Internet of Things: Role of Free and Open Source Software



Similar documents
An Open Source project building the framework for the Internet of Things (IoT)

An Open Source project building the framework for the Internet of Things (IoT)

Programming the Internet of Things

An Introduction to Open Source Software and Licensing

BMC Remedy Action Request System 7.0 Open Source License Agreements

Open Source Used In Cisco Instant Connect for ios Devices 4.9(1)

XEROX TALKS BEST PRACTICES FOR OPEN SOURCE GOVERNANCE

GEO Sticky DNS. GEO Sticky DNS. Feature Description

Azure Multi-Factor Authentication. KEMP LoadMaster and Azure Multi- Factor Authentication. Technical Note

Introduction to OpenCV for Tegra. Shalini Gupta, Nvidia

System Center Virtual Machine Manager 2012 R2 Plug-In. Feature Description

Open Sourcing the Internet of Things

Third Party Software Used In PLEK500 (Utility for Win) v1.x.xx.xxx

Open Source in the Real World: Beyond the Rhetoric

Open Source Used In Cisco D9865 Satellite Receiver Software Version 2.20

Fuse MQ Enterprise Broker Administration Tutorials

The 7 Myths of IP Risk: The Real Exposure Issues with Free and Open Source Software. Black Duck Software White Paper

RSA Two Factor Authentication

Release Notes for. CounterPath Bria iphone Edition CounterPath Bria ipad Edition Version 3.1.0

How To Use The Programs Of Ancient.Org

IoT Cloud, All Seen Alliance. Masanari Arai 荒 井 真 成 CEO, Kii Corpora0on

Integrated Citrix Servers

Installation Guide Supplement

Microsoft SharePoint

Open Source Software and the impact on Mergers & Acquisitions

Installing the Shrew Soft VPN Client

Boost Libraries Boost Software License Version 1.0

What You Should Know About Open Source Software

Managing Open Source Code Best Practices

Free and Open-Source Software Diligence in Mergers, Acquisitions, and Investments

Open Source Used In Cisco IronPort Encryption SDK

Adobe Connect Collaboration SDK Third Party Notices and/or Additional Terms and Conditions

Steve Apps Senior Manager Accenture South Africa

Apache Software Foundation This product includes software developed by the Apache Software Foundation (

ANZ TRANSACTIVE - MOBILE

Standardizing the Internet of Things; Boiling the Ocean

Adobe DNG Flat Field Plug-in (1.0) Software Notices and/or Additional Terms and Conditions

NetSuite End User License Agreement for Mobile Applications

This script builds the FacebookSDK.framework that is distributed at

RSA Data Security, Inc. Portions derived from the RSA Data Security, Inc. MD5 Message-Digest Algorithm.

Log Insight Manager. Deployment Guide

RSA Two Factor Authentication. Feature Description

HIGHSEC eid App Administration User Manual

Upgrading Intel AMT 5.0 drivers to Linux kernel v2.6.31

An Introduction to the Legal Issues Surrounding Open Source Software

Adobe LeanPrint Dashboard Software Notices and/or Additional Terms and Conditions

ORACLE CRM ON DEMAND DEVELOPMENT ADDENDUM TO THE ORACLE PARTNERNETWORK AGREEMENT

Oracle s PeopleSoft 9.0 Recruiting and Admissions Changes and Updates for CS Bundle #38

ARTIK TM. MyungKoo Kang (VP) The Ultimate Platform Solution for IoT. Samsung Electronics

How To Use Open Source Software

WI-FI ALLIANCE INTELLECTUAL PROPERTY RIGHTS POLICY

SOFTWARE SOFTWARE ACKNOWLEDGEMENTS. SecuriSync. SecuriSync

Enterprise Manager to Enterprise Console upgrade guide. Sophos Enterprise Manager version 4.7 Sophos Enterprise Console version 4.7.

Port Following. Port Following. Feature Description

FortiAuthenticator Agent for Microsoft IIS/OWA. Install Guide

Job Status Guide 3.0

Compatibility Matrix. BES12 Cloud. July 20, 2016

Software Package Document exchange (SPDX ) Tools. Version 1.2. Copyright The Linux Foundation. All other rights are expressly reserved.

