This presentation introduces the OW2 Open Source Good Governance initiative and the challenges facing open source governance managers.

1. 2020
OW2 OSS Good Governance initiative
OSS Governance with a European Perspective
An Introduction
June 2020

2. 22020
Supply-Side Approach Four open source models

3. 3Cedric Thomas, OW2

4. 4Cedric Thomas, OW2

5. 5Cedric Thomas, OW2

6. 6Cedric Thomas, OW2

7. 7Cedric Thomas, OW2https://pixabay.com/fr/cadre-cadre-photo-remplage-1534814/

8. 82018 Cedric Thomas
DeveloperDeveloper EntrepreneurEntrepreneur EcosystemEcosystem IndustryIndustry
●
Opportunistic disruption
●
Organic response
●
Strategic commoditization
●
Collaborative innovation
●
Concentration
●
Expansion
€
£
$
¥€
£
$
¥
€
£
$
¥
●
Individualistic intention
●
Ethical sharing
Combined
Proprietary & OSS
Innovation
OSS Innovation
Proprietary Innovation

9. 92018 Cedric Thomas
Challenges Ahead Ten crucial challenges
Image: https-//commons.wikimedia.org/wiki/File-Road_in_Maui,_Hawaii_(8017312033)

10. 10Cedric Thomas, OW2
1. Uncontrolled Reuse 80 to 90% of an application is composed of
components
Recent failure: leftpad, equifax, evenstream
FUD from compliance and vulnerability war
stories may slow adoption
Way forward:
Automatic license management (SPDX)
Development best practices (OpenChain)
Advanced dependency management
(FASTEN, Eclipse Steady, SW360)
Source: Sonatype, DevSecOps Comunity Survey, 2018
Original
code

11. 11Cedric Thomas, OW2
2. SaaS vs OSS OSS
Value proposition
= functional code +
freedom
OSS four
freedoms based on
access to code
Users bring in their
technology efforts
Users receive free
code and community
support
Labour intensive
SaaS
Value proposition
= consumable
service
Access to code
not part of the deal
Users register and
provide data. Usage
data is collected
Users settle their on-
demand billings
Capital intensive
Capital
Labour
Code Service
GNU Logo:https://www.gnu.org/graphics/gnu-30.html
Programmer
Datacenter

12. 12Cedric Thomas, OW2
3. IA and OSS Conventional
programming
Input x Program
→ Output
Knowledge is in
the program
Program quality is
important
Developer is central
to the creation process
Machine learning
programming
Input x Output →
Program
Knowledge is is
the data
Data quality is
important
Developer is lateral
to the creation process
Prof. Vogelsang, TU Berlin, 2nd Hamburg Requirements Engineering Symposium

13. 13Cedric Thomas, OW2
4. IoT and Verticalisation Beyond enterprise software
Pervasiveness of the open source model
Propagated with the software defined
everything paradigm in IoT, Telco, etc.
Diversity and fragmentation
Reduced mutualisation across silos
Proprietary implementations

14. 14Cedric Thomas, OW2
5. Deviations Opportunistic
Foundations
Open innovation
vs open source
innovation:
Market positioning
Technology
ecosystems
Information
sharing
“Market power
over Community”
https://fr.wikipedia.org/wiki/Les_Tricheurs_(Le_Caravage)#/media/Fichier:Cardsharps-Caravaggio_(c.1597).jpg
Code usage control
Deviations from
fundamental OSS
freedoms
Variations on
licenses
Re free riders
Variations on code
usage intentions
Code = law?

15. 15Cedric Thomas, OW2
6. Free Riders A tragedy of the commons
Consumer attitude drains the ecosystem
OSS maintainer burnout
OSS vendors struggling
How to reconnect users with developer
communities?
Supply-push + Demand-pull
The role of the Open Source Programme
Office (OSPO)
Compliance → Vulnerability
OSS ecosystem engagement

16. 162018 Cedric Thomas
7. OSS Innovation Reflects Market
Structure
Can EU SW industry envision extraordinary
profits and monopoly positions?
Outsider in SW industry → Outsider in next
market (platforms, AI, etc.)
Open source software is an avatar of
proprietary software industry.
Dominant positions in global software industry
are reflected in open source.
OSS innovation most efficient choice where no
dominant position is expected.
Proprietary IP innovations only where dominant
positions can be expected.
Source: P. Evans, Global Platform Database, Center for Global Enterpsies, 2015

17. 17Cedric Thomas, OW2
8. Won? Really? Healthy and growing market
Average 2015-2020 growth: 11.6%
The bulk of the market is still elsewhere
OSS market penetration rate goes toward 14%
A monetization issue?
But mostly invisible for conventional investors
OSS-centric vision of the world
Fish don’t know they’re in water2015 2016 2017 2018 2019 2020
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
Open Source Software and Services Market in Europe
OW2 estimates based on published data by PAC and Gartner

18. 18Cedric Thomas, OW2
9. The 1% Industry? Multi-ecosystem players
Keystone players
e.g. IBM, Microsoft, Cisco, Huawei
Followers
e.g. Orange, Adobe
Single-ecosystem players
Significant investment and commitment in a selected
ecosystem
e.g. Rackspace and Fujitsu in OpenStack, Bosch in
Eclipse, Telefonica in FIware, Yahoo in Apache
Niche players
Contributors (sometimes, temporarily key) and
followers in single-ecosystem strategies
e.g. Mirantis, Docker, Obeo.

