Enviar búsqueda
Cargar
2011 NASA Open Source Summit - Bob Sutor
•
0 recomendaciones
•
2,174 vistas
NASA Open Government Initiative
Seguir
Denunciar
Compartir
Denunciar
Compartir
1 de 13
Descargar ahora
Descargar para leer sin conexión
Recomendados
2011 NASA Open Source Summit - Forge.mil
2011 NASA Open Source Summit - Forge.mil
NASA Open Government Initiative
Palamida Open Source Compliance Solution
Palamida Open Source Compliance Solution
Engineering Software Lab
Managing the Software Supply Chain: Policies that Promote Innovation While Op...
Managing the Software Supply Chain: Policies that Promote Innovation While Op...
FINOS
Open source software: The infrastructure impact
Open source software: The infrastructure impact
Rogue Wave Software
Webinar–What You Need To Know About Open Source Licensing
Webinar–What You Need To Know About Open Source Licensing
Synopsys Software Integrity Group
Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...
Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...
Black Duck by Synopsys
Webinar–The 2019 Open Source Year in Review
Webinar–The 2019 Open Source Year in Review
Synopsys Software Integrity Group
Guide to Open Source Compliance
Guide to Open Source Compliance
Samsung Open Source Group
Recomendados
2011 NASA Open Source Summit - Forge.mil
2011 NASA Open Source Summit - Forge.mil
NASA Open Government Initiative
Palamida Open Source Compliance Solution
Palamida Open Source Compliance Solution
Engineering Software Lab
Managing the Software Supply Chain: Policies that Promote Innovation While Op...
Managing the Software Supply Chain: Policies that Promote Innovation While Op...
FINOS
Open source software: The infrastructure impact
Open source software: The infrastructure impact
Rogue Wave Software
Webinar–What You Need To Know About Open Source Licensing
Webinar–What You Need To Know About Open Source Licensing
Synopsys Software Integrity Group
Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...
Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...
Black Duck by Synopsys
Webinar–The 2019 Open Source Year in Review
Webinar–The 2019 Open Source Year in Review
Synopsys Software Integrity Group
Guide to Open Source Compliance
Guide to Open Source Compliance
Samsung Open Source Group
Black duck Software's pitch
Black duck Software's pitch
i7
Webinar–Creating a Modern AppSec Toolchain to Quantify Service Risks
Webinar–Creating a Modern AppSec Toolchain to Quantify Service Risks
Synopsys Software Integrity Group
BlackDuck Suite
BlackDuck Suite
jeff cheng
Going Open: How to Make a Project Open Source
Going Open: How to Make a Project Open Source
Black Duck by Synopsys
Winning the Cage-Match: How to Successfully Navigate Open Source Software iss...
Winning the Cage-Match: How to Successfully Navigate Open Source Software iss...
Black Duck by Synopsys
Android for the Enterprise and OEMs
Android for the Enterprise and OEMs
Black Duck by Synopsys
Buyer and Seller Perspectives on Open Source in Tech Contracts
Buyer and Seller Perspectives on Open Source in Tech Contracts
Black Duck by Synopsys
Software Security Assurance for DevOps
Software Security Assurance for DevOps
Black Duck by Synopsys
OpenChain Webinar #10 - Joint Development Foundation - 2020-08-17
OpenChain Webinar #10 - Joint Development Foundation - 2020-08-17
Shane Coughlan
Open Source as an Element of Corporate Strategy
Open Source as an Element of Corporate Strategy
Black Duck by Synopsys
Outbound Licensing Strategies: Is Open Source the Right Model for Your Company?
Outbound Licensing Strategies: Is Open Source the Right Model for Your Company?
Jennifer O'Neill
Managing Penetration Testing Programs and Vulnerability Time to Live with Thr...
Managing Penetration Testing Programs and Vulnerability Time to Live with Thr...
Denim Group
Application Asset Management with ThreadFix
Application Asset Management with ThreadFix
Denim Group
Leveraging Black Duck Hub to Maximize Focus - Entersekt’s Approach to Empower...
Leveraging Black Duck Hub to Maximize Focus - Entersekt’s Approach to Empower...
Black Duck by Synopsys
Webinar–Best Practices for DevSecOps at Scale
Webinar–Best Practices for DevSecOps at Scale
Synopsys Software Integrity Group
Making the Strategic Shift to Open Source at Fujitsu Network Communication
Making the Strategic Shift to Open Source at Fujitsu Network Communication
Black Duck by Synopsys
DevSecOps: The Open Source Way
DevSecOps: The Open Source Way
Black Duck by Synopsys
Fedora In The Enterprise
Fedora In The Enterprise
kanarip
The New Development Organization: Embracing “Open” and “Sharing” to Deliver S...
