The FLOW Syllabus (Working Draft)

Version 39.2 by Joseph Potvin on 2014/02/13 20:41

flow-banner.png

Under Construction (Version 1.30)

  • The FLOW Syllabus is presented on a wiki so that it can be refined and extended through YOUR direct participation. Occasional 'snapshots' of this working draft will be given version numbers and will be posted on the main OSI site at http://www.opensource.org.
  • What you are looking at now is a working version of the syllabus that is being edited frequently. There is not yet a 'snapshot' that has completed a round of peer review through the OSI Working Group on Management Education.
  • The Working Group Chair, Joseph Potvin, can be reached at  jpotvin@opman.ca and 18195935983.
  • The content is provided in a single long page for the time being. Later versions may be separated by session and section onto separate pages, linked through a multi-page table of contents.
  • All links that currently expose the URL are in the process of being converted to hyperlinks, each also with a footnote that displays the URL directly at the bottom of the the page. This is done to facilitate offline use.

TABLE OF CONTENTS

  1. Session: FLOW Business Risk & Value Management - Licensing, Contracting, Trade Secrets
    1. License Similarities; Differences; Choices; Trends; Linkages to Other Types of Agreements
  2. Session: FLOW Foundations and Their Ways
    1. The Free/Libre/Open Way Part 1: FLOW Governance Concepts
      1. Real World Contract Court Cases (what went wrong; reasons for decision)
      2. Software License Risk-Minimization and Value-Maximization in the Organization's Context
    2. The Free/Libre/Open Way Part 2: Multi-Entity Team and Organizational Performance
    3. The Free/Libre/Open Way Part 3: Case Analysis
      1. Review, Integration, Operational Implications
    4. Resources

Session:

Session:

Session:

Artificial Monopolies on Computational Ideas

Session:

Session: FLOW Business Risk & Value Management - Licensing, Contracting, Trade Secrets

Preparatory Reading on License Proliferation http://www.rosenlaw.com/pdf-files/LicenseProliferation.pdf (3.5 pgs)

License Similarities; Differences; Choices; Trends; Linkages to Other Types of Agreements

Session: FLOW Foundations and Their Ways

The Free/Libre/Open Way Part 1: FLOW Governance Concepts

Real World Contract Court Cases (what went wrong; reasons for decision)

Audio File (pending): Listen to a Discussion with  an Invited Authority on Intellectual Rights Compliance Management and Risk Identification

  • Janet Campbell, Director, Intellectual Property, Secretary and Legal Counsel, Eclipse Foundation. Janet is responsible for the review of intellectual property proposed for inclusion in Eclipse open source projects.  This review includes examining both the provenance of the intellectual property and license compatibility. She is author of the Eclipse Legal Process and maintains the document on an ongoing basis. She is also co-author of the Eclipse Guide to Legal Documents, which has benefitted from the work of several contributors over the years. In this session, Janet will discuss how the Eclipse Foundation manages contributions of source code to Eclipse projects and undertakes due diligence to reduce and mitigate risks due to parties involved in re-use or re-distribution. http://www.microdoc.com/eclipse-embedded-day-2009-video-managing-open-source-legal-issues-janet-campbell

Software License Risk-Minimization and Value-Maximization in the Organization's Context

  • Current Practices
  • Concerns and Challenges
  • Interests and Opportunities

The Free/Libre/Open Way Part 2: Multi-Entity Team and Organizational Performance

Audio File (pending): Listen to a Discussion with  an Invited Authority on Contract Considerations that Affect Participation in Free/Libre/Open Works

  • Amanda Brock is Director at the international technology law firm, Origin, www.origin.co.uk. Prior to joining Origin, she was General Counsel of Canonical for 5 years. She has an LLB (Hons) from the University of Glasgow, a Masters of Comparative Jurisprudence from New York University and an LLM in IP and IT law from Queen Mary, University of London. She is admitted as a solicitor in Scotland and England and Wales. She is author of "E:Business; The Practical Guide to the Laws", and was an editor of the Butterworth's publication Electronic Business Law, and contributed a chapter on commercial agreements in open source to Walden and Shentov, Free and Open Source Software: Policy, Law and Practise, published by Oxford University Press in 2013. Amanda has lectured extensively on IT and commercial law internationally. http://www.origin.co.uk/team/amanda-brock.php

The Free/Libre/Open Way Part 3: Case Analysis

— How does someone become a participant in their projects?
— How are decisions arrived at?
— Does the license type seem to influence any aspect of governance?
— How does each address copyright ownership?
— How does each address patent non-aggression?
— What unwritten expectations should you keep in mind?

