Internet of Things: Role of Free and Open Source Software
Mark Radcliffe, Partner, DLA Piper Mark O’Conor, Partner, DLA Piper Ian Skerrett, Eclipse Foundation Mike Dolan, Linux Foundation (Allseen Alliance) Global platform
. Largest law firm in the world, based in 31 countries and 77 offices throughout the Americas, Asia Pacific, Europe and the Middle East . More than 145 DLA Piper lawyers in IP transactions . Global Open Source Practice . More than 550 DLA Piper lawyers ranked as leaders in their fields
WEST\253917478.2 Page 2 OSS practice
. Worldwide OSS Practice US practice led by two partners: Mark Radcliffe and Victoria Lee . Experience . Open sourcing Solaris operating system . FOSS foundations . OpenStack Foundation . PrPL Foundation . OpenSocial . Open Source Initiative . GPLv3 Drafting Committee Chair . Drafting Project Harmony agreements
WEST\253917478.2 Page 3 Linux Foundation and AllSeen Alliance
. The Linux Foundation® is a 501(c)(6) nonprofit organization dedicated to enabling the Linux kernel community and protecting, defending and promoting the adoption of Linux and open source technologies that form the backbone infrastructure of society. The Linux Foundation hosts many Collaborative Projects that extend the successful practices of open source development into technology areas beyond the Linux kernel
. AllSeen Alliance is one of The Linux Foundation’s Collaborative Projects. AllSeen is a 501(c)(6) nonprofit organization dedicated to enabling the widespread adoption of products, systems and services that support the Internet of Things through an open environment, vibrant ecosystem and thriving technical community based on the AllJoyn® open source project.
The Linux Foundation is a registered trademark of The Linux Foundation. AllSeen and AllSeen Alliance are trademarks of AllSeen Alliance, Inc. AllJoyn is a registered trademark of AllSeen Alliance, Inc.
Page 4 Introduction to the Eclipse Foundation
. Nonprofit Open Source Foundation (5.01 c6), created in 2004 . 220+ members, including IBM, SAP, Google, SAP, Red Hat, Bosch, Cisco, Airbus . 250 different open source projects . 6-8 million users . 22 staff members
WEST\253917478.2 Page 5 World economic forum: IoT report
. The Industrial Internet will transform the basis of competition, requiring business leaders to shift from a focus on products and services to business outcomes. For the Industrial Internet to achieve its full potential, industry sectors will need to collaborate more closely with technology leaders and policy makers to put in place the standards and conditions required to encourage further investment. . Paul Nanterme, Chairman and CEO of Accenture
WEST\253917478.2 Page 6 AllSeen Alliance Introduction
Mike Dolan, Senior Director of Strategic Programs The Linux Foundation
WEST\253917478.2 Page 7 AllSeen Alliance – the problem with the Internet of Things today
• A different app for every device • Integration is difficult • Devices can’t interact locally, requires an internet connection for every device • Cloud connections abound; are they all secure? Each with their own terms – e.g. who owns the data? • Rich user experiences (combinations) are difficult to build, if even possible
Laundry Cloud Security Lighting C Camera Cloud Cloud
Security Lighting Speaker Camera C App B App Speaker B App Cloud
Lighting B Cloud Fridge Laundry Lighting Fridge Cloud App B App App
TV Cloud Speaker TV Lighting A App App A App NOW PLAYING: Artist: Flowers Song: Daisy Lighting A Cloud
Speaker A Cloud App Overload !
WEST\253917478.2 Page 8 Ubiquitous connectivity promises to make devices smart
But ONLY if they speak the same language
hello 당신은 내 말 Tem alguém hellworh 100010101011 world! 들려? aí? e
✗ ✗ ✗ ✗ Computing Consumer AutoHome Industrial devices goods and appliances Devices that can’t connect across brands, categories, and operating systems will be left out No single company covers every segment, space and platform
WEST\253917478.2 Page 9 AllSeen Alliance – AllJoyn framework lets things work together
hello! hello! hello! hello! hello!
