Whitepapers
Please select from the following whitepaper topics:
Managing Open Source (11 Papers)
Export Encryption Compliance (2 Papers)
Open Source ROI (1 Paper)
Software Supply Chain (3 Papers)
Technical Due Diligence (1 Paper)
IBM Rational Team Concert Integration (1 Paper)
Managing Open Source
The 7 Myths of IP Risk: The Real Exposure Issues with Free and Open Source Software
In this white paper we address the IP risks that developers, development managers, compliance officers, legal, and C-level managers must take into account when developing and distributing software created with FOSS in today’s multi-source development processes. We also provide readers with a discussion of myths that surround IP exposure in FOSS and survey the real issues surrounding licensing obligations, IP exposure and good FOSS citizenship.
Download whitepaper 
(PDF)
Android - Opportunity, Complexity, and Abundance
The Android mobile operating system is an excellent example of the power of open source software. Android’s ascent is attributable not only to demand for feature-rich mobile devices but also to the flexibility, extensibility, and developer-friendly openness of the core Android project, which has brought similar and rich functionality to a wide variety of mobile devices, available from many carriers. In this white paper we describe the opportunity and challenge of developing for Android, look at its history, review licensing and IP issues and present a solution for managing its abundance and complexity.
Download whitepaper (PDF)
10 Tips to Gain Control, Drive Innovation, and Lower Costs with Free and Open Source Software
By 2011, 90% of the Global 2000 will include open-source technologies as business-critical elements of their IT portfolios. It’s therefore likely that your organization is knowingly or worse, unknowingly using free and open-source software (FOSS) in internal and customer-facing software. The challenge is creating the right balance between management controls and enabling your development teams to leverage the ever-increasing abundance of high quality, secure, free and open source code. The white paper contains tips that are designed to help you establish the best approach to manage the use of FOSS as part of your code strategy to drive innovation and lower costs.
Download whitepaper (PDF)
Taking Control of Open Source Software in Your Organization
This white paper is for IT development executives looking to accelerate developer use of open source software as part of a multi-source development process while gaining necessary control over its adoption. First, you are not alone. Many IT executives face similar challenges as open source software use has grown exponentially in the last few years. Secondly, and most important, these problems can be fixed. This white paper tells you how.
Download whitepaper (PDF)
How to Increase Velocity and Value with Agile Development using Open Source
This whitepaper explains the advantages of reusing open source components in projects implemented by agile development teams, discusses the issues and risks that must be managed and highlights the benefits organizations can receive by leveraging open source components. It concludes with a brief case study that demonstrates the productivity gains that can be swiftly realized by integrating agile development and open source software.
Download whitepaper (PDF)
Seven Best Practices for Managing Software Intellectual Property
This whitepaper draws on the experiences of the Black Duck Software team, our customers, and other industry experts to propose new approaches to managing intellectual property in this new world. It describes a set of Best Practices that companies can use to avoid the risks and gain the benefits of this promising new approach to software development.
Download whitepaper (PDF)
GPLv3 Summary
On Friday June 29th, the Free Software Foundation announced the release of GPL (General Public License), version 3. This much anticipated version is the sequel to the commonly used GPL v2.
This paper offers a summary of the most significant terms of the GPLv3 license.
Download paper (PDF)
Creating and Implementing An Open Source Policy: Five Steps to Success
Bernard Golden, Chief Executive Officer, Navica presents a five phase process, which provides companies a way to implement their own Open Source Policy.
Download whitepaper (PDF)
Software Compliance Management: Automating License Compliance in the New, Mixed-IP Development World
This whitepaper educates companies about the challenges and benefits of working in a mixed-IP World and how software compliance systems are helping to unlock the potential of modular, collaborative development to significantly enhance profitability, reliability and ROI.
Download whitepaper (PDF)
The Quest for an "Open Source Genome"
This paper describes how the “open source genome” concept can be useful in understanding the origin and history of your code. We explore the nature of open source, why and how software developers use it, how information from an open source genome can help identify open source in your code and establish its origins, and why that is important.
Download whitepaper (PDF)
String Search and You May Find
This paper describes the pros and cons of string search to determine code origins, and issues with interpreting string search results. The paper then describes how code analysis based on fuzzy matching against a comprehensive code database leads to a superior outcome.
Download whitepaper (PDF)
Export Encryption Compliance
What Makes Complying with Export Controls Involving Encryption So Hard?
Ben Flowe, who leads the export/import compliance team at Berliner, Corcoran & Rowe, LLP in Washington, DC explains how to approach classification of products with encryption functions by applying the current Export Administration Regulations (EAR) provisions, from the least restrictive through the most restrictive controls.
