Black Duck’s protexIP – Safer Open Source Code Usage

Open source can immediately prompt the words ‘law suit’ in some peoples’ minds, but Black Duck have introduced a software platform that helps developers catch and resolve potential intellectual property disputes.

A large software project may involve code and components from many sources – increasingly parts of a project may have open source origins. It’s highly likely that there will be some software on the computer that you’re using to read this now that will depend on open source components – and indeed the core of the internet depends on open source applications such as Apache.

Recently, some high profile conflicts between source code owners and developers has led to some very expensive and high profile legal challenges. The number of licenses, projects and obligations that a company needs to be aware of when looking to make a product that may involve open source code is immense – and checking and analysing what needs to be done, or what may happen if there is a conflict, is expensive and time-consuming.

Black Duck’s protexIP suite informs developers of code origins, license obligations and potential violations by producing a check list of items for them to resolve. Users can even run ‘whatif’ queries on code combinations.

The product is based around Black Duck’s 50gb knowledge base with information on more than 225 licenses. The company also uses spiders to monitor some 250 key open source projects to keep protexIP up to date.

“As open source and third party components proliferate and become nested in increasingly complex applications, the challenge of assuring compliance with licensing obligations becomes overwhelming without a comprehensive compliance platform,” said Karen Copenhaver, executive vice president and general counsel of Black Duck. “protexIP/license management empowers the lawyer’s oversight of the development process, from helping define and implement open source policy to approval of software release.”

Annual subscription packages start at US$9,500 (€7,595) for up to 2 seats. protexIP/license management customers must also subscribe to a protexIP/development package, which start at $12,500 (€9,993) for up to 5 seats.

protexIP

Published by

Fraser Lovatt

Fraser Lovatt has spent the last fifteen years working in publishing, TV and the Internet in various capacities, and believes that they will be seperate platforms for at least a while yet. His main interests at the moment are exploring where Linux is taking home entertainment and how technology is conferring technical skills on more and more people. Fraser Lovatt was born in the same year that 2001: A Space Odyssey was delighting and confusing people in the cinemas, and developed a lifelong love of technology as soon as he realised that things could be taken apart, sometimes put back together again, but mostly left in bits or made into something the original designer hadn't quite planned upon. At school he was definitely in the ZX Spectrum/Magpie/BMX camp, rather than the BBC Micro/Blue Peter/well-behaved group. This is all deeply ironic as he later went on to spend nine years working at the BBC. After a few years of working as a bookseller in Scotland, ("Back when it was actually a skilled profession" he'll tell anyone still listening), he moved to England for reasons he can't quite explain adequately to himself. After a couple of publishing jobs punctuated by sporadic bursts of travelling and photography came the aforementioned nine years at the BBC where he specialised in internet technologies and video. These days his primary interests are Java, Linux, videogames and pies - and if they're not candidates for convergence, then what is?