Assessing Kindergarten Readiness in Pennsylvania – January 2015
Supporting and Assessing Market Readiness of OW2 Projects€¦ · Community Governance Activities...
Transcript of Supporting and Assessing Market Readiness of OW2 Projects€¦ · Community Governance Activities...
Supporting and Assessing
Market Readiness of OW2 Projects
A Progress Report
Cédric Thomas, OW2
FOSDEM, Saturday, February 4, 2017
Community
Governance
Activities
Members
Code Base
OW2Non-Profit Open Source Organization
European and Global
Feb 4, 2017 32016, Cedric Thomas
Feb 4, 2017 42016, Cedric Thomas
Feb 4, 2017 52016, Cedric Thomas
Feb 4, 2017 62016, Cedric Thomas
7
Commercial Open SourceFree Software
Feb 4, 2017 82017, Cedric Thomas
Agenda OSS Projects and the Value Chain
Evaluating Readiness and Maturity
Evaluating Open Source Projects
OW2 OSCAR Approach
Feb 4, 2017 92017, Cedric Thomas
Project categoriesCode to productSupporting market readiness
OSS projects and the value chain
Feb 4, 2017 102017, Cedric Thomas
Community projects
Feb 4, 2017 112017, Cedric Thomas
Enterprise projects
Feb 4, 2017 122017, Cedric Thomas
Collaborative projects
Feb 4, 2017 132017, Cedric Thomas
Software is Code
Feb 4, 2017 142017, Cedric Thomas
What is a Software Product?
Developer Customer
Feb 4, 2017 152017, Cedric Thomas
What makes a Software Product?
Developer Customer
Documentation
Testing
Upgrades Training Etc.
Pricing Contracts Support Expertise
Packaging
162017, Cedric Thomas
Research & Development
Co
deP
OC
sU
se-c
ases
De
mon
stra
tors
Do
cum
enta
tion
Test
ing
Up
grad
esB
ug-f
ixin
gT
rain
ing
Sup
port
Pac
kagi
ngC
ase
stu
dies
Co
llate
ral
Pric
ing
Co
ntra
cts
Ear
ly a
dopt
ers
Etc
.
Pre
dict
abili
tyQ
ualit
yT
rust
Without the code, the rest does not exist,but it's the rest that gives market value to the code
DeliveryChallenge
What creates value?
Market Value
OSS
172017, Cedric Thomas
Research & Development
Co
deP
OC
sU
se-c
ases
De
mon
stra
tors
Do
cum
enta
tion
Ro
adm
apU
pgr
ades
Bug
-fix
ing
Tra
inin
gS
uppo
rtP
acka
ging
Ca
se s
tudi
esC
olla
tera
lP
ricin
gC
ont
ract
sE
arly
ado
pter
sE
tc.
Pre
dict
abili
tyQ
ualit
yT
rust
DeliveryChallenge
Market Value
Who creates value?The ecosystem
ContributorsDistrib. Vendors
Open Source Orgs.
Fiduciary Services Users
Systems Integrators
182017, Cedric Thomas
Research & Development
Co
deP
OC
sU
se-c
ases
De
mon
stra
tors
Do
cum
enta
tion
Ro
adm
apU
pgr
ades
Bug
-fix
ing
Tra
inin
gS
uppo
rtP
acka
ging
Ca
se s
tudi
esC
olla
tera
lP
ricin
gC
ont
ract
sE
arly
ado
pter
sE
tc.
Pre
dict
abili
tyQ
ualit
yT
rust
OW2 is an ecosystem platform that helps create value in open source projects
DeliveryChallengeCollaborative Development Technical Resources
Governance, Projects, Initiatives, Quality Program
Communication, Outreach, Marketplace
OSCAR
Market Value
Supporting market readiness and value creation
192017, Cedric Thomas
Technology Readiness LevelMarket readinessOpen source readiness
Evaluating Readiness and Maturity
202017, Cedric Thomas
NASA/DOD TRL
http
://w
ww
.fra
nki
cham
aki
.co
m/w
p-c
ont
ent/
uplo
ad
s/2
014
/01/
nasa
-trl.
jpg
212017, Cedric Thomas
http
s://s
teve
bla
nk.
files
.wo
rdp
ress
.co
m/2
01
3/11
/irl.j
pg
Investment Readiness Level
222017, Cedric Thomas http
://w
ww
.ndi
a.o
rg/D
ivis
ions
/Div
isio
ns/S
cie
nce
An
dE
ngin
ee
ring
Tech
nol
ogy
/Do
cum
en
ts/C
oyl
e%
20
ND
IA.p
df
232017, Cedric Thomas
QualiPSoOW2 SQuATCII Badge Program
Evaluating Open Source Projects
242017, Cedric Thomas
OSS Analysis LandscapeEU
Col
lab.