The New Development Organization: Embracing “Open” and “Sharing” to Deliver S...
Black Duck by Synopsys
Open Source Insight: You Can’t Beat Hackers and the Pentagon Moves into Open...
Open Source Insight: You Can’t Beat Hackers and the Pentagon Moves into Open...
Black Duck by Synopsys
Introduction Radboud Work Environment
Introduction Radboud Work Environment
Lizette Engelen
Information Technology Supporting the Development of International Standards
Information Technology Supporting the Development of International Standards
Robert Sutor
Más contenido relacionado
La actualidad más candente
Black duck Software's pitch
Black duck Software's pitch
i7
Webinar–Creating a Modern AppSec Toolchain to Quantify Service Risks
Webinar–Creating a Modern AppSec Toolchain to Quantify Service Risks
Synopsys Software Integrity Group
BlackDuck Suite
BlackDuck Suite
jeff cheng
Going Open: How to Make a Project Open Source
Going Open: How to Make a Project Open Source
Black Duck by Synopsys
Winning the Cage-Match: How to Successfully Navigate Open Source Software iss...
Winning the Cage-Match: How to Successfully Navigate Open Source Software iss...
Black Duck by Synopsys
Android for the Enterprise and OEMs
Android for the Enterprise and OEMs
Black Duck by Synopsys
Buyer and Seller Perspectives on Open Source in Tech Contracts
Buyer and Seller Perspectives on Open Source in Tech Contracts
Black Duck by Synopsys
Software Security Assurance for DevOps
Software Security Assurance for DevOps
Black Duck by Synopsys
OpenChain Webinar #10 - Joint Development Foundation - 2020-08-17
OpenChain Webinar #10 - Joint Development Foundation - 2020-08-17
Shane Coughlan
Open Source as an Element of Corporate Strategy
Open Source as an Element of Corporate Strategy
Black Duck by Synopsys
Outbound Licensing Strategies: Is Open Source the Right Model for Your Company?
Outbound Licensing Strategies: Is Open Source the Right Model for Your Company?
Jennifer O'Neill
Managing Penetration Testing Programs and Vulnerability Time to Live with Thr...
Managing Penetration Testing Programs and Vulnerability Time to Live with Thr...
Denim Group
Application Asset Management with ThreadFix
Application Asset Management with ThreadFix
Denim Group
Leveraging Black Duck Hub to Maximize Focus - Entersekt’s Approach to Empower...
Leveraging Black Duck Hub to Maximize Focus - Entersekt’s Approach to Empower...
Black Duck by Synopsys
Webinar–Best Practices for DevSecOps at Scale
Webinar–Best Practices for DevSecOps at Scale
Synopsys Software Integrity Group
Making the Strategic Shift to Open Source at Fujitsu Network Communication
Making the Strategic Shift to Open Source at Fujitsu Network Communication
Black Duck by Synopsys
DevSecOps: The Open Source Way
DevSecOps: The Open Source Way
Black Duck by Synopsys
Fedora In The Enterprise
Fedora In The Enterprise
kanarip
The New Development Organization: Embracing “Open” and “Sharing” to Deliver S...
The New Development Organization: Embracing “Open” and “Sharing” to Deliver S...
Black Duck by Synopsys
Open Source Insight: You Can’t Beat Hackers and the Pentagon Moves into Open...
Open Source Insight: You Can’t Beat Hackers and the Pentagon Moves into Open...
Black Duck by Synopsys
La actualidad más candente
(20)
Black duck Software's pitch
Black duck Software's pitch
Webinar–Creating a Modern AppSec Toolchain to Quantify Service Risks
Webinar–Creating a Modern AppSec Toolchain to Quantify Service Risks
BlackDuck Suite
BlackDuck Suite
Going Open: How to Make a Project Open Source
Going Open: How to Make a Project Open Source
Winning the Cage-Match: How to Successfully Navigate Open Source Software iss...
Winning the Cage-Match: How to Successfully Navigate Open Source Software iss...
Android for the Enterprise and OEMs
Android for the Enterprise and OEMs
Buyer and Seller Perspectives on Open Source in Tech Contracts
Buyer and Seller Perspectives on Open Source in Tech Contracts
Software Security Assurance for DevOps
Software Security Assurance for DevOps
OpenChain Webinar #10 - Joint Development Foundation - 2020-08-17
OpenChain Webinar #10 - Joint Development Foundation - 2020-08-17
Open Source as an Element of Corporate Strategy
Open Source as an Element of Corporate Strategy
Outbound Licensing Strategies: Is Open Source the Right Model for Your Company?
