DOCSLIB.ORG

Comparison of Open Source License Scanning Tools

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Comparison of Open Source License Scanning Tools Bachelor Degree Project Comparison of Open Source License Scanning Tools Author: Hailing Zhang ​ Supervisor: Morgan Ericsson, Lu Wang ​ Semester. VT 2020 ​ Subject: Computer Science ​ Abstract We aim to determine the features of four popular FOSS scanning tools, FOSSology, FOSSA, FOSSID(SCAS), and Black Duck, thereby providing references for users to choose a proper tool for performing open-source license compliance in their projects. The sanity tests firstly verify the license detection function by using the above tools to scan the same project. We consider the number of found licenses and scanned sizes as metrics of their accuracy. Then we generate testing samples in different programming languages and sizes for further comparing the scanning efficiency. The experiment data demonstrate that each tool would fit different user requirements. Thus this project could be considered as a definitive user guide. Keywords: Software licenses, FOSS scanning tool, accuracy, efficiency ​ Preface We would like to thank Morgan Ericsson for his guidance and advice during the writing of this thesis. We also want to thank Lu Wang for the research topic and the feedback from Björn Kihlblom, Mats Fröjdh, and Wei Cao. We would not be able to finish this degree project without the resources provided by Ericsson. Contents 1 Introduction 1 1.1 Related work 1 1.2 Problem formulation 2 1.3 Motivation 2 1.4 Objectives 3 1.5 Scope 3 1.6 Target group 4 1.7 Outline 5 2 Background 6 ​ 2.1 Software licenses 6 ​ 2.1.1 Free and Open Source Software 6 2.1.2 Software license compliance 7 2.2 Tools introduction 9 ​ 2.2.1 FOSSology 10 2.2.2 FOSSA 11 2.2.3 FOSSID 11 2.2.4 Black Duck 12 3 Method 13 ​ 3.1 Method selection 13 ​ ​ 3.2 Reliability and Validity 14 ​ 4 Implementation 15 ​ 4.1 Experiment design 15 ​ ​ 4.1.1 Sanity test design 15 4.1.2 Advanced test design 16 4.2 Experiment preparation 18 ​ ​ 4.3 Experiment execution 18 ​ ​ 4.4 Experiment results 20 ​ ​ 5 Results 25 ​ 5.1 Sanity test results 25 ​ ​ 5.2 Advanced test results 26 ​ ​ 5.2.1 Results of advanced test A 26 5.2.2 Results of advanced test B 27 6 Analysis 30 ​ 6.1 FOSSology 30 6.2 FOSSA 30 6.3 FOSSID 31 6.4 Black Duck 32 7 Discussion 34 ​ 8 Conclusion 36 ​ 8.1 Future work 36 ​ References 38 1 Introduction The technical superiority induces companies to use the free, open-source software (FOSS) in almost all products [1]. Due to the FOSS components usually get ample support from the open-source community. The quicker technology iteration with lower cost promotes the spread of emerging technologies and fosters innovation [26]. On the other hand, the license compatibility problems and copyrighted obligations also arise in legal controversy [8]. Since the reused codes might have contractual license terms and conditions that oblige the licensee to use the source code with preconditions, unintentional ramifications could jeopardize corporate intellectual property and cause subsequent obstructions of development. In such a context, commercial companies such as Black Duck, FOSSID came to market. They assist organizations in identifying licenses and discovery repeated snippets. The availability of scanning tools mitigates the legal risk, especially when developers modifying, redistribution, or create derivative works based on FOSS [20]. 1.1 Related work Researchers made plenty of efforts in the implementation of a new scanning tool and analysis of the legal theories. Still, there are not many published papers discussing the differences in performances among scanning tools. Since it is related to business competition, most of the existing scanning projects released are under copyleft licenses. Under the nondisclosure agreement and copyright protection, analyzing algorithms becomes impossible due to the remote source code. Thus the researches in scanning tools comparison are few and focus on the open-source licensing projects. The diploma thesis, "Software Licensing Analysis Tool" by Tomáš Radej [20], inspired the design of our controlled experiments. The author compared license Check and Licorice by performing detection on a random sample of packages taken from the Fedora operating system's repository. Kapitsaki, Tselikas, and Foukarakis contributed to ​ the visualization of the license compatibility and integrated framework to support license conflict detection in their article "An insight into license tools for open source software systems" [14]. It investigated software licensing, giving a critical and comparative overview of existing assistive approaches and tools. Their research demonstrates the role of the different methods in license use decisions. This thesis thus attempts to choose tools with varying principles of working to conduct experiments. The accuracy of license risk given by each tool would be determined based on FOSS license categories. OSI and FSF documents listed compatibility relationships among licenses [10] [19], which lay the theoretical foundation of this project, especially for designing testing samples. The importance of license compliance emphasizing is in every tool's website and user guide [4] [5] [8], which exactly motivated this thesis, as well as provides references for the design of experiments in Chapter 2. 1.2 Problem formulation This thesis aims to figure out the capabilities and characteristics of FOSS scanning tools on the market. Since it is a challenge for an organization to know which scanning tool to use in its development organization, we will try to determine FOSS scanning tools' performance by controlled experiments. By analyzing the scanning results, and record each tool's computational efficiency and accuracy as a database for choosing suitable FOSS scanning tools for the next projects in Ericsson. 