Driving Business Agility with the Use of Open Source Software

Driving Business Agility with the Use of Open Source Software

Speakers Peter Vescuso EVP of Marketing & Business Development Black Duck Software Melinda Ballou Program Director, Application Life-Cycle & Executive Strategies IDC Ed Tilford Head of Open Source Governance Thomson Reuters 2

Driving Business Agility with Open Source Software Melinda Ballou Program Director, IDC Application Life-Cycle Management & Executive Strategies Service Copyright 2012 IDC. Reproduction is forbidden unless authorized. All rights reserved.

Industry Highlights: Disruptive Trends Driving OSS Adoption Diverse deployment demands for mobile, cloud, embedded drive corporate need for consistent standards, business dynamism is enabled by OSS leverage Organizations re-invest, seeking to do more with fewer resources with financial and staffing constraints; leveraging efficient approaches to restore and sustain high performing, timely, business-critical software benefits from OSS potentially. Complex sourcing/off-shoring plus use of open source need strong teaming, effective code management, testing, and metrics enabled by automation & governance; Services driven environment (SaaS/cloud, Devops emergence) requires management. Global economic competition and local compliance across geographies demand quality, change and portfolio management, adaptability and rigor, OSS standards. Flexible development paradigm with services creation increasingly drive technology and business collaboration strong agile emergence also drives & benefits from OSS Emerging security issues (as driver) and virtualization/cloud (as enabling technology) for OSS adoption; ad hoc approaches unsustainable external code use necessitate visibility End-user experience and business impact challenges of rich Internet, mobile, embedded, with social media collaboration/community and OSS opportunities 2012 IDC Nov-12 4

Establishing OSS Management Evolving Strategy Amid Challenges Companies must oversee software development yet have little visibility into origin & policy. Open source software (OSS) provides opportunities for efficient code creation, yet strategies to manage open source remain woefully inadequate OSS makes up 30% or more of code at major G2000 organizations and is increasingly looked to as a resource Complex sourcing and geographically dispersed teams drive the need to collaborate well & managed dispersed projects These disparate sources of software tend to be fractured organizationally and geographically. Islands of desktop, mobile, cloud and other platforms aggravate this coordination problem. 2012 IDC Nov-12 5

Open Source Software Drives Innovation Prediction and Evidence Prediction: Open Source Software will move beyond mainstream to drive software innovation in key areas for 2012/14 with evolving use for applications and emerging platforms in new vertical areas (e.g., automotive, financial) while augmenting development across cloud, mobile, Big Data Evidence Corporate sanctioned adoption brings increasing leverage due to competitive use and innovation, low/"no" cost points, strengthened capability and grass roots developer adoption OSS in 2012 drives innovation for vertical platform and app evolution (e.g., automotive/genivi), also mobile, cloud, Big Data Resource and market volatility will further evolve enterprise acceptance 6 and OSS leverage in embedded environments Complex sourcing pushes urgent, fresh demand for OSS management, governance and automation as business critical software increasingly relies on OSS in 2012/13 2012 IDC Source:/Notes: Nov-12

Open Source Software Drives Innovation Impact and Strategy Impact: As open source drives new and emerging areas with combined projects and standards (like automotive Infotainment platforms and apps), engagement and participation become mandatory for business success Developers, ISVs, ALM, SIs & OSS providers have new opportunities End-user organizations will face new OSS app lifecycle, compliance pressures, challenges as well as excellent OSS leverage for innovation Strategy: Executives, managers, and development teams must drive coordination and decision making in this complex, dynamic environment. ALM tools, mobile, Big Data, cloud providers and vertical manufacturers are and will leverage OSS capabilities and components 2012/14+ ALM governance and management become key as business innovation relies increasingly on OSS; quality, change management focus needed End-users should establish and vigorously enforce updated OSS policies Established commercial tools vendors should make OSS governance, management and/or partner support available ASAP 2012 IDC Source:/Notes: Nov-12

Quality Gap : High Cost of Failure Poor Quality = Increased Business Risk ($$$$$) Lost Revenue Lost Customers Increased Costs Damaged Brand Lost Productivity Lower Profits 2012 IDC Nov-12 8

Goals of Effective IT/Business Alignment Innovation: Maximize Upside Through Technology- Enabled Business Processes New Business Value Compliance: Minimize Downside Through Risk Management Reduced Exposure 2012 IDC Nov-12 9

Complexity, Cost & Agility Drive Adoption QC1. MEAN SUMMARY TABLE How important to your organization are the following factors as drivers in the adoption of software quality automation. Business consequences of poor quality code design (impact of production problems) 2.1 Increased costs due to constant application failures 2.2 Improvement in software development decision and planning process Lowering of maintenance and performance costs and resource impact (detection and MTTR) 2.3 2.3 Internal and external customer satisfaction 2.0 Fit to existing systems and standards 2.3 Compliance initiatives (SOX, JSOX, Basel II) 2.5 Offshoring/Outsourcing oversight and management 2.9 Resource constraints (efficiency, productivity improvement and resource reallocation to innovation) 2.3 Security concerns 2.0 Business agility/speed of competitive response/compressed delivery cycle 2.2 Architectural complexity and increased resulting risk 2.3 N = 200 Source: Custom Quality Survey, IDC, 1H 2011 1.0 2.0 3.0 2012 IDC Nov-12 10

Resource Constraints in the Midst of Complexity Create Challenges QC3. Which of the following is the most significant challenge to the quality of your organization s software development today? Complexity 18.5% Outsourcing 5.5% Virtualization management 8.0% Multi-threaded software 6.5% Internal Staffing/Resources 8.5% Financial resources/budget 19.0% Time to implement/pace of change Project prioritization 12.0% 11.5% Poor architecture 2.0% None - No hurdle 8.5% Other (Please specify) 0.0% N = 200 Source: Custom Quality Survey, IDC, 1H 2011 2012 IDC 0% 5% 10% 15% 20% Nov-12 11