Download whitepaper (PDF)
A Guide to Software Encryption Export Compliance
In this whitepaper we explain why you need to identify all of the encryption functions in your software – and the challenge that poses. Then we explain the need for an automated means to identify encryption functions and to guide you through the compliance process. Finally, we describe how the Black Duck Export system helps make your job easier.
Download whitepaper (PDF)
Open Source ROI
The Business Case for Automating Open Source Code Management
It typically costs $13-$19 to develop a single line of debugged, documented and maintained software source code. Development organizations are increasingly turning to open source software which offers hundreds of thousands offreely downloadable software components which can be leveraged to slash development budgets by thousands or even millions of dollars. However, management, security and compliance issues related to open source software can introduce business risks that must be addressed. Manual processes for managing these risks incur significant costs – about $7800 annually per software component. These costs can negate the benefit of leveraging open source code. An automated approach using Black Duck Software’s open source management platform can contain these costs to a small fraction (1/10th to 1/4th) of the cost of manual methods, and provides a higher level of control and visibility into your code.
This paper reviews the business case for automating the management of open source and provides recommendations for how to make open source an integral part of your software development operation while addressing business risks and compliance issues.
Download whitepaper (PDF)
Software Supply Chain
The Software Package Data Exchange™ (SPDX™) Format: A common software package data exchange format --who needs it?
The SPDX Working Group has a straightforward charter: Create a set of data exchange standards to enable companies and organizations to share license and component information (metadata) for software packages and related content with the aim of facilitating license and other policy compliance. The goal -- to create a common software package data exchange format to simplify the discovery, collection and sharing of information about software packages and related content -- promises to save time, improve the accuracy of license data collection, and simplify compliance with software licenses. Learn more from the The Software Package Data Exchange™ (SPDX™) Format whitepaper.
Download whitepaper (PDF)
A Breakthrough in Software Supply Chain Communications
This whitepaper explains how using a standard format, everyone in the supply chain from engineering to business managers, can now speak the same language as regards the contents of your software. Negotiations will be easier and issues can be resolved between technical and non technical decision makers, paving the way for faster time to market.
Download whitepaper (PDF)
Driving Business Agility via a Software Supply Chain (from IDC)
Written by Market Intelligence firm IDC and sponsored by Black Duck, the purpose of this white paper is to lay out software development "supply chain" strategies, to nurture community culture, and to discuss techniques to improve code usage as software creation evolves toward greater complexity. The software supply chain enables developers to leverage software from multiple sources - internal, external, and open source - and to coordinate them effectively.
Download paper (PDF)
Technical Due Diligence
The New Due Diligence Assessing and Protecting Your Software Asset Value in Mergers, Acquisitions and Financing Rounds
The goal of this whitepaper is to make all parties involved in technology Merger & Acquisition (M&A) or funding events aware of software compliance management solutions, and how they can help organizations achieve their business goals.
Download whitepaper (PDF)
IBM Rational Team Concert Integration
Expanding the value of IBM Rational Team Concert software with IBM Business Partners
This white paper highlights the current challenges in software and systems delivery and how IBM Rational Team Concert helps teams meet these challenges by allowing them to collaborate more effectively in the context of their current activities. It then describes the rapid, ongoing evolution of the platform with enhancements from the IBM Business Partner ecosystem that offer significant benefits to virtually everyone involved in the software delivery lifecycle.
Download paper (PDF)
Guides
The Corporate Counsel’s Guide to Open Source Software Policy Implementation
Compliments of Black Duck, this guide will tell you all you need to know about ensuring OSS policy implementation in your company. It will help you get your arms around open source software licensing issues, eliminate your company’s exposure and provide you with proven best practices to simplify compliance for your product development team.
See how leading companies like at Intel, SAP, Adaptec eliminate their OSS policy headaches and ensure OSS policy compliance at their companies. Get your complimentary copy of The Corporate Counsel's Guide to OSS Policy Implementation.
Click here to download your copy of The Corporate Counsel's Guide to Open Source Software Policy Implementation 
(PDF)
The Development Executive's Guide to Open Source Software Policy Implementation
Compliments of Black Duck, The Development Executive’s Guide to Open Source Software Policy Implementation will tell you all you need to know about implementing OSS policies without slowing down your development efforts. You’ll learn how to automate OSS policy implementation to stay productive, eliminate legal risk, and find the best open source software for each of your projects.
Click here to download your copy of The Development Executive's Guide to Open Source Software Policy Implementation (PDF)
The Enterprise IT Guide To Open Source Software Management
Find out more about how a smart, managed open source software strategy can transform your enterprise application development initiatives – and how to sidestep the potential pitfalls as well. Free Download
You’ll learn how CTOs, enterprise architects, and development managers are successfully leveraging open source to deliver meaningful innovation and performance with unprecedented cost savings.
Click here to download your copy of The Enterprise IT Guide to Open Source Software Management (PDF)