1.3 Motivation It is an era defined by software; the included FOSS components in merging products are universal and increasing [12]. The FOSS scanning tools thus gained attention from commercial companies. They all declare that they have the most comprehensive knowledge base of open source components, vulnerability, and license information [8]. This project aims to provide experiment data as references for the open-source compliance in product development, the enterprise or individuals could save time and expenses for testing the various commercial scanning tools. The proper tool can ensure the company's intellectual property rights are not unintentionally exposed while contributing to FOSS and FOSS forums. The usage of scanning tools also assures legal fulfillment of the company's obligations relative to open source license as well as not limiting the company's ability to commercialize and retain product proprietorship. Besides, the protection of copyright could flourish open-source software by supervising the users to respect authors' requirements. After all, making better software is what open source is all about. This thesis attempts to help the FOSS components users legitimately to develop and publish their products, thus optimizing the software industry by popularizing the concept of software license compliance. 1.4 Objectives The objectives of this thesis are listed below. Compare capabilities of FOSSology, FOSSA, FOSSID(SCAS), and Black O1 Duck by using them to apply license detection on the same project. Compare the scanning time of FOSSology and Black Duck in projects O2 with different sizes and programming languages. 1.5 Scope The scope of the thesis project is limited; we will only test the scanning tools mentioned earlier. Because they are non-free licenses, so the analysis of scanning results will not involve the source code and the algorithms that caused the different performances. For a similar reason, the description of test objects will include programming language, lines of codes, and the instructions of open source components. We designed the experiments to observe the performance of candidate tools under different programming languages instead of code statements. We discussed the license definitions in Chapter 1.1, from the practical public view, the FOSS scanning aims to find the license and code that may jeopardize product security instead of recognizing the FOSS licenses that are approved by both OSI and FSF. Since scientific writing is supposed to use plain and accurate descriptions rather than rhetorical flourishes, this project will not limit the scanning scope into the valid FOSS license approved by FSF and OSI, but popular licenses of each category as approved by OSI or FSF. Besides, the vendor tends to emphasize that their tool can integrate into the continuous integration and delivery pipeline, but discussion of this function will not be in this thesis. Because the difference does not affect their performance, and the testing samples will not integrate with any parental project. This project is in the computer science area, and the author does not have any legal background, so this project does not give legal advice. Although some tools also have other functions more than FOSS license detection, such as vulnerability identification, risk evaluation, and dependency version confirmation, this project would not launch a discussion on these aspects. This extra function refers to another kind of scanning tool for finding security vulnerabilities such as Cross-site scripting, SQL Injection, and insecure server configuration. 1.6 Target group Companies across all industries are racing to use, participate in, and contribute to open source projects for the various advantages they offer from leveraging external engineering resources that
Load more

Recommended publications
  • An Introduction to Software Licensing
    An Introduction to Software Licensing James Willenbring Software Engineering and Research Department Center for Computing Research Sandia National Laboratories David Bernholdt Oak Ridge National Laboratory Please open the Q&A Google Doc so that I can ask you Michael Heroux some questions! Sandia National Laboratories http://bit.ly/IDEAS-licensing ATPESC 2019 Q Center, St. Charles, IL (USA) (And you’re welcome to ask See slide 2 for 8 August 2019 license details me questions too) exascaleproject.org Disclaimers, license, citation, and acknowledgements Disclaimers • This is not legal advice (TINLA). Consult with true experts before making any consequential decisions • Copyright laws differ by country. Some info may be US-centric License and Citation • This work is licensed under a Creative Commons Attribution 4.0 International License (CC BY 4.0). • Requested citation: James Willenbring, David Bernholdt and Michael Heroux, An Introduction to Software Licensing, tutorial, in Argonne Training Program on Extreme-Scale Computing (ATPESC) 2019. • An earlier presentation is archived at https://ideas-productivity.org/events/hpc-best-practices-webinars/#webinar024 Acknowledgements • This work was supported by the U.S. Department of Energy Office of Science, Office of Advanced Scientific Computing Research (ASCR), and by the Exascale Computing Project (17-SC-20-SC), a collaborative effort of the U.S. Department of Energy Office of Science and the National Nuclear Security Administration. • This work was performed in part at the Oak Ridge National Laboratory, which is managed by UT-Battelle, LLC for the U.S. Department of Energy under Contract No. DE-AC05-00OR22725. • This work was performed in part at Sandia National Laboratories.
