Black Duck Software pioneered the automation of mixed-origin software component reuse management. The company’s products and services allow organizations to analyze the composition of software source code and binary files, search for reusable code, manage open source and third-party code approval, honor the legal obligations associated with mixed-origin code, and monitor related security vulnerabilities. Black Duck is considered a technology industry leader and often cited in media articles about open source.
Black Duck Software maintains an extensive KnowledgeBase (or knowledge base) of open source and third party components - most of which are available on the Internet. In the KnowledgeBase, each component is characterized by metadata such as license, language, version, author, and known security vulnerabilities. Black Duck products use this information to facilitate search, selection, approval, validation and tracking of software components. Black Duck Software maintains the open source search engine Koders.
The availability of open source software code on the Internet enables software developers to download open source code and incorporate it into run-time environments and new software under development. Since the code is obtained without being purchased, this practice can bypass traditional procurement management and legal review.
The use and redistribution of open source code is governed by a variety of software licenses, specifically open source licenses, some of which are quite complex. The terms and obligations of these licenses can conflict with one another or with an organization’s goals. The most common open source license is the GNU General Public License, or GPL, which includes obligations to credit the original author and copyright holder and to distribute the source code along with any derivative work.[5] The Black Duck Software website includes a free service providing information and analysis about open source licenses.
Open source software creates an efficient business model, incorporating a collaborative software development model. [7] However, modifying or redistributing open source while failing to honor open source license obligations creates legal liability for corporations and their officers. [8] In 2007, open source license infringement litigation went to court in the U.S. for the first time in a suit filed by the Software Freedom Law Center. [9] According to Mark Radcliffe, Deputy General Counsel for the Open Source Initiative, as current and future suits are decided, important case law precedents will be established about the remedies available to open source plaintiffs.
This is the context in which a niche market has developed for products and services from companies such as Black Duck Software that provide automation and information to manage the complexity of emergent composite software development models while avoiding business and legal risks.
History
Former President and CEO, Douglas Levin (Doug Levin), founded Black Duck in 2002, at a time when litigation over open source and software intellectual property began in the United States, including the high-profile SCO v. IBM case. The idea struck him that there should be an automated way to keep track of and verify software code origins.
Black Duck Software began shipping its first product, Protex, in 2004. In July 2004, the company had its first round of venture capital funding for $5 million, with investments from Flagship Ventures and General Catalyst Partners.
In March 2005, the company announced a hosted service, Black Duck Transact. In June 2005, a second round of funding added $12 million in investment capital led by Fidelity Ventures of Boston and including Intel Capital (a division of Intel Corporation (Nasdaq: INTC)) , SAP Ventures (a division of SAP AG) and Red Hat (Nasdaq: RHAT), along with existing investors Flagship Ventures and General Catalyst Partners.[15] Throughout 2005, the company created partnerships with other open source organizations, including Red Hat, the Open Source Software Institute, Sourceforge, and Olliance Group.
During 2006 Black Duck integrated Protex with the IBM Rational [34] management platform and released the Black Duck Export product.[17] Also in 2006, the company expanded its distribution network to include resellers in Australia, New Zealand, the UK, Israel, and Korea.
In February 2007, Black Duck Software completed a third round of venture capital investment for $12 million, led by Focus Ventures and also including existing investors. The company joined the Open Solutions Alliance in April 2007, received IBM SOA Specialty acceptance in October and, in November 2007, added distribution partners in Hong Kong. Also in November 2007, the company began a distribution partnership with NEC in Japan.
On January 28, 2008, Black Duck introduced Black Duck Code Center, a role-based management system for mixed-origin software development. On April 28th 2008, it was announced that Black Duck Software would acquire the assets and technologies of open source code search engine Koders. The Koders search engine will remain free of charge.
Products
Black Duck Software products include Protex, Transact, Export, and Code Center. Each application uses the Black Duck KnowledgeBase to identify and manage the reuse of open source and third party code. The Black Duck KnowledgeBase is continuously updated with downloadable code from Internet sites and software vendors, including development kits, proprietary applications, operating systems, and the associated proprietary and open source licenses.
Services
Black Duck Professional Services offer consulting about software compliance, open source software use and creating code reuse policies and procedures using Black Duck products. Black Duck also offers training and customer support services. [31]
Partners & Alliances
Black Duck Software collaborates in various ways with other companies and organizations in the open source sphere.
Technological integration with IBM Rational adds Black Duck functionality to executive-level software management. Open source consultancies work with Black Duck Software to help their clients adopt and implement open source policies that honor licenses while capturing the cost savings of open source software reuse.[32] Similarly, Black Duck has established partnerships with a number of law firms to provide accurate determination of software pedigree—especially helpful when preparing software asset valuation for mergers and acquisitions.[33]
Black Duck is a member of the Eclipse Foundation, the Open Solutions Alliance, and the Open Source Software Institute. Black Duck initiated the Compliance Vanguard Alliance to work with other open source technology firms by providing educational events and information to encourage best practices in managed open source adoption.
Trivia
The company was named after a pet duck that founder, Doug Levin, found and nursed back to health when he was seven years old. [35] In the Wikipedia article on American Black Duck we read it has long been considered a prize game bird, as it is “fast on the wing.”
NOTE:
没有评论:
发表评论