Black Duck Software announced today the availability of Black Duck Code Center software to help manufacturers accelerate software development through the managed use of open source and third-party code. Code Center manages software component selection, project approval and license tracking designed to maximize benefits to organizations from their reuse of open source and other third-party software components.
The new software addresses the complexities involved with mixing internally developed code with code from open source communities, partners, vendors, outsourcers and other third parties. In this emerging era of component-based software development, a company’s ability to effectively manage code from external sources is fast becoming as, or even more important than, its internal development capability, according to Black Duck officials.
“This product enables our customers to scan software code and compare it to our knowledge base of open source components. It is the next step in evolution for this company. It moves us way up front in software development and enables users to make informed choices [with open source code],” Bill McQuaide, executive vice president of product development for Black Duck Software, told LinuxInsider.
Meets Three Needs
Code Center gives development companies a tool to search what is available in open source projects. Black Duck’s database of open source code knowledge includes information on more than 150,000 components and is growing larger all the time, he said.
“Organizations that build systems will increasingly rely on open source to meet their product development demands,” McQuaide said.
The new product will help companies make decisions about licensing and support issues associated with open source components they consider using. It will also help companies use efficient approval processes. Development firms want to avoid lengthy legal reviews and long approval cycles, he explained.
“Development organizations are struggling with the task of managing processes related to use of open source and third party code in software development. Keeping track of security vulnerabilities, usage policies and code approval workflows are challenges facing most large-scale development shops,” said Julie Craig, senior analyst at Enterprise Management Associates.
This process involves understanding numerous software licenses, which, in many cases, contain obligations that conflict with an organization’s policies, explained Craig, adding that Black Duck Code Center seeks to provide companies with visibility and policy governance around component-based development.
Customers can configure Black Duck Code Center to work with the unique component use policies that they have in place. The product makes such policies less labor-intensive to support and standardizes communications between engineers, legal, finance, security and other teams, said company officials.
“Large numbers of our customers have been asking for this type of product. This is forging new ground,” said McQuaide.”
Industry surveys document increasing reuse by developers of open source and other freely available third-party code to compress engineering schedules. However, many companies have reacted to this trend by erecting barriers to discourage leverage and reuse.
“In the initial phases of the software industry’s uptake of open source software, we witnessed enthusiasm from software engineers, but caution on the part of development managers because of the policy issues and risk associated with this approach,” observed CEO Douglas Levin. “With the introduction of Black Duck Code Center, companies will be able to manage these issues efficiently and effectively, enabling them to maximize component reuse within their development organizations.”
Cost and Availability
Black Duck has shipped the new product to several major technology companies and open source software industry leaders and anticipates general availability in March, said McQuaide. Pre-release versions of the Code Center software have been available to selected customers and through a hosted version, he said.
When the product is fully available in two months, it was have a base price of US$25,000 on a sliding scale.
Black Duck’s announcement on the release of the Black Duck Code Center comes on the heals of an HP announcement last week about its three-part software governance initiative to help companies address the legal, financial and security demands associated with using free and open source software (FOSS).
HP is donating its intellectual property for monitoring open source products to a new open source community. It is also founding a new organization commissioned to further educating users about the licensing demands and legal issues surrounding open source software.
HP will also provide contracted services to enterprises seeking help in identifying open source software and dealing with the license requirements.