15 Feb, 2019
Open source has eaten the world, but organizations are still struggling with effective open source compliance. Tools and data are stuck in-house or behind proprietary licenses. Double Open is a research project aiming to find out how to make open source compliance more open. We approach this by leveraging existing tools and standards and surveying the landscape, identifying gaps and then making a proof of concept. Ideally, the proof of concept would demonstrate a full workflow for open source compliance based on open tooling and open data. Double Open will also research business models, with API-based service provisioning being a particularly interesting candidate for closer examination.
“Open source compliance needs open tools to support it. There are already many great and open tools available, but unfortunately these do not support a full workflow for enterprise needs. The trend towards DevOps has increased the speed of development, further emphasizing the need for automation in the field”, explains Marko Jaanu, Member of the Board at Validos ry. ”Commercial tools offer some solutions, but truly open solutions would be needed for the whole ecosystem to participate and benefit out of open source compliance. For example, anyone can offer open source compliance related services on top of open tooling.” Marko Jaanu has been nominated to the board of Validos ry by one of its founding members, Fujitsu Finland Oy, where Marko serves as the Open Source Officer.
“The Double Open project does not aim to create a new open solution or new standards. There are many existing tools already. However, what’s needed is a better understanding of what a full, open and automated workflow for enterprise needs would look like. We will survey the global ecosystem for existing tools and initiatives, and aim to identify a common big picture among many participants in the ecosystem”, says Martin von Willebrand, the project owner and Partner at HH Partners, Attorneys-at-law, Ltd. “At best we would be able to help others and ourselves to together build the missing gaps. We also believe that an open ecosystem will help in contributing the open compliance data directly to open source projects.”
The first publication of the Double Open project is accessible at doubleopen.org. It covers an initial survey of open source initiatives, compliance tools and development technologies/tools. The publication is licensed under CC-BY-4.0.
If you are engaged with open source compliance, please help us by answering our short short ecosystem survey on tools and technologies used in this space. The survey can be accessed here for at least a week from this date. Filling out the survey should not take more than around 5 minutes. The results will be published as a second publication at doubleopen.org during March 2019, and may be used for preparing a more comprehensive survey around the research agenda.
The Double Open project will run until June 2020, and we plan to issue further publications as the project progresses. You can also subscribe for updates at doubleopen.org.
Toni Päärni, Project Manager
Telephone +358 9 177 613
Martin von Willebrand, Partner
Telephone +358 9 177 613
HH Partners, Attorneys-at-law, is a Helsinki-based law firm focusing on Technology, Intellectual Property and Transactions. HH Partners’ Technology practice includes an Open Technology practice which is likely the largest in Finland. HH Partners has worked regularly on assignments in open source compliance since 2008, assigned mostly by Validos ry of which HH Partners is a founding member. Double Open is a project managed by HH Partners.
Validos ry is a Finnish non-profit association that helps its members in open source compliance. Validos has been established in 2008 and provides its members with open source compliance services and consultancy, including open source policies and training. Validos members are mostly large, Finland based global enterprises using software as a part of their product and service offerings.