    [Show full text]
  • 50109195.Pdf
    UNIVERSIDAD DE EL SALVADOR FACULTAD MULTIDISCIPLINARIA ORIENTAL DEPARTAMENTO DE INGENIERÍA Y ARQUITECTURA TRABAJO DE GRADO: IMPACTO DEL SOFTWARE LIBRE EN LAS INSTITUCIONES DE EDUCACIÓN MEDIA DEL MUNICIPIO DE SAN MIGUEL DURANTE EL AÑO 2019 Y CREACIÓN DE PLATAFORMA VIRTUAL PARA EL REGISTRO DE DICHA INFORMACIÓN. PARA OPTAR AL TÍTULO DE: INGENIERO DE SISTEMAS INFORMÁTICOS PRESENTADO POR: EVER FERNANDO ARGUETA CONTRERAS. ROBERTO CARLOS CÁRDENAS RAMÍREZ. GERSON ALEXANDER SANDOVAL GUERRERO. DOCENTE ASESOR: INGENIERO LUIS JOVANNI AGUILAR CIUDAD UNIVERSITARIA ORIENTAL, 11 DE SEPTIEMBRE DE 2020 SAN MIGUEL, EL SALVADOR, CENTRO AMÉRICA UNIVERSIDAD DE EL SALVADOR AUTORIDADES Msc. ROGER ARMANDO ARIAS RECTOR PhD. RAÚL ERNESTO AZCÚNAGA LÓPEZ VICERECTOR ACADÉMICO INGENIERO JUAN ROSA QUINTANILLA VICERECTOR ADMINISTRATIVO INGENIERO FRANCISCO ALARCÓN SECRETARIO GENERAL LICENCIADO RAFAEL HUMBERTO PEÑA MARÍN FISCAL GENERAL LICENCIADO LUIS ANTONIO MEJÍA LIPE DEFENSOR DE LOS DERECHOS UNIVERSITARIOS FACULTAD MULTIDISCIPLINARIA ORIENTAL AUTORIDADES LICENCIADO CRISTÓBAL HERNÁN RÍOS BENÍTEZ DECANO LICENCIADO OSCAR VILLALOBOS VICEDECANO LICENCIADO ISRRAEL LÓPEZ MIRANDA SECRETARIO INTERINO LICENCIADO JORGE PASTOR FUENTES CABRERA DIRECTOR GENERAL DE PROCESOS DE GRADUACIÓN DEPARTAMENTO DE INGENIERIA Y ARQUITECTURA AUTORIDADES INGENIERO JUAN ANTONIO GRANILLO COREAS. JEFE DEL DEPARTAMENTO. INGENIERA LIGIA ASTRID HERNANDEZ BONILLA COORDINADORA DE LA CARRERA DE INGENIERIA EN SISTEMAS INFORMATICOS INGENIERA MILAGRO DE MARÍA ROMERO DE GARCÍA COORDINADORA DE PROCESOS DE GRADUACIÓN TRIBUNAL EVALUADOR INGENIERO LUIS JOVANNI AGUILAR JURADO ASESOR INGENIERO LUDWIN ALDUVÍ HERNÁNDEZ VÁSQUEZ DOCENTE JURADO CALIFICADOR INGENIERA LIGIA ASTRID HERNANDEZ BONILLA DOCENTE JURADO CALIFICADOR AGRADECIMIENTOS A DIOS: Por darme la oportunidad de vivir y por haberme dado la sabiduría para poder culminar mis estudios y por fortalecer mi corazón e iluminar mi mente, por haber puesto en mi camino a aquellas personas que han sido mi soporte y compañía durante todo el periodo de estudio.