OWNER S GUIDE OWNER S GUIDE

AllJoyn Device System Bridge

Sophos Enterprise Console quick startup guide. Product version: 5.1 Document date: June 2012

AccuTerm 7 Cloud Edition Connection Designer Help. Copyright Zumasys, Inc.

ENHANCED HOST CONTROLLER INTERFACE SPECIFICATION FOR UNIVERSAL SERIAL BUS (USB) ADOPTERS AGREEMENT

BES10 Self-Service. Version: User Guide

Oracle s PeopleSoft 9.0 Recruiting and Admissions Changes and Updates for CS Bundle #31

License Summary 808D on PC 4.4 Ed 2

Open Source Used In Cisco TelePresence TC Console TC7.1

iphone/ipad Connection Manual

Open Source Software used in the product

Legal Issues for FOSS-based Supply Chain Management. Herve Guyomard, Black Duck Software

ANZ TRANSACTIVE MOBILE for ipad

iphone/ipad Connection Manual

Pulse Redundancy. User Guide

Symantec Security Information Manager 4.8 Release Notes

OPENNESS, PARTNERSHIP AND ALLIANCES: THE LEGRAND STRATEGY FOR THE IOT MARKET

Presentation. Open Source is NOT Free. For ISACA. By Dave Yip / Gamatech Ltd. Agenda

Oracle Mobile Cloud Service. A Complete Strategy for Developing, Deploying, and Monitoring Mobile Apps

The Internet of Things in Smart Buildings 2014 to 2020

ALL WEATHER, INC. SOFTWARE END USER LICENSE AGREEMENT

Open Source Used In LDSF 1.7.2

RTI Monitor. Release Notes

Internet of Things From Idea to Scale

Release Notes for CounterPath X-Lite 4 for Windows Version 4.8

Advanced Planning PDP Client for Microsoft Excel 1.3 Install PeopleBook

IICLE ONLINE SUBSCRIPTIONS TERMS AND CONDITIONS

Mayfair EULA for Journal Office

Transcription:

Internet of Things: Role of Free and Open Source Software Mark Radcliffe, Partner, DLA Piper Mark O Conor, Partner, DLA Piper Ian Skerrett, Eclipse Foundation Mike Dolan, Linux Foundation (Allseen Alliance)

Global platform Largest law firm in the world, based in 31 countries and 77 offices throughout the Americas, Asia Pacific, Europe and the Middle East More than 145 DLA Piper lawyers in IP transactions Global Open Source Practice More than 550 DLA Piper lawyers ranked as leaders in their fields Page 2

OSS practice Worldwide OSS Practice US practice led by two partners: Mark Radcliffe and Victoria Lee Experience Open sourcing Solaris operating system FOSS foundations OpenStack Foundation PrPL Foundation OpenSocial Open Source Initiative GPLv3 Drafting Committee Chair Drafting Project Harmony agreements Page 3

Linux Foundation and AllSeen Alliance The Linux Foundation is a 501(c)(6) nonprofit organization dedicated to enabling the Linux kernel community and protecting, defending and promoting the adoption of Linux and open source technologies that form the backbone infrastructure of society. The Linux Foundation hosts many Collaborative Projects that extend the successful practices of open source development into technology areas beyond the Linux kernel AllSeen Alliance is one of The Linux Foundation s Collaborative Projects. AllSeen is a 501(c)(6) nonprofit organization dedicated to enabling the widespread adoption of products, systems and services that support the Internet of Things through an open environment, vibrant ecosystem and thriving technical community based on the AllJoyn open source project. The Linux Foundation is a registered trademark of The Linux Foundation. AllSeen and AllSeen Alliance are trademarks of AllSeen Alliance, Inc. AllJoyn is a registered trademark of AllSeen Alliance, Inc. Page 4

