Open Source Software (OSS) components are characterised by heterogeneous licenses that give the possibility to use, modify and often redistribute the source code. Their adoption meets several adopter’s needs, such as cost reduction, standards alignment, and so on. However, often OSS projects retain several different (or missing) licenses for the various components and files, which raise risks of violations and potential legal issues, if not correctly managed. This makes necessary to understand the characteristics and implications of licensing and their relation to the adopter’s goals. In this paper we report the use of risk assessment techniques to make inference about license risk exposure associated with each business goal. We rely on existing knowledge, gathered from domain experts, and map it onto formal models that can be automatically analysed to provide some evidence about relevant license information and related risk. Goals are used to drive the software license selection. We illustrate the approach for the case of a research and innovation action project funded under the H2020 framework.

Goal-aware Analysis of Software License Risks

Kifetew, Fitsum Meshesha;Morandini, Mirko;Munante, Denisse;Perini, Anna;Susi, Angelo
2017-01-01

Abstract

Open Source Software (OSS) components are characterised by heterogeneous licenses that give the possibility to use, modify and often redistribute the source code. Their adoption meets several adopter’s needs, such as cost reduction, standards alignment, and so on. However, often OSS projects retain several different (or missing) licenses for the various components and files, which raise risks of violations and potential legal issues, if not correctly managed. This makes necessary to understand the characteristics and implications of licensing and their relation to the adopter’s goals. In this paper we report the use of risk assessment techniques to make inference about license risk exposure associated with each business goal. We rely on existing knowledge, gathered from domain experts, and map it onto formal models that can be automatically analysed to provide some evidence about relevant license information and related risk. Goals are used to drive the software license selection. We illustrate the approach for the case of a research and innovation action project funded under the H2020 framework.
File in questo prodotto:
File Dimensione Formato  
iStar17_paper_12.pdf

solo utenti autorizzati

Descrizione: Articolo pre-print
Tipologia: Documento in Pre-print
Licenza: NON PUBBLICO - Accesso privato/ristretto
Dimensione 231.62 kB
Formato Adobe PDF
231.62 kB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11582/312982
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
social impact