    [Show full text]
  • Open Source Software Notice
    Open Source Software Notice This document describes open source software contained in LG Smart TV SDK. Introduction This chapter describes open source software contained in LG Smart TV SDK. Terms and Conditions of the Applicable Open Source Licenses Please be informed that the open source software is subject to the terms and conditions of the applicable open source licenses, which are described in this chapter. | 1 Contents Introduction............................................................................................................................................................................................. 4 Open Source Software Contained in LG Smart TV SDK ........................................................... 4 Revision History ........................................................................................................................ 5 Terms and Conditions of the Applicable Open Source Licenses..................................................................................... 6 GNU Lesser General Public License ......................................................................................... 6 GNU Lesser General Public License ....................................................................................... 11 Mozilla Public License 1.1 (MPL 1.1) ....................................................................................... 13 Common Public License Version v 1.0 .................................................................................... 18 Eclipse Public License Version
    [Show full text]
  • License Agreement
    TAGARNO MOVE, FHD PRESTIGE/TREND/UNO License Agreement Version 2021.08.19 Table of Contents Table of Contents License Agreement ................................................................................................................................................ 4 Open Source & 3rd-party Licenses, MOVE ............................................................................................................ 4 Open Source & 3rd-party Licenses, PRESTIGE/TREND/UNO ................................................................................. 4 atk ...................................................................................................................................................................... 5 base-files ............................................................................................................................................................ 5 base-passwd ...................................................................................................................................................... 5 BSP (Board Support Package) ............................................................................................................................ 5 busybox.............................................................................................................................................................. 5 bzip2 .................................................................................................................................................................
    [Show full text]
  • Engineering Law and Ethics
    ENSC 406 Software, Computer and Internet Ethics Bob Gill, P.Eng., FEC, smIEEE May 15th 2017 1 Topics Covered What is Open Source Software? A One-Slide History of Open Source Software The Open Source Development Model Why Companies Use (and Don’t Use) Open Source Software Open Source Licensing Strategies Open Source Licenses and “Copyleft” Open Source Issues in Corporate Transactions Relevant Cases and Disputes Open source vs. Freeware vs. Shareware Site Licensing Software Maintenance Computer and Internet Ethics 2 What is Open Source Software? Open Source software is software licensed under an agreement that conforms to the Open Source Definition Access to Source Code Freedom to Redistribute Freedom to Modify Non-Discriminatory Licensing (licensee/product) Integrity of Authorship Redistribution in accordance with the Open Source License Agreement 3 What is Open Source Software? Any developer/licensor can draft an agreement that conforms to the OSD, though most licensors use existing agreements GNU Public License (“GPL”) Lesser/Library GNU Public License (“LGPL”) Mozilla Public License Berkeley Software Distribution license (“BSD”) Apache Software License MIT – X11 License See complete list at www.opensource.org/licenses 4 Examples of Open Source Software Linux (operating system kernel – substitutes for proprietary UNIX) Apache Web Server (web server for UNIX systems) MySQL(Structured Query Language – competes with Oracle) Cloudscape, Eclipse (IBM contributions) OpenOffice(Microsoft Office Alternate) SciLab,
    [Show full text]
  • Open Source Software Notices
    Intergraph G/Technology® 10.04.2003 Open Source Software Licenses, Notices, and Information This information is provided for Intergraph G/Technology®, a software program of Intergraph® Corporation D/B/A Hexagon Safety & Infrastructure® (“Hexagon”). Source Code Access Intergraph G/Technology® may include components licensed pursuant to open source software licenses with an obligation to offer the recipient source code. Please see below the list of such components and the information needed to access the source code repository for each. In the event the source code is inaccessible using the information below or physical media is desired, please email [email protected]. Component, version Link to download repository DirectShow .NET v2.1 https://sourceforge.net/projects/directshownet/files/DirectShowNET/ DotSpatial.NetTopologySuite https://github.com/DotSpatial/NetTopologySuite 1.14.4 GeoAPI.NET 1.7.4.3 https://github.com/DotSpatial/GeoAPI Open Source Software Components Intergraph G/Technology® may include the open source software components identified on the following page(s). This document provides the notices and information regarding any such open source software for informational purposes only. Please see the product license agreement for Intergraph G/Technology® to determine the terms and conditions that apply to the open source software. Hexagon reserves all other rights. @altronix/linq-network-js 0.0.1-alpha-2 : MIT License @microsoft.azure/autorest.java 2.1.0 : MIT License anrl trunk-20110824 : MIT License aspnet/Docs 20181227-snapshot-68928585