Introduction to the Eclipse Foundation Nonprofit Open Source Foundation (5.01 c6), created in 2004 220+ members, including IBM, SAP, Google, SAP, Red Hat, Bosch, Cisco, Airbus 250 different open source projects 6-8 million users 22 staff members Page 5

World economic forum: IoT report The Industrial Internet will transform the basis of competition, requiring business leaders to shift from a focus on products and services to business outcomes. For the Industrial Internet to achieve its full potential, industry sectors will need to collaborate more closely with technology leaders and policy makers to put in place the standards and conditions required to encourage further investment. Paul Nanterme, Chairman and CEO of Accenture Page 6

AllSeen Alliance Introduction Mike Dolan, Senior Director of Strategic Programs The Linux Foundation Page 7

AllSeen Alliance the problem with the Internet of Things today A different app for every device Integration is difficult Devices can t interact locally, requires an internet connection for every device Cloud connections abound; are they all secure? Each with their own terms e.g. who owns the data? Rich user experiences (combinations) are difficult to build, if even possible Laundry Cloud Lighting C Cloud Security Camera Cloud Speaker B Cloud Lighting B Cloud Fridge Cloud TV Cloud NOW PLAYING: Artist: Flowers Song: Daisy Lighting C App Speaker B App Laundry App Lighting B App Fridge App Speaker A App TV App Lighting A App Lighting A Cloud Speaker A Cloud Security Camera App App Overload! Page 8

Ubiquitous connectivity promises to make devices smart But ONLY if they speak the same language hello world! 당신은 내 말 들려? Computing devices Consumer goods and appliances Tem alguém aí? Home hellworh e 100010101011 Auto Industrial Devices that can t connect across brands, categories, and operating systems will be left out No single company covers every segment, space and platform Page 9

AllSeen Alliance AllJoyn framework lets things work together hello! AllJoyn framework Computing devices Computing devices hello! AllJoyn framework Consumer goods Consumer and goods appliances and appliances hello! hello! hello! AllJoyn framework AllJoyn framework AllJoyn framework Home Home Auto Auto Industri al Industrial Page 10

Exposing smartphone APIs enabled new experiences that no one had ever thought of before GPS Microphone GPU Touchscreen DSP Accelerometer GYRO

The AllJoyn framework exposes the capabilities of connected devices in the much the same way A single protocol allowing products and apps to expose their capabilities and interact with other devices and apps Lock doors Displays Speakers Light bulbs Garage door Clocks Sensors Cool Pictures Heat Video TVs Drapes The AllJoyn software framework is a collaborative open source project of the AllSeen Alliance

AllJoyn enabled devices describe their capabilities via service interfaces on a virtual bus Page 13

AllJoyn s Gateway Agent provides remote access, management and privacy controls for all AllJoyn enabled devices and apps Page 14

The problems that AllJoyn solves in an interoperable way Discover nearby devices Identify services running on those devices Interoperate Adapt across OS, device to devices coming and manufacturer and going Control devices near and far Span diverse transports Manage remote and local Exchange information Secure against bad actors Page 15

AllSeen Alliance - 2014 Collaboration Scorecard Projects Contributions Jira Tickets 37 total projects 103 contributors 1,600 submitted 20 active 20+ companies 1,250 closed 7 new 4.1M SLoC changed since launch 330 open or in progress

Why the Internet of Things has to be open sourced Companies will win over Internet of Things not in the boardroom, but on the command line. The consortium that gets excellent code to market first, with a community that provides great documentation and an inviting atmosphere, will win. So far, only AllSeen has done that, with code available for download today. Matt Asay VP Mobile at Adobe, via readwrite.com 17

AllSeen Alliance over 170 members including 12 premier members + One more not yet announced Page 18