Preparation for the Session: Audio File (pending): Listen to a Discussion with  an Invited Authority on "Best Practices in Organizing and running a FOSS Foundation")

  • Mark Radcliffe is a senior partner at DLA Piper who practices corporate securities and intellectual property law. He has worked with many software companies, in particular open source companies and is Chair of the Open Source Industry Group at the firm. He assisted Sun Microsystems in open sourcing the Solaris operating system and drafting the "Common Development and Distribution License" (CDDL). He has represented eBay, Accenture, Adobe, Palm, Sony, Siemens Venture Capital, and SugarCRM (the first venture backed open source applications company). On a pro bono basis, he serves as outside General Counsel for the Open Source Initiative and on the Legal Committee of the Apache Software Foundation. He was the Chair of Committee C for the Free Software Foundation in reviewing GPLv3 and was the lead drafter for Project Harmony. In 2012, he became outside general counsel of the Open Stack Foundation. http://www.openstack.org/foundation/staff

Review, Integration, Operational Implications

  • The next two weeks
  • The next two months
  • The next two years

Resources

Validos: The Validos initiative helps businesses engage with Free Software. The primary focus of Validos is package level compliance and clear reporting to facilitate simple redistribution of code. With its format of cooperative information sharing among corporate and legal stakeholders, Validos provides a way to increase compliance fidelity and streamline code management activities. It is a Finnish registered association with thirteen members, and has a modest annual fee for participation. Website: http://www.validos.org

Binary Analysis Tool: The Binary Analysis Tool (BAT) is a modular framework that uses the same approach applied by gpl-violations.org to discover issues in consumer electronics. It can open many types of firmware, detect Linux and BusyBox issues, and report outcomes in XML format. It also features knowledge-base support to allow high fidelity customization for advanced users. BAT is available for free under the Apache license so that everyone can use, study, share and improve it. The project frequently adds new features.
Website: http://www.binaryanalysis.org

Code Janitor Tool: The Code Janitor is a tool released by the Linux Foundation that helps to search source code to make sure that developers did not leave comments that might reveal future products, product code names or discuss competitors and their products. It maintains a database of keywords to scan for, and can be customized as necessary. It is available without charge. Website: http://www.linuxfoundation.org/programs/legal/compliance/tools

Dependency Checker Tool: The Dependency Checker is a tool released by the Linux Foundation that helps identify source code combinations that will lead to dynamic and static linking, and in the context of a license policy framework can create a list of items that need to be flagged before products are released. Website: http://www.linuxfoundation.org/programs/legal/compliance/tools

FOSSology: FOSSology started as an internal project at HP to support governance processes. It is a tool that analyses all the files in a project and reports on the licenses used, basing its results on license declarations and tell-tale phrases. It also has the ability to scan for copyright notices, email addresses and URLs, allowing users to create custom reports. The project is hosted by the Linux Foundation, is available as Free Software, and is maintained in both English and German by developers from HP and other organizations. Website: http://fossology.org

Ninka: Ninka is a lightweight license identification tool for source code. It is sentence-based, and provides a simple way to identify open source licenses in a source code file. It is capable of identifying several dozen different licenses (and their variations). It has been designed to be lightweight, fast and to avoid making errors. It is available under a Free Software license. Website: http://ninka.turingmachine.org

OSS Discovery: OSS Discovery is a Free Software tool that helps scan for software inside a business network. It searches for both source code and binary instances of software, and is intended to help create an inventory of deployed applications across servers and desktops. Website: http://www.openlogic.com/products/scanners.php#oss-discovery

Black Duck Suite: The Black Duck Suite helps companies automate the management, governance and use of Free Software. It consists of various commercial products, including the Black Duck Code Center, Export and Protex. The Code Center supports the selecton of Free Software components, as well as the ongoing monitoring of the components in use. Protex and Export assist with the validation of code before deployment. The tools are powered by the Black Duck KnowledgeBase, which includes over 230,000 projects from more than 4,500 sites. Website: http://www.blackducksoftware.com/black-duck-suite

OSS Deep Discovery: OSS Deep Discovery scans source and binary code to identify Free Software, even when the code in question has been copied or modified. It uses noise-reduction techniques to reduce false positives, and reduces the amount of time and personnel resources required to analyse scan results. It is targeted towards product distribution and M&A activities in the enterprises market. Website: http://www.openlogic.com/products/scanners.php#oss-deep-discovery

Palamida Application Security Compliance Edition: Palamida Compliance Edition is an application security solution designed to help companies managed Free Software license obligations. It identifies, assesses, and manages Free Software obligations in customized code with a focus on risk management.
Website: http://www.palamida.com/products/complianceedition

Protecode System 4: Protecode System 4 scans code to analyze Free Software licenses according to customized policies. It is designed to fit into existing processes and provide a simple way to understand what is in an enterprise code portfolio. While having a small footprint, it is designed to scale into organizations with up to 20,000 developers, and works in conjunction with the Protecode IP Signatures Database to monitor 450,000 public software projects. Website: http://www.protecode.com/system4overview.php

FOSS Governance Fundamentals https://fossbazaar.org/openSourceGovernanceFundamentals

FOSS Policies and Guidelines https://fossbazaar.org/content/foss-policies-and-guidelines

A Practical Guide to GPL Compliance http://softwarefreedom.org/resources/2008/compliance-guide.html

Maintaining Permissive-Licensed Files in a GPL-Licensed Project: Guidelines for Developers http://softwarefreedom.org/resources/2007/gpl-non-gpl-collaboration.html

Useful Compliance Tips For Vendors http://fsfe.org/projects/ftf/useful-tips-for-vendors

Reporting and Fixing License Violations http://fsfe.org/projects/ftf/reporting-fixing-violations

Tags:
Created by Joseph Potvin on 2014/06/16 13:11
    

Submit feedback regarding this wiki to webmaster@opensource.org

This wiki is licensed under a Creative Commons 2.0 license
XWiki 14.10.13 - Documentation