Process for using Open source

Despite the advanced levels of ISO, CMMi definition and deployment in Indian IT organizations, the process for using open source is  still at beginner levels.  In view of the enormous advantages,  open source software  can no longer be ignored by commercial firms. As an example, it may be useful to know that  HP is using  open source in 80% of their products.   As free software  organizations have taken measures against violators, an appropriate process must be put in place and implemented at the earliest.  Process Framework needs to cater to streamline existing usage and  for initiating new usage. I give a simple  process outline below as an initial guidance.

Process for regulating existing usage

•  If an organization,  has been operational beyond an year and employs developers, it  needs to start with a survey of open source usage as the first step. A survey form can be designed based on the nature of the work and relevant open source resources. A generic form is available for download. Alternately  automatic scanning software OSS Discovery can be used, the results from it can be mapped into the above form for further work.
• Once the data are captured, analysis of the data is required to develop a plan of action.
• If the open source is for internal use, the effectiveness can be evaluated.
• If the open source is embedded in a product, compliance steps based on the license of open source can be implemented.

Process for new use

• Define a broad approval process  which can encourage use of open source for experimental purposes and regulate use for product development
• Gather details of the open source alternatives from sources like Oslat and Wikipedia  , issues and  support available.
• Evaluate  the proposal based on robust evaluation criteria covering both short term and long term issues, benefits.
• If  proposal is not approved, develop/license a proprietary equivalent.

Tools to manage use of Open source software

There are several open source and proprietary solutions to manage open source software in businesses. Links for some of them are given below.

Free: Fossology(database needs to be built for each enterprise),   OSS Discovery (Supports automatic scanning of machines) 

Pay: Blackduck software  (allows integration into development process to trigger violations).

Credit:Process graphic from Wiki Commons

Open source licenses - Guidance for businesses

When any business is interested in using Open source, the immediate question that comes to mind is about licensing . Specifically, what licensing terms are available and what liabilities are imposed. The reason it is difficult for firms to work with open source is not only the many licenses in the open source world, but that most licensing terms are frozen and are not amenable for negotiation. Thankfully, there are also several licenses which permit commercial usage without any restriction on modifications. Some software is also released under multiple licenses, at least one of which is commercial friendly.

As the open source has evolved over the last 3 decades, we have several different licenses and existing ones are being updated and new ones are being created, as I write. To get the best benefit out of open source, more awareness of the most popular licenses is needed. Let me assure you that you do not need to be a legal expert to understand the same. An excellent overview is available online as part of the free book "Producing open source software", by Karl Fogel. GPL is the most widely used license and it is always evolving. GPLV3 includes support for the new technlogies like web services, Digital services etc. You can read more about it on the wikipedia

I provide a simple guidance for firms based on the nature of their use of open source. Please note that I am not a legal expert and legal opinion is to be sought before making final decision.

Implication of Open source licenses based on type of usage

Intent behind using Open source	Implications with regard to license
Use open source sw internally and no intention to add/modify (eg: run a web server)	No need to worry about open source license, as all of them offer you the freedom to run the software
Use open source in products sold	Provide a way for your customers to get the sourcecode either on a CD, ftp site etc
Use open source in web services	Select open source with license like GPL3, which includes web services in its scope

If you are part of a propreitary company but yet to venture deep into using open source, you need to do lot of work to work with your legal team, put process in place for regulating use of open source. It is worthwhile to pursue the same, as Open source is a reality that no company can afford to ignore.