AllJoyn AllJoyn AllJoyn AllJoyn AllJoyn framework framework framework framework framework
Computing Consumer AutoHome Industri devices goods Computing Consumer Home Industrialal devices goodsand Auto appliancesand appliances
WEST\253917478.2 Page 10 Exposing smartphone APIs enabled new experiences that no one had ever thought of before
GPS
Microphone GPU
Touchscreen
DSP
Accelerometer
GYRO The AllJoyn framework exposes the capabilities of connected devices in the much the same way
A single protocol allowing products and apps to expose their capabilities and interact with other devices and apps Lock doors
Displays Light bulbs
Speakers Garage door
Clocks Sensors
Cool Pictures
Heat Video
TVs Drapes
The AllJoyn software framework is a collaborative open source project of the AllSeen Alliance AllJoyn enabled devices describe their capabilities via service interfaces on a virtual bus
WEST\253917478.2 Page 13 AllJoyn’s Gateway Agent provides remote access, management and privacy controls for all AllJoyn enabled devices and apps
WEST\253917478.2 Page 14 The problems that AllJoyn solves… in an interoperable way
Identify Discover Control Manage nearby devices services running on those devices devices near and far remote and local
Interoperate Adapt Span Exchange Secure across OS, device to devices coming diverse information against bad and manufacturer and going transports actors
WEST\253917478.2 Page 15 AllSeen Alliance - 2014 Collaboration Scorecard
Projects Contributions Jira Tickets 37 total projects 103 contributors 1,600 submitted 20 active 20+ companies 1,250 closed 7 new 4.1M SLoC 330 open or in changed since progress launch Why the Internet of Things has to be open sourced
“Companies will win over Internet of Things not in the boardroom, but on the command line. The consortium that gets excellent code to market first, with a community that provides great documentation and an inviting atmosphere, will win. So far, only AllSeen has done that, with code available for download today.”
Matt Asay VP Mobile at Adobe, via readwrite.com
17 AllSeen Alliance – over 170 members including 12 premier members
+ One more not yet announced
WEST\253917478.2 Page 18 AllSeen Alliance – Community members
− 2lemetry − Elica S.p.A. − iGloo Software − Modacom − ADT Security − Euronics − iiNet − Musaic Services − EXO U − Imagination − Muzzley − Affinegy − Faber S.p.A. Technologies − NETGEAR − FengLian − AT&T Digital Life − Innopia − Octoblu − FirstBuild − Audio Partnership Technologies − Organic Response − Fon − Beechwoods − INSTEON − ForgeRock − Patavina Software − Inteno Broadband Technologies − Fortune Techgroup − Beijing Winner Micro Technology AB − People Power Electronics − FreeWings − IOOOTA Technologies Company − BLACKLOUD − GEO Semiconductor − ISI Technologies − Personal Air − Bosch − GeoPal Solutions − Kii Quality Systems − CA Engineering − Golgi − Kitu Systems (PAQS) − Canary − Gowex − Legrand Group − Ping Identity − Carvoyant − Guangdong Pisen − Lenovo − Playtabase − Changhong Electronics − LeTV − POWERTECH − Harman − Cirrent − LG Uplus − Quanta Computer − Heaven Fresh − Razer − Cisco Canada − Lhings − Cloud of Things − Helium − LIFX − Red Bend Software − CoCo − Honeywell − LightFreq − Resin.io Communications − HOUZE® Advanced − Lite-On − Connectuity Building Science − Local Motors − Sears Brand Mgmt..Corporation − ControlBEAM − HTC − Lumen Cache − Hubble − Seed Labs − Covata − M2Communication − D-Link − iControl Networks − Shenzhen − MachineShop Fenglian − Dawon − MobilityLab LLC Technology Co − dog hunter − Domos Labs
Page 19 AllSeen Alliance – Community members continued
− Shenzhen H&T Home Online Network Technology Co − Sproutling − Symantec − TCL Corporation − Tellient − The Sprosty Network − Things.Expert − ThroughTek − Trend Micro − Tuxera − Two Bulls − Umbrela − Universal Devices − Vedams − VeriSign, Inc. − Vestel Group − Waygum.io − Weaved − Wireless Things − WiSilica − wot.io