    [Show full text]
  • Open Source Software 101
    What Every Attorney Needs to Know About Open Source Licenses and Their Obligations: Open Source Software 101 2020 Edition LawPracticeCLE Unlimited All Courses. All Formats. All Year. ABOUT US LawPracticeCLE is a national continuing legal education company designed to provide education on current, trending issues in the legal world to judges, attorneys, paralegals, and other interested business professionals. New to the playing eld, LawPracticeCLE is a major contender with its oerings of Live Webinars, On-Demand Videos, and In-per- son Seminars. LawPracticeCLE believes in quality education, exceptional customer service, long-lasting relationships, and networking beyond the classroom. We cater to the needs of three divisions within the legal realm: pre-law and law students, paralegals and other support sta, and attorneys. WHY WORK WITH US? At LawPracticeCLE, we partner with experienced attorneys and legal professionals from all over the country to bring hot topics and current content that are relevant in legal practice. We are always looking to welcome dynamic and accomplished lawyers to share their knowledge! As a LawPracticeCLE speaker, you receive a variety of benets. In addition to CLE teaching credit attorneys earn for presenting, our presenters also receive complimentary tuition on LawPracticeCLE’s entire library of webinars and self-study courses. LawPracticeCLE also aords expert professors unparalleled exposure on a national stage in addition to being featured in our Speakers catalog with your name, headshot, biography, and link back to your personal website. Many of our courses accrue thousands of views, giving our speakers the chance to network with attorneys across the country. We also oer a host of ways for our team of speakers to promote their programs, including highlight clips, emails, and much more! If you are interested in teaching for LawPracticeCLE, we want to hear from you! Please email our Directior of Operations at [email protected] with your information.
    [Show full text]
  • Meridium V3.6X Open Source Licenses (PDF Format)
    Open Source Components Component Version License License Link Usage Home Page .NET Zip Library Unspecified SharpZipLib GPL License (GPL w/exception) http://www.icsharpcode.net/opensource/sharpziplib/ Dynamic Library http://dotnetziplib.codeplex.com/ 32feet.NET Unspecified Microsoft Public License http://opensource.org/licenses/MS-PL File + Dynamic Library http://32feet.codeplex.com AjaxControlToolkit Unspecified Microsoft Public License http://opensource.org/licenses/MS-PL Dynamic Library http://ajaxcontroltoolkit.codeplex.com/ Android - platform - external - okhttp 4.3_r1 Apache License 2.0 http://www.apache.org/licenses/LICENSE-2.0.html File http://developer.android.com/index.html angleproject Unspecified BSD 3-clause "New" or "Revised" License http://opensource.org/licenses/BSD-3-Clause Dynamic Library http://code.google.com/p/angleproject/ Apache Lucene - Lucene.Net 3.0.3-RC2 Apache License 2.0 http://www.apache.org/licenses/LICENSE-2.0.html Dynamic Library http://lucenenet.apache.org/ AttributeRouting (ASP.NET Web API) 3.5.6 MIT License http://www.opensource.org/licenses/mit-license.php File http://www.nuget.org/packages/AttributeRouting.WebApi AttributeRouting (Self-hosted Web API) 3.5.6 MIT License http://www.opensource.org/licenses/mit-license.php File http://www.nuget.org/packages/AttributeRouting.WebApi.Hosted AttributeRouting.Core 3.5.6 MIT License http://www.opensource.org/licenses/mit-license.php Component http://www.nuget.org/packages/AttributeRouting.Core AttributeRouting.Core.Http 3.5.6 MIT License http://www.opensource.org/licenses/mit-license.php
    [Show full text]
  • Extremewireless Open Source Declaration
    ExtremeWireless Open Source Declaration Release v10.41.01 9035210 Published September 2017 Copyright © 2017 Extreme Networks, Inc. All rights reserved. Legal Notice Extreme Networks, Inc. reserves the right to make changes in specifications and other information contained in this document and its website without prior notice. The reader should in all cases consult representatives of Extreme Networks to determine whether any such changes have been made. The hardware, firmware, software or any specifications described or referred to in this document are subject to change without notice. Trademarks Extreme Networks and the Extreme Networks logo are trademarks or registered trademarks of Extreme Networks, Inc. in the United States and/or other countries. All other names (including any product names) mentioned in this document are the property of their respective owners and may be trademarks or registered trademarks of their respective companies/owners. For additional information on Extreme Networks trademarks, please see: www.extremenetworks.com/company/legal/trademarks Software Licensing Some software files have been licensed under certain open source or third-party licenses. End- user license agreements and open source declarations can be found at: www.extremenetworks.com/support/policies/software-licensing Support For product support, phone the Global Technical Assistance Center (GTAC) at 1-800-998-2408 (toll-free in U.S. and Canada) or +1-408-579-2826. For the support phone number in other countries, visit: http://www.extremenetworks.com/support/contact/
