Open Source Compliance in the Supply Chain

Open source software has become an integral part of almost every embedded consumer product. Whether it’s BusyBox driving hardware or an embedded web server serving up PHP, open source software is everywhere. Yet companies using open source to build these consumer products encounter significant challenges as they work to comply with open source licenses without eroding already thin margins. Therefore, it’s critical to build open source compliance activities into your existing development and supply chain processes in order to avoid dealing with licensing issues at the last minute, or, even worse, after the product has already been shipped.

This white paper showcases the critical elements of best-in-class open source governance programs and introduces a three-step process for developing or refining your own governance program. Topics include:

  • Governance considerations for different categories of embedded consumer product software
  • Actionable strategies for improving your existing open source governance policies
  • Communicating governance policies to internal and external audiences
  • How to incorporate training in your governance process