Page 20 Eclipse IoT Introduction
Ian Skerrett [email protected] @ianskerrett ECLIPSE IOT Open Source IoT Building Blocks
New and Existing Network/Wireless IoT Gateways Devices Services Backend Systems
Open Source Technology to Connect and Manage
Page 22 WEST\253917478.2 Eclipse Foundation: building blocks for open IoT stack
IoT applications
IoT solution frameworks - Home automation - SCADA - OM2M
Connectivity IoT gateway services - MQTT - Remote management - CoAP - LWM2M - Application management
Open and Commercial Hardware
WEST\253917478.2 Page 23 Open standards
Mosquitto
CoAP Californium
LWM2M
Page 24 IoT frameworks
IoT Gateway Framework
Integration framework for home automation
Integration framework for SCADA systems
WEST\253917478.2 Page 25 Eclipse Foundation: commercial and open IoT ecosystem
Open IoT Stack
WEST\253917478.2 Page 26 Where software is hot, OSS is hot
63% 57% 53% 51% 49% 48% 46%
27% 26%
13% 12% 10%
CLOUD/ CONTENT MOBILE SECURITY COLLABORATION NETWORK SOCIAL 3D PRINTING ANALYTICS AND DRONES GAMING ERP VIRTUALIZATION MGMT MGMT MEDIA BUSINESS INTELLIGENCE
WEST\253917478.2 Page 27 OSS grows as % of code
By 2016, at least 95% of IT organizations will leverage nontrivial elements of open-source More % ??? software technology in their mission-critical IT portfolios, including cases where they might not be aware of it – an increase from 75% in 2010. Source: Gartner, 2014 30%
5%
2007 2012 2017
Source: IDC Survey of G2000Source: Black Duck audit results
WEST\253917478.2 Page 28 Basic legal issues
. Intellectual property rights . Copyright . Protects works of authorship such as software, documentation, music and movies . Exclusive rights . Distribute . Modify . Reproduce . Public display/public performance . Patents . Protects inventions, such as software, hardware and automobiles which are useful, non-obvious and novel . Exclusive rights (negative right) . Make . Use . Sell
WEST\253917478.2 Page 29 Basic legal issues continued
. Trademarks . Word, symbol, device, sound or smell which identifies a product as coming from a certain source and as being of a certain level of quality . Prevent use of confusingly similar marks . Examples: Linux, Apache (word), Apache (feather), OpenStack (word) . Article II – Sale of goods from airplanes to automobiles to software . Warranties . Express . Implied . Remedies: consequential damages . Source of the funny language in licenses merchantability
WEST\21689961v1WEST\253917478.2 Page30Page 30 Types of open source licenses: Restrictive, permissive, other
. Restrictive (aka Copyleft, reciprocal) . Requires licensor to make improvements or enhancements available under same terms . Example is the GPL: licensee must distribute work based on the program (derivative works) under the terms of the GPL . Hybrid . Requires licensor to make limited improvements or enhancements under the same terms . Example is the MPL: licensee must distribute modified files under MPL . Permissive . Modifications/enhancements may remain proprietary . Distribution in source code or object code permitted provided copyright notice and liability disclaimer are included and contributors’ names are not used to endorse products . Examples: Berkeley Software Distribution (BSD), Apache Software License . Miscellaneous: Other: Lucent, zlib/libpng
WEST\253917478.2 Page 31 The GNU General Public License (GPL)
. GPLv2 first published in 1991 (final version of GPLv3 published 6/29/2007) . Key Terms of GPLv2 . Right of customers to modify and distribute modification under GPL . Non-exclusive . Obligation to distribute (can charge but not pass through this obligation) . Any work based on the program is subject to GPL . Must include source code . No explicit patent license . Automatic termination
WEST\253917478.2 Page 32 The updated BSD License
Copyright (c)
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
WEST\253917478.2 Page 33 Collaborative projects
