Understanding Industry Requirements for FLOSS Governance Tools

Abstract : Almost all software products today incorporate free/libre, and open source software (FLOSS) components. Companies must govern their FLOSS use to avoid potential risks to their intellectual property resulting from the use of FLOSS components. A particular challenge is license compliance. To manage the complexity of license compliance, companies should use tools and well-defined processes to perform these tasks time and cost efficiently. This paper investigates and presents common industry requirements for FLOSS governance tools, followed by an evaluation of the suggested requirements by matching them with the features of existing tools.We chose 10 industry leading companies through polar theoretical sampling and interviewed their FLOSS governance experts to derive a theory of industry needs and requirements for tooling. We then analyzed the features of a governance tools sample and used this analysis to evaluate two categories of our theory: FLOSS license scanning and FLOSS in product bills of materials. The result is a list of FLOSS governance requirements based on our qualitative study of the industry, evaluated using the existing governance tool features. For higher practical relevance, we cast our theory as a requirements specification for FLOSS governance tools.
Document type :
Conference papers
Complete list of metadatas

Cited literature [46 references]  Display  Hide  Download

https://hal.inria.fr/hal-01875494
Contributor : Hal Ifip <>
Submitted on : Monday, September 17, 2018 - 2:35:49 PM
Last modification on : Monday, September 24, 2018 - 2:26:55 PM
Long-term archiving on : Tuesday, December 18, 2018 - 2:28:51 PM

File

 Restricted access
To satisfy the distribution rights of the publisher, the document is embargoed until : 2021-01-01

Please log in to resquest access to the document

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Nikolay Harutyunyan, Andreas Bauer, Dirk Riehle. Understanding Industry Requirements for FLOSS Governance Tools. 14th IFIP International Conference on Open Source Systems (OSS), Jun 2018, Athens, Greece. pp.151-167, ⟨10.1007/978-3-319-92375-8_13⟩. ⟨hal-01875494⟩

Share

Metrics

Record views

44