android for the enterprise and oems

Android for the Enterprise and OEMs

Peter Vescuso

Black Duck Software

Copyright © 2011 Black Duck Software, Inc. All Rights Reserved.

Plan Code

Approve Catalog ValidateAcquire

KnowledgeBase

Governance

Monitor

Build ReleaseTest

OSS info, e.g. GitHub, Maven, …

About Black Duck SoftwareBuild better software faster by automating and managing the

acquisition and governance of open source

3

Consumerization of IT

My Laptop

Copyright © 2011 Black Duck Software, Inc. All Rights Reserved. 4

Agenda

Market Trends

Enterprise IT

OEM & Device Manufacturers

Summary

5

Consumerization of IT

Processor: 1.4 GHZStorage: 32 GBVideo: 3D, HDMI, more


Future of Enterprise IT


Moore’s Model Requires IT Evolution

Systems of Record Systems of Engagement

8

Open SSH

Open LDAP

Open SSL

Open Source as the Foundation for Mobility Infrastructure

Front End

Back End

Security Development

Memcached

Glassfish

Devices


OSS and IT Infrastructure: Benefits and Challenges with Open Source

Key Benefits– Flexibility

Modify, mix, reuse code

– Innovation Leverage OSS

and community– Cost Optimization

Reduce or eliminate acquisition costs

Challenges– Technical Failure

Operational exposure

Needs to be audited, managed

– Security Risks Business

exposure– IP Risks

Legal exposure

“Open source is ubiquitous, it’s unavoidable….having a policy against open source is impractical and places you at a competitive disadvantage”

Source: Mark Driver, Gartner Group, November 2010


Complexity for OEMs/Device Manufacturers

Components and code from many suppliers

Need to control and manage building software on a rapidly changing O/S– Multiple releases per year

Customize Android for:– The type of device (phone, tablet, TV, etc.)

Device drivers, power consumption, etc.– User experience

Do it all while ensuring compliance


Android & Vendor Innovation

Developers

Typical areas of vendor/developer innovation

Source: Google - //source.android.com/


Software Package Data Exchange™ (SPDX™)

Working group of the Linux Foundation

Charter: Create data exchange standards to enable

license and component information sharing (metadata)

Participation from over 16 organizations including software, systems and tool vendors, consultants and foundations

“SPDX is a crucial building block in an industry-wide system of automated license compliance administration” Eben Moglen, SFLC


Enabling Developer Freedom (with Visibility and Control)

Strategy– Articulate the business

objectives for use of OSS

Policy & Process– OSS policy & management

process

Training & Technology– Automate governance and

compliance– Design-in and automate

policies


Getting Started….

Black Duck Governance Fast Start A fully functioning governance and automation

platform configured with industry best practices to provide immediate returns

Includes:― Policy - initial policy implementation to get started― Acquisition - automated approval/request process and

workflow for acquisition of open source ― Catalog - pre-populated catalog with popular OSS

components― Compliance - automated validation server― Support - optional commercial support from credativ

For organizations that want to implement a governance solution quickly and increase sophistication and capability over time.


Summary

Android has revolutionized the mobile and device landscape

Enterprise infrastructure is adapting to “Systems of Engagement,” open source is key enabler

Developers need freedom to use the best code, Management needs visibility and control

Solution requires training, tools, and processes

android for the enterprise and oems

Technology

acquisition of open

open sourceopen source

building software

functioning governance

governance solution

devicesopen source

device drivers

yearcustomize android