. Eclipse Foundation . Eclipse Paho - MQTT client libraries https://eclipse.org/paho/ Eclipse Kura - IoT gateway https://eclipse.org/kura/ Eclipse Leshan - Implementation of Lightweight M2M standard for device management . Linux Foundation . Allseen Alliance – IoT platform https://allseenalliance.org/ . IoTivity – IoT Framework https://www.iotivity.org/ . Mosaiq (March, 2015): ABB, Bosch, Cisco Joint Venture for smart home . DeviceHive Alliance (May, 2015): Canonical, GE, Microsoft, DataArt, Acer for predictive maintenance for the Industrial IoT
WEST\253917478.2 Page 34 Key Issues in using/joining OSS Project
. Culture of OSS Project . Culture of company (particularly with respect to OSS contributions) . Governance of OSS project . Run by single person . Run by single company . Run by multiple companies . Type of OSS license . Copyleft . Permissive
WEST\253917478.2 Page 35 OSS as a competitive advantage
. Move your software project to a foundation to ensure community support and broader adoption . Example: Alljoyn and Linux Foundation . Use OSS as a base for commercial product (depends on type of license) with OSS developing necessary parts which do not provide commercial advantage . Example: OpenStack . Collaborations . Mosaiq . DeviceHive Alliance . Provide code under OSS license and commercial license . Example: MySQL
WEST\253917478.2 Page 36 Supply chain: Mix of open source and other code
OSS Projects
End User
WEST\253917478.2 Page 37 Components of an open source policy
. Published policy . Created via cross functional team . Organization is educated on the policy . Open source process owner . Keeps the wheels running . Grant certain types of approvals . Approval processes . Component review and approval . Sensitive to use: internal/external/products . License review and approval . Release plan review and approval
WEST\253917478.2 Page 38 Components of an open source policy continued
. Monitoring and tracking process . Component verification . Security notifications . Component upgrade notifications . Application to contractors/outsource vendors . Obligation verification process . Ensure using approved components and . Meeting the license and business obligations . Current reporting for responsive due diligence request
WEST\253917478.2 Page 39 Managing open source software
. Define criteria for approved software . Licenses . Use (internal/product/website) . Sources . Support . Other . Define criteria for unapproved software . Scope of application: internal development, independent contractor, outsource vendors, M&A . Define conditions for participating in the open source software development . Employee education . No compliance without education
WEST\253917478.2 Page 40 Open source compliance
. Define how development teams and other functions . Search, select, approve, track, validate, track and monitor . Inbound approval processes . Code from internal teams, external sources . Outbound compliance processes . Distributed code . Create a baseline of your code . Prioritize . Perform code analysis . Plan remediation . Document the origins of the code base . Determine all components and licenses in use . Verify usage is approved . Create a catalogue of approved components and licenses . Validation processes
WEST\253917478.2 Page 41 Conclusion
. OSS is expected, but governance is very important
. OSS critical for projects as large as IoT
. Large and small collaborative projects
. Making good choices with OSS means evaluating the license obligations in the context of the business model as well as the code
. Need to manage use of open source (other third-party code)
WEST\253917478.2 Page 42 Presenters
. Mark Radcliffe, Partner, DLA Piper . [email protected] . Mark.O’Conor, Partner, DLA Piper . [email protected] . Ian Skerrett, Eclipse Foundation . [email protected] . Mike Dolan, Linux Foundation (Allseen Alliance) . [email protected]
WEST\253917478.2 43