19. 19Cedric Thomas, OW2
10. IT Outsourcing Global IT outsourcing market is forecast to grow
at a CAGR of 5% during 2020-2024
Simplified HR management
Access to a larger talent pool
State-of-the-art best practices
Cost control
Open source not in the interest of IT outsourcing
vendors
Loss of control → Vendor proprietary components
Loss of IT expertise → Vendor technology
Customer ownership → Vendor lockin
Loss of culture → Vendor HR churn rate

20. 202018 Cedric Thomas
Demand-Side Approach Open Source Governance

21. 212020
“Open-source software is used within
mission-critical IT workloads by over 90% of
the IT organizations worldwide, whether they
are aware of it or not.”
Gartner, What Every CIO Must Know About Open Source Software
30th March 2017 ”
“…it is essential that users engage with
communities and contribute to their
open source ecosystems. This takes
compliance to the next level, and this is
what open source governance is about.”
OW2 Newsletter August 2019
https://www.ow2.org/view/Newsletters/August2019Newsletter“Climbing the maturity curve is no longer a
question; it is central to successful execution
of an IT industrial strategy.”
Christian Paterson, Director OSS Group, Orange, August 2019

22. 222020
Three Drivers
Cross-pollination of industry best practice
beyond compliance and the fragmentation of
national silos.
Neutral home to host experience sharing. But
big global organisations are not easy to deal
with.
EU context is relevant both economically and
culturally. A convenient framework and scale for
sovereignty issues.
Neutral, accessible organisation.
Raise our collective level of expertise.
Pan-European industry initiative.

23. 232020
Why OW2? Accessible Global
Organisation with EU DNA
Proven organisation
Spotless track record
Uniquely accessible
Diversified code base
European DNA
EU-driven: motivated by EU interests
Rather than EU-focused (i.e. attracted by
EU market opportunities)
Recognized by the EC
International
Global recognition
Open to global opportunities

24. 242020
Fitting in the Busy
Space of Open Source
Governance
ToDo Group
and ToDo Goup Europe (LF)
OpenChain initiative (LF)
“Sharing creates value”
GitHub space
OSS Tooling Group
Industrial Open Source Network
DoubleOpen

25. 252020
The Path to Good Governance
Maturity
- Pyramid by Chiquo - Own work, CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=77918631
- Abraham Maslow, 1943 paper "A Theory of Human Motivation" in Psychological Review.
Abraham Maslow’s Hierarchy of Behavioral Motivation
Technically using OSS. Technical ability and
experience with OSS. Some OSS awareness.
Securely and responsibly using OSS. Compliance
and dependency management policies.
Implementing best practices. Developing OSS
culture. Sharing experience.
Engaging with the OSS ecosystem. Contributing
back. Developing visibility, event participation.
Embracing the full potential of OSS. Proactively
using OSS for innovation and competitiveness. 5
4
3
2
1
Strategy
Engagement
Belonging
Security
Usage
OW2 Stack to OSS Good Governance Maturity

26. 262020
Introducing the OSS Good
Governance initiative
EU users to share experience, questions and best
practices
OSPO maturity
Share experience and implementation know-how
Promote a unified Market Readiness Levels approach
Toward developers
Help promote best practices and awareness
Advertise our checklist of expected good practices
Compliance and sourcing
Share common OSS license understanding
Resources: tools, “disclosure” documents, etc.
European Commission outreach
Jointly elaborate a pragmatic strategy/action plan
aimed at supporting the EU OSS ecosystem
OSPO knowledge and experience
European focus (and open to world)
Low cost, agile, open, pragmatic
OSPO: Open Source Program Office
Join at:
https://www.ow2.org/view/OSS_Governance/

27. 272020
www.ow2.org
For more details please contact Cedric Thomas, OW2 CEO, cedric.thomas@ow2.org
And now let's talk
Q&A
Disagreements
Complements
Feedback
etc.
Thank You

28. 282020
Credentials
https://nl.wikipedia.org/wiki/Bestand:Office_building_icon.png
http://pngimg.com/download/24540 image: Building PNG
https://virtual-strategy.com/2020/05/15/global-it-outsourcing-market-analysis-2020-with-key-ve

29. 292020
Non-Profit Open Source Organization
European and Global
Governance Members Code Base
Community Activities