AllSeen Alliance Community members 2lemetry ADT Security Services Affinegy AT&T Digital Life Audio Partnership Beechwoods Software Beijing Winner Micro Electronics BLACKLOUD Bosch CA Engineering Canary Carvoyant Changhong Cirrent Cisco Cloud of Things CoCo Communications Connectuity ControlBEAM Covata D-Link Dawon dog hunter Domos Labs Elica S.p.A. Euronics EXO U Faber S.p.A. FengLian FirstBuild Fon ForgeRock Fortune Techgroup FreeWings Technologies GEO Semiconductor GeoPal Solutions Golgi Gowex Guangdong Pisen Electronics Harman Heaven Fresh Canada Helium Honeywell HOUZE Advanced Building Science HTC Hubble icontrol Networks igloo Software iinet Imagination Technologies Innopia Technologies INSTEON Inteno Broadband Technology AB IOOOTA ISI Technologies Kii Kitu Systems Legrand Group Lenovo LeTV LG Uplus Lhings LIFX LightFreq Lite-On Local Motors Lumen Cache M2Communication MachineShop MobilityLab LLC Modacom Musaic Muzzley NETGEAR Octoblu Organic Response Patavina Technologies People Power Company Personal Air Quality Systems (PAQS) Ping Identity Playtabase POWERTECH Quanta Computer Razer Red Bend Software Resin.io Sears Brand Mgmt..Corporation Seed Labs Shenzhen Fenglian Technology Co Page 19

AllSeen Alliance Community members continued Shenzhen H&T Home Online Network Technology Co Sproutling Symantec TCL Corporation Tellient The Sprosty Network Things.Expert ThroughTek Trend Micro Tuxera Two Bulls Umbrela Universal Devices Vedams VeriSign, Inc. Vestel Group Waygum.io Weaved Wireless Things WiSilica wot.io Page 20

Eclipse IoT Introduction Ian Skerrett Ian.Skerrett@eclipse.org @ianskerrett ECLIPSE IOT

Open Source IoT Building Blocks New and Existing Devices IoT Gateways Network/Wireless Services Backend Systems Open Source Technology to Connect and Manage Page 22

Eclipse Foundation: building blocks for open IoT stack IoT applications IoT solution frameworks - Home automation - SCADA - OM2M Connectivity - MQTT - CoAP - LWM2M IoT gateway services - Remote management - Application management Open and Commercial Hardware Page 23

Open standards Mosquitto CoAP Californium LWM2M Page 24

IoT frameworks IoT Gateway Framework Integration framework for home automation Integration framework for SCADA systems Page 25

Eclipse Foundation: commercial and open IoT ecosystem Open IoT Stack Page 26

Where software is hot, OSS is hot 63% 57% 53% 51% 49% 48% 46% 27% 26% 13% CLOUD/ VIRTUALIZATION CONTENT MGMT MOBILE SECURITY COLLABORATION NETWORK MGMT SOCIAL MEDIA 3D PRINTING ANALYTICS AND DRONES BUSINESS INTELLIGENCE 12% GAMING 10% ERP Page 27

OSS grows as % of code By 2016, at least 95% of IT organizations will leverage nontrivial elements of open-source software technology in their mission-critical IT portfolios, including cases where they might not be aware of it an increase from 75% in 2010. Source: Gartner, 2014 More %??? 30% 5% 2007 Source: Black Duck audit results 2012 2017 Source: IDC Survey of G2000 Page 28

Basic legal issues Intellectual property rights Copyright Protects works of authorship such as software, documentation, music and movies Exclusive rights Distribute Modify Reproduce Public display/public performance Patents Protects inventions, such as software, hardware and automobiles which are useful, non-obvious and novel Exclusive rights (negative right) Make Use Sell Page 29

Basic legal issues continued Trademarks Word, symbol, device, sound or smell which identifies a product as coming from a certain source and as being of a certain level of quality Prevent use of confusingly similar marks Examples: Linux, Apache (word), Apache (feather), OpenStack (word) Article II Sale of goods from airplanes to automobiles to software Warranties Express Implied Remedies: consequential damages Source of the funny language in licenses merchantability WEST\21689961v1 Page 30