Outbound Licensing Strategies: Is Open Source the Right Model for Your Company?
Managing Penetration Testing Programs and Vulnerability Time to Live with Thr...
Managing Penetration Testing Programs and Vulnerability Time to Live with Thr...
Application Asset Management with ThreadFix
Application Asset Management with ThreadFix
Leveraging Black Duck Hub to Maximize Focus - Entersekt’s Approach to Empower...
Leveraging Black Duck Hub to Maximize Focus - Entersekt’s Approach to Empower...
Webinar–Best Practices for DevSecOps at Scale
Webinar–Best Practices for DevSecOps at Scale
Making the Strategic Shift to Open Source at Fujitsu Network Communication
Making the Strategic Shift to Open Source at Fujitsu Network Communication
DevSecOps: The Open Source Way
DevSecOps: The Open Source Way
Fedora In The Enterprise
Fedora In The Enterprise
The New Development Organization: Embracing “Open” and “Sharing” to Deliver S...
The New Development Organization: Embracing “Open” and “Sharing” to Deliver S...
Open Source Insight: You Can’t Beat Hackers and the Pentagon Moves into Open...
Open Source Insight: You Can’t Beat Hackers and the Pentagon Moves into Open...
Destacado
Introduction Radboud Work Environment
Introduction Radboud Work Environment
Lizette Engelen
Information Technology Supporting the Development of International Standards
Information Technology Supporting the Development of International Standards
Robert Sutor
ApacheCon 2010 Keynote: Problems, Data, and Languages
ApacheCon 2010 Keynote: Problems, Data, and Languages
Robert Sutor
Lotusphere 2012 - Harnessing the Power of Enterprise Mobility
Lotusphere 2012 - Harnessing the Power of Enterprise Mobility
Robert Sutor
IBM Standards Principles
IBM Standards Principles
Robert Sutor
Antidepresivos duales
Antidepresivos duales
Tamesi Galdámez
Destacado
(6)
Introduction Radboud Work Environment
Introduction Radboud Work Environment
Information Technology Supporting the Development of International Standards
Information Technology Supporting the Development of International Standards
ApacheCon 2010 Keynote: Problems, Data, and Languages
ApacheCon 2010 Keynote: Problems, Data, and Languages
Lotusphere 2012 - Harnessing the Power of Enterprise Mobility
Lotusphere 2012 - Harnessing the Power of Enterprise Mobility
IBM Standards Principles
IBM Standards Principles
Antidepresivos duales
Antidepresivos duales
Similar a 2011 NASA Open Source Summit - Bob Sutor
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
Shane Coughlan
Breaking Free from Proprietary Gravitational Pull
Breaking Free from Proprietary Gravitational Pull
Great Wide Open
Practical Trademark Law for FOSS Projects
Practical Trademark Law for FOSS Projects
Shane Curcuru
Managing Community Open Source Brands
Managing Community Open Source Brands
Shane Curcuru
Open soucre(cut shrt)
Open soucre(cut shrt)
Shivani Rai
Four Steps to Creating an Effective Open Source Policy
Four Steps to Creating an Effective Open Source Policy
Black Duck by Synopsys
Intellectual Primer For Small Business oct 2011
Intellectual Primer For Small Business oct 2011
Cognition LLP
Four Steps to Creating an Effective Open Source Policy
Four Steps to Creating an Effective Open Source Policy
iasaglobal
Open Source Governance at HP
Open Source Governance at HP
Bruno Cornec
Open Source BI (OSBI)
Open Source BI (OSBI)
Fru Louis
Open Source Governance v2.5
Open Source Governance v2.5
Inria
Methods about Open Source Governance v2.5
Methods about Open Source Governance v2.5
fOSSa - Free Open Source Software Academia Conference
Osbi Sesame?
Osbi Sesame?
OKTOPUS Consulting
Fundamentals of Free and Open Source Software
Fundamentals of Free and Open Source Software
Ross Gardler
Why choose-liferay
Why choose-liferay
Ruud Kluivers
How to keep developers happy and lawyers calm
How to keep developers happy and lawyers calm
Rogue Wave Software
Open Source Contribution Policies That Don't Suck
Open Source Contribution Policies That Don't Suck
Tobie Langel
Open source softwares, 2011
Open source softwares, 2011
Florent Renucci
Ten Elements of Open Source Governance
Ten Elements of Open Source Governance
Rogue Wave Software
Lawyers and Licenses in Open Source-based Development: How to Protect Your So...
