provide you with valuable insights on how to better plan and right-size your open source governance and due diligence efforts.

Legal questions are at the very base of FLOSS. Despite a lot of interests and efforts in the recent years the situation is not quite satisfactory. There are legal issues and uncertainties associated to FLOSS that are often not very well understood. As part of the QualiPSo European project we decided to work on two kinds of issues. First the ones regarding the meaning and interpretation of Open Source licenses in relation to a particular national law (although FLOSS is global, law is local) and second the understanding of what we call the Legal Status of a software using Open Source components (a problem encompassing the so called license compatibility problem, where you want to determine the conditions upon which such a software could be distributed). This talk will describe our efforts and results so far on these two kinds of issues and discuss their future.

Some of modern FLOSS licenses contain provisions which deal with software patents. Such clauses can be a strong weapon to fight with patent abuses, however it also can be a deadly conduit of unintentional technology leaks. In this talk, such patent-relating provisions in several widely-used FLOSS licenses will be scrutinized, and a simple summary will be given about what are required and what are not in each license.

Hub and spoke, the model that combines a product core, in the hands of an open source software vendor, together with hundreds of extensions or plugins provided by a community of developpers and partners, is a model for software architecture, for community governance, a model for development, as well as a business model. Vendors in the open source arena have drawn great benefits and a strong competitive edge from this model, while bringing clients and end-users the benefits of a solid core and a solid partner, as well as the profusion and dynamic that only community can achieve. We will take a closer look at the various aspects of this model, and try to understand why proprietary software is lagging in that respect.

Sharing Open Source License and Copyright Data Organizations across the globe are creating and distributing products that include open source software. To ensure compliance with the open source licenses, each company needs to evaluate exactly what open source licenses and copyrights are included – resulting in duplicated effort and redundancy. This talk will provide an overview of a new Software Package Data Exchange (SPDX) specification being created by FOSSBazaar. This specification will provide a common format to share information about the open source licenses and copyrights that are included in any software package, with the goal of saving time and improving data accuracy. This talk will review the progress of the initiative; discuss the benefits to organizations using open source and share information on how you can contribute.

Pause and networking