Types of open source licenses: Restrictive, permissive, other Restrictive (aka Copyleft, reciprocal) Requires licensor to make improvements or enhancements available under same terms Example is the GPL: licensee must distribute work based on the program (derivative works) under the terms of the GPL Hybrid Requires licensor to make limited improvements or enhancements under the same terms Example is the MPL: licensee must distribute modified files under MPL Permissive Modifications/enhancements may remain proprietary Distribution in source code or object code permitted provided copyright notice and liability disclaimer are included and contributors names are not used to endorse products Examples: Berkeley Software Distribution (BSD), Apache Software License Miscellaneous: Other: Lucent, zlib/libpng Page 31

The GNU General Public License (GPL) GPLv2 first published in 1991 (final version of GPLv3 published 6/29/2007) Key Terms of GPLv2 Right of customers to modify and distribute modification under GPL Non-exclusive Obligation to distribute (can charge but not pass through this obligation) Any work based on the program is subject to GPL Must include source code No explicit patent license Automatic termination Page 32

The updated BSD License Copyright (c) <YEAR>, <OWNER> All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions, and the following disclaimer Redistributions in binary form must reproduce the above copyright notice, this list of conditions, and the following disclaimer in the documentation and/or other materials provided with the distribution Neither the name of the <ORGANIZATION> nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Page 33

Collaborative projects Eclipse Foundation Eclipse Paho - MQTT client libraries https://eclipse.org/paho/ Eclipse Kura - IoT gateway https://eclipse.org/kura/ Eclipse Leshan - Implementation of Lightweight M2M standard for device management Linux Foundation Allseen Alliance IoT platform https://allseenalliance.org/ IoTivity IoT Framework https://www.iotivity.org/ Mosaiq (March, 2015): ABB, Bosch, Cisco Joint Venture for smart home DeviceHive Alliance (May, 2015): Canonical, GE, Microsoft, DataArt, Acer for predictive maintenance for the Industrial IoT Page 34

Key Issues in using/joining OSS Project Culture of OSS Project Culture of company (particularly with respect to OSS contributions) Governance of OSS project Run by single person Run by single company Run by multiple companies Type of OSS license Copyleft Permissive Page 35

OSS as a competitive advantage Move your software project to a foundation to ensure community support and broader adoption Example: Alljoyn and Linux Foundation Use OSS as a base for commercial product (depends on type of license) with OSS developing necessary parts which do not provide commercial advantage Example: OpenStack Collaborations Mosaiq DeviceHive Alliance Provide code under OSS license and commercial license Example: MySQL Page 36

Supply chain: Mix of open source and other code OSS Projects End User Page 37

Components of an open source policy Published policy Created via cross functional team Organization is educated on the policy Open source process owner Keeps the wheels running Grant certain types of approvals Approval processes Component review and approval Sensitive to use: internal/external/products License review and approval Release plan review and approval Page 38

Components of an open source policy continued Monitoring and tracking process Component verification Security notifications Component upgrade notifications Application to contractors/outsource vendors Obligation verification process Ensure using approved components and Meeting the license and business obligations Current reporting for responsive due diligence request Page 39

Managing open source software Define criteria for approved software Licenses Use (internal/product/website) Sources Support Other Define criteria for unapproved software Scope of application: internal development, independent contractor, outsource vendors, M&A Define conditions for participating in the open source software development Employee education No compliance without education Page 40

Open source compliance Define how development teams and other functions Search, select, approve, track, validate, track and monitor Inbound approval processes Code from internal teams, external sources Outbound compliance processes Distributed code Create a baseline of your code Prioritize Perform code analysis Plan remediation Document the origins of the code base Determine all components and licenses in use Verify usage is approved Create a catalogue of approved components and licenses Validation processes Page 41

Conclusion OSS is expected, but governance is very important OSS critical for projects as large as IoT Large and small collaborative projects Making good choices with OSS means evaluating the license obligations in the context of the business model as well as the code Need to manage use of open source (other third-party code) Page 42

Presenters Mark Radcliffe, Partner, DLA Piper mark.radcliffe@dlapiper.com Mark.O Conor, Partner, DLA Piper mark.oconor@dlapiper.com Ian Skerrett, Eclipse Foundation ian.skerrett@eclipse.org Mike Dolan, Linux Foundation (Allseen Alliance) mdolan@linuxfoundation.org 43