Lawyers and Licenses in Open Source-based Development: How to Protect Your So...
Sonatype
Similar a 2011 NASA Open Source Summit - Bob Sutor
(20)
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
Breaking Free from Proprietary Gravitational Pull
Breaking Free from Proprietary Gravitational Pull
Practical Trademark Law for FOSS Projects
Practical Trademark Law for FOSS Projects
Managing Community Open Source Brands
Managing Community Open Source Brands
Open soucre(cut shrt)
Open soucre(cut shrt)
Four Steps to Creating an Effective Open Source Policy
Four Steps to Creating an Effective Open Source Policy
Intellectual Primer For Small Business oct 2011
Intellectual Primer For Small Business oct 2011
Four Steps to Creating an Effective Open Source Policy
Four Steps to Creating an Effective Open Source Policy
Open Source Governance at HP
Open Source Governance at HP
Open Source BI (OSBI)
Open Source BI (OSBI)
Open Source Governance v2.5
Open Source Governance v2.5
Methods about Open Source Governance v2.5
Methods about Open Source Governance v2.5
Osbi Sesame?
Osbi Sesame?
Fundamentals of Free and Open Source Software
Fundamentals of Free and Open Source Software
Why choose-liferay
Why choose-liferay
How to keep developers happy and lawyers calm
How to keep developers happy and lawyers calm
Open Source Contribution Policies That Don't Suck
Open Source Contribution Policies That Don't Suck
Open source softwares, 2011
Open source softwares, 2011
Ten Elements of Open Source Governance
Ten Elements of Open Source Governance
Lawyers and Licenses in Open Source-based Development: How to Protect Your So...
Lawyers and Licenses in Open Source-based Development: How to Protect Your So...
Más de NASA Open Government Initiative
Nasa at i_co_p_aug2011 2
Nasa at i_co_p_aug2011 2
NASA Open Government Initiative
2011 NASA Open Source Summit - Pascal Finette
2011 NASA Open Source Summit - Pascal Finette
NASA Open Government Initiative
2011 NASA Open Source Summit - Chris DiBona
2011 NASA Open Source Summit - Chris DiBona
NASA Open Government Initiative
2011 NASA Open Source Summit - Brian Stevens
2011 NASA Open Source Summit - Brian Stevens
NASA Open Government Initiative
2011 NASA Open Source Summit - Terry Fong
2011 NASA Open Source Summit - Terry Fong
NASA Open Government Initiative
2011 NASA Open Source Summit - Patrick Hogan
2011 NASA Open Source Summit - Patrick Hogan
NASA Open Government Initiative
2011 NASA Open Source Summit - David Wheeler
2011 NASA Open Source Summit - David Wheeler
NASA Open Government Initiative
2011 NASA Open Source Summit - Chris Mattmann
2011 NASA Open Source Summit - Chris Mattmann
NASA Open Government Initiative
2011 NASA Open Source Summit - Chris Wanstrath
2011 NASA Open Source Summit - Chris Wanstrath
NASA Open Government Initiative
Más de NASA Open Government Initiative
(9)
Nasa at i_co_p_aug2011 2
Nasa at i_co_p_aug2011 2
2011 NASA Open Source Summit - Pascal Finette
2011 NASA Open Source Summit - Pascal Finette
2011 NASA Open Source Summit - Chris DiBona
2011 NASA Open Source Summit - Chris DiBona
2011 NASA Open Source Summit - Brian Stevens
2011 NASA Open Source Summit - Brian Stevens
2011 NASA Open Source Summit - Terry Fong
2011 NASA Open Source Summit - Terry Fong
2011 NASA Open Source Summit - Patrick Hogan
2011 NASA Open Source Summit - Patrick Hogan
2011 NASA Open Source Summit - David Wheeler
2011 NASA Open Source Summit - David Wheeler
2011 NASA Open Source Summit - Chris Mattmann
2011 NASA Open Source Summit - Chris Mattmann
2011 NASA Open Source Summit - Chris Wanstrath
2011 NASA Open Source Summit - Chris Wanstrath
2011 NASA Open Source Summit - Bob Sutor
1.
Bob Sutor –
VP, Open Systems Strategy 29 March, 2011 Open Source Governance for your Organization © 2011 IBM Corporation
2.
Before we get
started ! Per my website: The content on this site is my own and does not necessarily represent my employer’s positions, strategies or opinions. ! http://www.sutor.com ! This discussion does not constitute legal advice. ! I’m not an attorney, and certainly not an intellectual property attorney, and you should consult one as necessary. 2 29 March 2011 Bob Sutor - Open Source Governance for your Organization © 2011 IBM Corporation
3.
