android for the enterprise and oems
TRANSCRIPT
Copyright © 2011 Black Duck Software, Inc. All Rights Reserved.
Plan Code
Approve Catalog ValidateAcquire
KnowledgeBase
Governance
Monitor
Build ReleaseTest
OSS info, e.g. GitHub, Maven, …
About Black Duck SoftwareBuild better software faster by automating and managing the
acquisition and governance of open source
Copyright © 2011 Black Duck Software, Inc. All Rights Reserved. 4
Agenda
Market Trends
Enterprise IT
OEM & Device Manufacturers
Summary
Copyright © 2011 Black Duck Software, Inc. All Rights Reserved.
Moore’s Model Requires IT Evolution
Systems of Record Systems of Engagement
8
Open SSH
Open LDAP
Open SSL
Open Source as the Foundation for Mobility Infrastructure
Front End
Back End
Security Development
Memcached
Glassfish
Devices
Copyright © 2011 Black Duck Software, Inc. All Rights Reserved. 9
OSS and IT Infrastructure: Benefits and Challenges with Open Source
Key Benefits– Flexibility
Modify, mix, reuse code
– Innovation Leverage OSS
and community– Cost Optimization
Reduce or eliminate acquisition costs
Challenges– Technical Failure
Operational exposure
Needs to be audited, managed
– Security Risks Business
exposure– IP Risks
Legal exposure
“Open source is ubiquitous, it’s unavoidable….having a policy against open source is impractical and places you at a competitive disadvantage”
Source: Mark Driver, Gartner Group, November 2010
Copyright © 2011 Black Duck Software, Inc. All Rights Reserved.
Complexity for OEMs/Device Manufacturers
Components and code from many suppliers
Need to control and manage building software on a rapidly changing O/S– Multiple releases per year
Customize Android for:– The type of device (phone, tablet, TV, etc.)
Device drivers, power consumption, etc.– User experience
Do it all while ensuring compliance
Copyright © 2011 Black Duck Software, Inc. All Rights Reserved.
Android & Vendor Innovation
Developers
Typical areas of vendor/developer innovation
Source: Google - //source.android.com/
Copyright © 2011 Black Duck Software, Inc. All Rights Reserved.
Software Package Data Exchange™ (SPDX™)
Working group of the Linux Foundation
Charter: Create data exchange standards to enable
license and component information sharing (metadata)
Participation from over 16 organizations including software, systems and tool vendors, consultants and foundations
“SPDX is a crucial building block in an industry-wide system of automated license compliance administration” Eben Moglen, SFLC
Copyright © 2011 Black Duck Software, Inc. All Rights Reserved. 13
Enabling Developer Freedom (with Visibility and Control)
Strategy– Articulate the business
objectives for use of OSS
Policy & Process– OSS policy & management
process
Training & Technology– Automate governance and
compliance– Design-in and automate
policies
Copyright © 2011 Black Duck Software, Inc. All Rights Reserved. 14
Getting Started….
Black Duck Governance Fast Start A fully functioning governance and automation
platform configured with industry best practices to provide immediate returns
Includes:― Policy - initial policy implementation to get started― Acquisition - automated approval/request process and
workflow for acquisition of open source ― Catalog - pre-populated catalog with popular OSS
components― Compliance - automated validation server― Support - optional commercial support from credativ
For organizations that want to implement a governance solution quickly and increase sophistication and capability over time.
Copyright © 2011 Black Duck Software, Inc. All Rights Reserved.
Summary
Android has revolutionized the mobile and device landscape
Enterprise infrastructure is adapting to “Systems of Engagement,” open source is key enabler
Developers need freedom to use the best code, Management needs visibility and control
Solution requires training, tools, and processes