News

LogicLibrary develops open-source compliance module

• By Rich Seeley
• September 2, 2004

Development teams working with open-source software need to make sure they don't get themselves into legal problems with license agreements, warns Brent Carlson, vice president of technology at LogicLibrary.

Although a share-and-share-alike philosophy seems to pervade the open-source movement, Carlson, whose company makes asset management tools, says the prospects of intellectual property liabilities are high.

"Some of the open source agreements are very loose," he says. "Others tend to be more restrictive in what you can and can't do. In the worst case, you can even expose your own [intellectual property] if you do the wrong thing with the wrong license and end up having to give it out as open-source code."

The prospect of losing intellectual property rights has legal departments worried, he says. In response to demand from companies using LogicLibrary's Logidex asset management tool, Carlson says he began developing an open-source compliance module. Working with a law firm specializing in intellectual property, LogicLibrary has developed a template checklist to make sure development teams are complying with open-source licenses.

"It's in developerese, not legalese," Carlson says of the checklist he describes as a simple "Did you do this? Did you do this? If so please check here, check here." If developers are working with an open-source asset with a certain type of license, it explains what they need to do to comply.

"That, along with our asset acquisition feature that was already in the product, lets developers specify what they're doing with this open-source component, so the legal team or the project management team can review that and ensure that it's appropriate use," he explains. "That information gets stored inside of Logidex, so it's available as an audit trail as well, so if this organization ever gets challenged legally, they have that documentation sitting there in Logidex, can pull it up and prove that they've done the right thing and are protected legally. We have a complete audit trail mechanism in Logidex as well."

The new open-source compliance module is part of the August release of Logidex 3.5 for J2EE and .NET platforms and development environments. More information is available at www.logiclibrary.com/.