The key question
Do you have proper legal controls and business processes in place to deal with open source software? 3 29 March 2011 Bob Sutor - Open Source Governance for your Organization © 2011 IBM Corporation
4.
Your open source
governance strategy ! Five years ago, it was not uncommon for that strategy to be defined as “you shall use no open source software.” ! You need to understand the legal risks and responsibilities for any software you use, and weigh those against the business value. ! Work out a plan that specifies what business and legal controls are in place to approve use of open source in your organization or in your products, and make sure you have a well defined escalation path. 4 29 March 2011 Bob Sutor - Open Source Governance for your Organization © 2011 IBM Corporation
5.
What you need
to know ! All projects to which your employees or organizational members contribute, the free and open source licenses being used, and the intellectual property commitments those contributions make upon your company or organization. ! All use of open source code within internal processes, product development, and services engagements. 5 29 March 2011 Bob Sutor - Open Source Governance for your Organization © 2011 IBM Corporation
6.
What you need
to know ! All open source code that goes into your hardware products, software products, web-delivered services, or are given to your customers as part of consulting and services engagements. ! The location of all open source code repositories used in development, with strict rules about what code with which licenses can be combined (or not). 6 29 March 2011 Bob Sutor - Open Source Governance for your Organization © 2011 IBM Corporation
7.
What you then
need to put in place ! Uniform cross-organizational rules and policies about the use of open source, with the ability to audit adherence. ! Tools to determine code provenance: from which original bodies of open source code did your current codebase derive? ! Balanced policies to weigh the business and legal benefits and risks in using open source code. 7 29 March 2011 Bob Sutor - Open Source Governance for your Organization © 2011 IBM Corporation
8.
What you then
need to put in place ! Education for all employees and contractors, with special sections appropriate for users, contributors, developers, and distributors of open source code. ! Clear processes defining when decisions about open source can be made locally and when they must be made centrally, with paths for escalating decisions going up both the executive and legal chains. ! An aggressive policy for contributing to the various open source communities from which you benefit in your company or organization. 8 29 March 2011 Bob Sutor - Open Source Governance for your Organization © 2011 IBM Corporation
9.
The IBM experience ! Ten+
years contributing to and leading hundreds of open source projects in efforts such as Linux, Eclipse, and Apache. ! An internal governance process embodied within the Open Source Steering Committee (OSSC), with the set of rules now in their third generation in the last decade. ! The OSSC reviews all IBM external activities involving Open Source including – Starting a new OSS community/project – Contributing to an existing OSS community – Using OSS in IBM products or services – Distributing reference implementations or OSS modifications – Redistributing (OEM or Resell) vendor products containing OSS 9 29 March 2011 Bob Sutor - Open Source Governance for your Organization © 2011 IBM Corporation
10.
Use of open
source has grown ! We have seen proposals to the OSSC grow steadily. ! The proposals fall into 3 categories – Already evaluated and approved for use – Meets well-defined criteria and a centralized committee can handle – Complex or original scenarios that are best decided by top of the business ! The governance process continues to evolve – Scalability: handle increase in the number proposals – Delegation: allow business units to drive majority of decisions – Economy: don’t spend money on people and resources to answer questions to which you already know the answers. 10 29 March 2011 Bob Sutor - Open Source Governance for your Organization © 2011 IBM Corporation
11.
Some lessons learned ! We
were worried about code quality but we shouldn’t have been. ! We gained a better understanding of the open source domain – Copyright and patent complexities – License terms and conditions – Usual lack of warranty ! We learned to balanced open and proprietary. 11 29 March 2011 Bob Sutor - Open Source Governance for your Organization © 2011 IBM Corporation
12.
Some lessons learned ! We
gained a better understanding of the value of open source – How to leverage it in what we do – How and where to contribute – How to work well in open source communities ! We learned to manage the risks. ! We learned it is important to have clear business and strategic reasons for using open source 12 29 March 2011 Bob Sutor - Open Source Governance for your Organization © 2011 IBM Corporation
13.
Final thoughts ! Develop your
open source policy collaboratively among your business, technical, and legal experts, don’t dictate it. ! Education is key for employee and contractor compliance. ! Establish clear policy for what employees can and cannot do with open source in their spare time. ! Consider using code pedigree and scanning services from companies such as Black Duck, OpenLogic, and Palamida. ! Know where handling open source needs to be the same as closed source, and where it needs to be different. ! Plan to iterate on and refine your policy yearly for the first few years. 13 29 March 2011 Bob Sutor - Open Source Governance for your Organization © 2011 IBM Corporation
Descargar ahora