    [Show full text]
  • Elements of Free and Open Source Licenses: Features That Define Strategy
    Elements Of Free And Open Source Licenses: Features That Define Strategy CAN: Use/reproduce: Ability to use, copy / reproduce the work freely in unlimited quantities Distribute: Ability to distribute the work to third parties freely, in unlimited quantities Modify/merge: Ability to modify / combine the work with others and create derivatives Sublicense: Ability to license the work, including possible modifications (without changing the license if it is copyleft or share alike) Commercial use: Ability to make use of the work for commercial purpose or to license it for a fee Use patents: Rights to practice patent claims of the software owner and of the contributors to the code, in so far these rights are necessary to make full use of the software Place warranty: Ability to place additional warranty, services or rights on the software licensed (without holding the software owner and other contributors liable for it) MUST: Incl. Copyright: Describes whether the original copyright and attribution marks must be retained Royalty free: In case a fee (i.e. contribution, lump sum) is requested from recipients, it cannot be royalties (depending on the use) State changes: Source code modifications (author, why, beginning, end) must be documented Disclose source: The source code must be publicly available Copyleft/Share alike: In case of (re-) distribution of the work or its derivatives, the same license must be used/granted: no re-licensing. Lesser copyleft: While the work itself is copyleft, derivatives produced by the normal use of the work are not and could be covered by any other license SaaS/network: Distribution includes providing access to the work (to its functionalities) through a network, online, from the cloud, as a service Include license: Include the full text of the license in the modified software.
    [Show full text]
  • Extensions Vs
    Confidential Information Notice Copyright 2012. All Rights Reserved. Any unauthorized reproduction of this document is prohibited. This document and the information it contains constitute a trade secret of Magento and may not be reproduced or disclosed to non-authorized users without the prior written permission from Magento. Permitted reproductions, in whole or in part, shall bear this notice. Table of Contents Preface ....................................................................................................................... 1 About This Document ...................................................................................................... 1 Updates, Comments, and Suggestions ........................................................................... 1 Disclaimer ........................................................................................................................ 1 Section 1: Introduction .......................................................................................... 2 What is Magento Connect? ............................................................................................. 2 Community Extensions vs. Commercial Extensions ....................................................... 2 Version Compatibility ....................................................................................................... 2 Section 2: How to Package & Publish Your Extension ........................................ 3 Step One: Package Your Extension ...............................................................................
    [Show full text]
  • Course 2: «Open Source Software (OSS) Engineering Data»
    Course 2: «Open Source Software (OSS) Engineering Data». 1st Day: Metrics and Tools for Software Engineering in Open Source Software 1. Open Software / Hardware Technologies: Introduction to Open Source Software and related technologies. 2. Software Engineering FLOSS: Free Libre Open Source Software in Software Engineering. 3. Metrics for Open Source Software: product and project metrics and related tooling. 2nd Day: Research based on Open Source Software Data 4. Facilitating Metric for White-Box Reuse: we will discuss a metric derived from the analysis of Open Source Project which facilitates the white-box reuse (reuse based on the source code analysis). 5. Extracting components from Open-Source: The Component Adaptation Environment Approach (COPE): we will discuss the results of the OPEN-SME EU Research Project and in particular the COPE tool for extracting reusable components from Open Source Software. 6. Software Engineering Research based on Open Source Software Data: Data, A recent example: we will discuss a recent study of open source repository mailing lists for deriving implications for the evolution of an open source project. 7. Improving Component Coupling Information with Dynamic Profiling: we will discuss how dynamic profiling of an open source program can contribute towards its comprehension. In various points during the lectures students will be asked to carry out activities. Open Software / Hardware Technologies Ioannis Stamelos, Professor Nikolaos Konofaos, Associate Professor School of Informatics Aristotle University of Thessaloniki George Kakarontzas, Assistant Professor University of Thessaly 2018-2019 1 F/OSS - FLOSS Definition ● The traditional SW development model asks for a “closed member” team that develops proprietary source code.
    [Show full text]