http://practical-tech.com/development/best-practices-for-using-open-source-software/ for practical people. Wed, 17 Mar 2010 00:49:37 +0000 http://wordpress.org/?v=2.9.2 hourly 1 http://practical-tech.com/development/best-practices-for-using-open-source-software/comment-page-1/#comment-360 phrobb Thu, 03 Jul 2008 19:10:18 +0000 http://practical-tech.com/?p=371#comment-360 Hi Steven: Your point about "Open source software management best practices are, in many ways, the same as any corporate software best practices" is right on. What I have found at HP and in talking with many folks on this subject is that the *goals* are the same, but the process(es) to achieve the goals may need to be different. For example, when using commercial software, typically a PO/Invoice/Check need to get created before the software is acquired. This allows corporate governance (this time in the form of a procurement office) to be injected by force into the process. The procurement office can validate the supplier, negotiate the support contract, minimize the number of "preferred suppliers", negotiate the best terms, scrutinize (and sometimes negotiate changes to) the licensing terms etc. Since open source software can be acquired freely by the developer through the simple process of a web search and download, a different process (including much awareness and policy training) is needed at a minimum and possibly a "procurement office for open source" is established as well. With your Verizon example above, it shows how good existing governance processes need to be augmented to accommodate open source within the supply chain. Consumers of *commercial products* must now include questions regarding the use of open source within those commercial products including: - A full list of what open source is used - A statement that the supplier is aware of, and abiding all of the license terms of the open source software within that commercial product - willingness to deliver all associated source code where the license requires it. - Assurances that if the supplier is found to be in breach of an open source license, they warrant that they will correct the situation at their own expense. These are not commonly discussed topics between suppliers and consumers of products but as more commercial software and hardware take advantage of open source technologies they are topics that need to be addressed. There are many other "topics" similar to those mentioned already that need to be understood and accounted-for with regard to open source software. HP, the Linux Foundation and other interested organizations launched a website called FOSSBazaar.org to document those topics and to provide a forum from which Best Practices could be collaboratively created. It's kind of like an open source effort for creating open source governance best practices. It's a great place to get a handle on these topics, and I encourage you and your readers to come check it out. Hi Steven:
Your point about “Open source software management best practices are, in many ways, the same as any corporate software best practices” is right on. What I have found at HP and in talking with many folks on this subject is that the *goals* are the same, but the process(es) to achieve the goals may need to be different.
For example, when using commercial software, typically a PO/Invoice/Check need to get created before the software is acquired. This allows corporate governance (this time in the form of a procurement office) to be injected by force into the process. The procurement office can validate the supplier, negotiate the support contract, minimize the number of “preferred suppliers”, negotiate the best terms, scrutinize (and sometimes negotiate changes to) the licensing terms etc. Since open source software can be acquired freely by the developer through the simple process of a web search and download, a different process (including much awareness and policy training) is needed at a minimum and possibly a “procurement office for open source” is established as well.
With your Verizon example above, it shows how good existing governance processes need to be augmented to accommodate open source within the supply chain. Consumers of *commercial products* must now include questions regarding the use of open source within those commercial products including:
- A full list of what open source is used
- A statement that the supplier is aware of, and abiding all of the license terms of the open source software within that commercial product
- willingness to deliver all associated source code where the license requires it.
- Assurances that if the supplier is found to be in breach of an open source license, they warrant that they will correct the situation at their own expense.
These are not commonly discussed topics between suppliers and consumers of products but as more commercial software and hardware take advantage of open source technologies they are topics that need to be addressed.
There are many other “topics” similar to those mentioned already that need to be understood and accounted-for with regard to open source software. HP, the Linux Foundation and other interested organizations launched a website called FOSSBazaar.org to document those topics and to provide a forum from which Best Practices could be collaboratively created. It’s kind of like an open source effort for creating open source governance best practices. It’s a great place to get a handle on these topics, and I encourage you and your readers to come check it out.

]]>