Coordinating across the Life-Cycle Coordinating requirements, testing, and operational performance is key across core emerging software sources Slow response times for key business areas are problematic Organizations should target quality life-cycle approaches through requirements, unit test, system integration and predeployment and performance testing and change management across the supply chain As business requirements change, a cogent supply chain lifecycle approach enables adaptive, flexible business responses Quality necessitates effective code and OSS management and visible, coherent software supply chain (write and/or acquire; find, reuse) and policy management 2012 IDC Nov-12 12

App Deployment & Support: Old View DEV Define SLAs, Provision Test/ Tune Monitor Support Issues Result: Little input into specifications or development Little leverage between development/ops of testing/monitoring investments Testing/tuning LATE in the cycle! 2012 IDC Nov-12 13

Closing the Loop: Leverage Skills & Tools for Agile, Iterative Approach Shared goals Shared metrics Share tests, tools and skills Shared systems Shared software OSS usage Visibility key Define Support Deploy & Monitor Design Develop Test & Tune 2012 IDC Nov-12 14

IDC Calls to Action The challenges of increased complexity and high-end development across diverse platforms increase code problems, increase costs and drive debilitating consequences resulting from defects pre- and post-deployment Companies must become better educated about the business consequences and labor costs of poor software design since optimism mask the need for change Organizations should evaluate OSS automation to supplement traditional development along with appropriate process and organizational approaches Across industries, poorly managed and problematic software leads to brand perception impact above and beyond individual problems demand response 2012 IDC Nov-12 15

IT and Business Challenges: Silos, Gaps Today s applications are high-visibility, and carry a high cost-offailure -- customer self-serve, supplier/channel; key internal business applications Network effect failure in one leads to other failures The need for OSS as part of quality life-cycle is key since G2000 organizations are split across groups: Business/users stakeholders Architects, Designers and Developers QA professionals Operational staff Must extend the Quality life-cycle across geographies, life cycle phases and groups 2012 IDC Nov-12 16

Summary Coordinate an OSS approach that targets pragmatic strategies to leverage standards and components to obtain benefits Evaluate your organization s current OSS policies for OSS application portfolio review, effective processes and automated tools adoption Schisms between business, architects, development, security and operations must be addressed -- IT groups and the business must build a common approach, common metrics, and common tools and practices that include OSS Drive towards an effective OSS strategy to help cut costs, increase efficiency and business agility, to sustain brand, address competitive challenges 2012 IDC Nov-12 17

About Black Duck Mission: Help developers build better software faster by harnessing the power of open source technologies and methods. 18

Innovation and Open Source - A Virtuous Circle 800,000 Number of OSS Projects Open Source 700,000 600,000 500,000 400,000 300,000 200,000 100,000 Innovation 0 2006 2008 2010 2012* * As of October 2012 19

Open Source Drives Mobile Innovation 12000 10000 8000 6000 4000 2000 0 New Mobile OSS Projects 2005 2006 2007 2008 2009 2010 2011 Over 10,000 new OSS projects in 2011, doubling each of the last 3 years Open source has redefined the mobile industry and is spreading far beyond 20

Trends: Open Innovation Then Now Time 21

Value of Open Source IDC: Average Global 2000 company uses 30% open source Best-in-class companies use 80%-90% 100% 90% 80% 70% 60% 50% 40% Best-in-Class OSS Use Value 80% 30% 20% 10% 30% 0% Average Best-in-Class 22

Strategic use of Open Source Over 80% of the software in our handsets is open source Carl-Eric Mols, Head of OSS, Sony Mobile Communications 23

Governance and Compliance Solutions Strategy Articulate the business objectives for use of open source Policy & Process Open source policy & management process Technology Automate governance and compliance Design-in and automate policies 24

Automated Governance and Compliance Application development cycle Plan Code Build Test Release Open source governance lifecycle Acquire Approve Catalog Audit Monitor Black Duck Knowledge Base

OPEN SOURCE GOVERNANCE AT THOMSON REUTERS Ed Tilford

ABOUT THOMSON REUTERS Thomson Reuters is the world s leading source of intelligent information for businesses and professionals We combine industry expertise and innovative technology to deliver critical information to leading decision makers We are the world s most trusted news organization We serve professionals in the financial and risk, legal, tax and accounting, intellectual property and science and media markets We are a global company with operations in over 100 countries, employing approximately 60,000 people

OSS GOVERNANCE OVERVIEW Idea Generation Business Planning Definition Delivery Deployment Support & Measure Obsolescence Commitment Review F4L Review Class 1 Class 2 Class 3 Class 4 Class 1 Class 2 Class 3 Class 4 OSS Use Registration Source Scanning OSS not approved Review Remediation OSS Approved Ready to be Hosted Ready to Ship

BEST PRACTICES A defined policy on acceptable open source software use E-learning based training on open source software and the company policy Turn key processes and centrally managed tools Steering committee that oversees OSS strategy direction and implementation across technology Online support and resources site Quarterly compliance progress reporting

INSIGHTS Recognize that there are distinct uses of OSS and corresponding risks; avoid a one size fits all policy Know your audience Craft your strategy, policy, training, etc. recognizing that your audience wants (and needs) to use OSS Emphasize where your company stands relative to OSS use Continuously work to reduce impact on development velocity Use just enough process and automate where possible

Questions? (Image: Creative Commons 2.0 by Stefan Baudy) 31