Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

OS Program Office [clear filter]
Wednesday, October 28

12:25 GMT

The Importance of Non-code Contributions to Code-centric Open Source Projects - Marcel Kurzmann, Bosch
Handling Open Source Software in a compliant way requires a good Open Source Management that keeps you busy already. On the technical side, the component often can be downloaded, integrated and functionally tested within minutes. But what about the so called non-functional requirements.

For some Open Source Components, the necessary information as input for the Open Source Management is hard to find or even completely missing. Thus technically you can download and run the stuff, but from a legal perspective it might be, that you are not allowed to. Not because the Open Source Project wanted to actively avoid it, but the necessary "non-functional" requirements were not fulfilled yet.

This talk will show some examples for non-functional requirements, the experiences we have made at Bosch.IO with missing information and potential work-arounds. As the problem needs to be resolved at the root, the talk will highlight some community activities running that address these issues like clearlydefined.io, reuse.software, sharing-creates-value and sw360.

avatar for Marcel Kurzmann

Marcel Kurzmann

Open Source Officer, Bosch.IO GmbH
Marcel Kurzmann joined Bosch in 1997. After establishing the test-automation service team at Bosch Engineering and Acquisition Project Management in the automotive section he took over the Quality Management of Bosch Software Innovations in 2008. From 2015 he is responsible for the... Read More →

Wednesday October 28, 2020 12:25 - 12:50 GMT
OS Program Office Management Theater

16:40 GMT

Safety Critical Systems and Licensing Risk: Standard Measures and Implementations from the CHAOSS Project - Sean P. Goggins, University of Missouri
The CHAOSS Project's Software Risk working group defines standard metrics that help open source program offices identify software quality indicators, and software licensing status for any open source software project. These atomic metrics, and their standard definitions enable comparison's across projects using the software tools in the CHAOSS project's repertoire. Sean Goggins will present the collection of atomic metrics, as well as a set of community reports which consolidate, and illustrate how these atomic metrics can be usefully combined into actionable community health, and competitive analysis reports. Examples will be derived from Software Quality, and Software Licensing risk measures and be available as supplements to the published presentation for use on any set of open source software projects.


Sean P. Goggins

Professor, University of Missouri
Sean Goggins is a Professor of Computer Science, and a Technology designer and builder in a range of industries. His research focuses on building context adaptive spaces to support distributed group work, and performance assessment at the individual, group and, organizational levels... Read More →

Wednesday October 28, 2020 16:40 - 17:05 GMT
OS Program Office Management Theater

17:40 GMT

Are You Wise in the Ways of Open Source Compliance? Taxonomy and the Tools of Open Source Compliance - Gergely Csatari, Nokia & Yann Jorelle, Nokia/Aalto University
Different organizations do open source compliance differently. The approach, the level of automation and the compliance practices vary. In addition different open source communities have created a selection of tools for the compliance verification. Some tools fit some approaches better than other. But how does my organization’s approach compare to another organization’s? What tools could be useful for me? Are the tools any good? In order to compare approaches, tools and see what fits and what doesn't, the industry needs a common way to name and address the different steps in the open source compliance process. This presentation dissects the open source compliance checking steps, names and describes them (Sir Bedevere, wood, and a duck. Or was it lead?). It also describes the different approaches different companies take to executing these steps, particularly describing the Nokia approach. As a practical step, the presentation shows the results of our study to investigate how the current open source compliance tools perform the different steps of open source compliance. We might also relieve if the tools weigh the same as a duck…

avatar for Gergely Csatari

Gergely Csatari

Senior Open Source Specialist, Nokia
Gergely is working in the central part of Nokia-s OSPO and partially responsible for the outgoing contributions. He is also responsible for cloud infrastructures a contributor to CNTT, the OpenStack ECG and the CNCF TUG. Speaker experiences cover several presentations in OpenStack... Read More →

Yann Jorelle

Summer Trainee, Nokia / Aalto University
I'm a third year computer science bachelor student at Aalto University, Espoo Finland. I have been working during the summer of 2020 as a trainee at Nokia Open Source Initiatives, mainly focusing on investigating and testing the different open source tools for open source complia... Read More →

Wednesday October 28, 2020 17:40 - 18:05 GMT
OS Program Office Management Theater

Twitter Feed