Pro
ject
sIn
dust
rySt
anda
rdiz
atio
n bo
dies
IP a
naly
sis
Stat
ic a
naly
sis
Qua
litat
ive
anal
ysis
OW2 OMM forms
Engi
neer
ing
met
rics
CI /
Te
stin
g
Crowd testing
252017, Cedric Thomas
2007: QualiPSo European project
48 months (2007-2010)
22 organisations from 9 countries (3 continents)
It is all about TRUST
Trust cannot be claimed without being proved!!!
QualiPSo aimed at standardising the way OSS systems are built, offered and consumed.
262017, Cedric Thomas
272017, Cedric Thomas
2010: OW2 Software Quality Assurance and Trustworthiness(SQuAT)
IP verification: FOSSology
Applied on all OW2 mature projects
Code verification: Antelink
Provides traceability of external libraries
Static analysis: Sonar
Set of OW2 Sonar rules
Maturity analysis: Qualipso
OMM applied to OW2 projects
282017, Cedric Thomas
PDOC STD QTP LCS ENV DFCT MST CM PP REQM RDMP STK
0
1
2
3
4
3.22
3.75
3.43
43.83
3.71 3.754
3
4
3
3.89
OMM Basic level
Trustworthy elements assessment
Trustworthy elements
Assessed
value
PDOC STD QTP LCS ENV DFCT MST CM PP REQM RDMP STK
0
1
2
3
4
5
6
7
8
9
10
56%
75% 43%100%
83%86%
75%
100%
0%
100%33%
100%
22%
25%
57%
0%
17%0%
25%
0%
100% 0%33%
11%
0%
0%
0%
0%14%
0%
0%
0%
0%33%
0%11%
0%
0%
0%
0%
0%
0%
0%
0%
0%
0%
0%
OMM Basic levelPractices assessment value
4 3 2 1
Trustworthy elements
Assessment
value of practices
OW2 Implementation of the QualiPSo OMM
292017, Cedric Thomas
2012: RISCOSS
CommercialProducts/Services
???
Antepedia
Business Users Integrators
Open source as a public resource freely accessible
But OSS come from very different backgrounds
Exploring and mapping the open source landscape
Need to identify, measure, evaluate existing software
Many tools and online services available
302017, Cedric Thomas
2015: CII Badge Program(Linux Foundation)
Core Infrastructure Initiative (CII)
Launched after the Heartbleed failure
Organized by The Linux Foundation
Supported by Amazon Web Services, Adobe, Bloomberg, Cisco, Dell, Facebook, Fujitsu, Google, Hitachi, HP, Huawei, IBM, Intel, Microsoft, NetApp, NEC, Qualcomm, RackSpace, salesforce.com, and VMware
https://www.coreinfrastructure.org/
David A. Wheeler at OW2con'16
312017, Cedric Thomas
CII BADGE PROGRAM Checklist:
Basics Project website
Project website content
FLOSS License
Documentation
Other
Change control Public version-controlled source repository
Version numbering
Release notes (ChangeLog)
Reporting Bug reporting process
Vulnerability reporting process
Quality Working build system
Automated test suite
New functionality testing
Warning flags
Security Secure development knowledge
Good cryptographic practices
Secured delivery mechanism
Publicly-known vulnerabilities fixed
Analysis Static code analysis
Dynamic analysis
322017, Cedric Thomas
More than just TRLMarket readinessPromotes best practices
OW2 OSCARApproach
332017, Cedric Thomas
OSCAROpen Source Capability Assessment Radar
Requirements
Metrics
Visual Reporting
Risk analysis
OM
M F
orm
Metrics / Scorecards
Documentation
Privacy / GDPR
Standards
Licenses and IP
Fossology
SonarQube
Static code analysis
Code / Commits / Bugs
Testing / CI / Release
Cloud Deployment
OM
M F
orm
Governance Engineering
More to come:- Accessibility- Deployability- Marketing- Funding
Feb 4, 2017 342017, Cedric Thomas
OMM Assessment Web Form
Feb 4, 2017 352017, Cedric Thomas
OMMAssessment
Feb 4, 2017 362017, Cedric Thomas
FOSSologyLicense analysis
Feb 4, 2017 372017, Cedric Thomas
SonarQubeStatic code analysis
Feb 4, 2017 382017, Cedric Thomas
Risk Analysis
Feb 4, 2017 392017, Cedric Thomas
Risk Models
Feb 4, 2017 402017, Cedric Thomas
OSCAR Market Readiness Scorecard
412017, Cedric Thomas
Work in Progress! Market Readiness Level
A type of measurement system used to estimate the market maturity and readyness of a particular project
Rough Code(useless)
Fully Supported Product(useful)
42
www.ow2.orgFor more details please contact Cedric Thomas, OW2 CEO, [email protected]
And now let's talkQ&ADisagreementsComplementsFeedbacketc.
Thank You