Continuing Improvements to the OSS Supply Chain Ecosystem

0
6039

The royalty-free Open Invention Network licence establishes an expectation for OSS-related behaviour — specifically, patent non-aggression within core open source technologies. Such initiatives strengthen the OSS supply chain ecosystem, and it’s important that more organisations join this network.

At the beginning of the 20th century, for the most part, production was local in nature, as it had been for several millennia. By the latter half of the century, with improvements in shipping and telecommunications, companies turned to lean production models (e.g., the Toyota Production System). Telecommunications meant that it was possible to specify components to a third party which was not local. Containerisation and transportation improvements meant that components could be transported cheaply and be delivered just-in-time by a supplier that was not local.

This allowed the production process to be modularised and contracted out, improving the efficiency of production. In today’s world, in which the Internet has driven communication costs down, companies no longer believe it is in their best interests to self-produce or locally source all components. Because of this, the world’s largest companies have built increasingly global and complicated supply chains. Benefiting from the computing and communications revolution that started in the 1990s and continues today, these companies are increasingly flexible in their choice of suppliers. The choices that they make about suppliers are not as rigid as they were when lean production was originally conceptualised.

Linux and other open source software (OSS) projects have driven the computing and communications revolution that has changed the world, including the nature of modern supply chains. Open source technologies are also increasingly being used in products themselves (e.g., Android on mobiles, Automotive Grade Linux in the auto sector, etc), as the world’s best-known brand names fully embrace OSS.

Open source technologies have been successful not only due to their technological innovation, but also because they come with a set of expectations about behaviour. As the world’s top companies embrace OSS, it has become increasingly important that companies in a supply chain ecosystem adopt the norms of the major companies they support.

The royalty-free Open Invention Network licence establishes an expectation for OSS-related behaviour — specifically, patent non-aggression within core open source technologies. Key global suppliers such as Flex, Taiyo Yuden, Wistron, Hyundai Mobis, FIH-Foxconn, Kontron and semiconductor companies such as Broadcom and Cavium (acquired by Marvell) have recognised the need to demonstrate within their supply ecosystems that they understand this concept, and have signed the OIN licence, joining more than 3100 other organisations.

Open source software licensing and compliance is another critical issue that is being addressed within the supply chain ecosystem. Because the software global supply chain is extremely dynamic, with dozens of companies involved in even relatively straightforward technology products and solutions, OSS licensing and compliance errors introduced through this complexity consume time and resources to correct. The consequences of compliance failures include reputational risk, product delays and liability costs. Addressing efficiency in this space and aligning process approaches, provides an ongoing method of optimising investments in open source as a whole, up and down the supply chain.

The OpenChain Project, an initiative of The Linux Foundation, defines the key requirements of a quality open source compliance programme. It identifies inflection points, based on the experience of hundreds of user companies, which are known to be essential for effective process management. The project’s industry standard for open source compliance is ultimately targeted at improving licence compliance across the global supply chain. By empowering individual companies to establish quality open source compliance programmes, it inherently creates a situation where links in the supply chain can be trusted more easily. This simple approach has touched a nerve with companies in diverse sectors around the world, and has led to active collaboration in global work groups, regional work groups and via multiple general and focused mailing lists.

The core of the project is the specification, or industry standard, for quality open source compliance programmes. All other activities work to support this, based on community feedback, with a conceptual split between reference materials such as example process content or fully-formed training courses, and tools or services to directly assist adoption.

Today, a successful supply chain acts as an ecosystem. When managed effectively, this ecosystem can be a key competitive advantage for a business. Ensuring that all participants in the ecosystem are aligned is critical. Given growing OSS adoption and the enthusiastic support of Linux by the world’s top companies, it should be expected that supply chain participants in all industries will increasingly look to join OIN to satisfy intellectual property issues and to take other steps, such as with the OpenChain Project, which establish norms for OSS governance and copyright compliance.

Previous articleHow to Convert an Angular App into a PWA
Next articleThe Evolution of Web Protocols

The author is the General Manager of The Linux Foundation’s OpenChain project. He is an expert in communication, security and business development. His professional accomplishments include spearheading the licensing team that elevated Open Invention Network into the largest patent non-aggression community in history, establishing the leading professional network of Open Source legal experts and aligning stakeholders to launch both the first law journal and the first law book dedicated to Open Source.

The author is the chief executive officer of Open Invention Network (OIN), the collaborative enterprise that enables innovation in open source and an increasingly vibrant ecosystem around Linux. Previously, Mr. Bergelt served as president and CEO of two Hedge Funds – Paradox Capital and IPI – formed to unlock the considerable asset value of patents, trademarks and copyrights in middle market companies. Prior to his extensive private sector experience, Mr. Bergelt served for twelve years as a diplomat with postings at the United Nations in New York and the American Embassy in Tokyo, Japan, where he was involved in the negotiation of IP rights protection in Asia.

LEAVE A REPLY

Please enter your comment!
Please enter your name here