Skip to main content

Black Duck’s CEO Discusses Winds of Change in Collaborating to Innovate with Open Source Software

By April 30, 2013Article

Editor’s note: My immediate reaction when I reviewed the findings of the recent 2013 Future of Open Source survey was surprise at the high degree of change that has occurred in the industry since the 2012 survey. The survey, hosted by North Bridge Venture Partners together with Black Duck Software, had 822 respondents, with 58 percent non-vendors. I spoke with Tim Yeaton, Black Duck’s president and CEO, about the trends and future direction his company sees in the market. 

SandHill.com: What jumped out to you as the most startling findings in this year’s survey? 

Tim Yeaton: Two things were actually quite extraordinary this year. One is the expectation around collaboration among competitors. Fifty-seven percent of respondents said they expect their organizations to collaborate with competitors to build next-generation platforms. At Black Duck we noticed this emerging trend over a year ago and we coined the term “super communities.” But the extent to which it was ranked among respondents this year is a very big finding. 

The other finding is the extent to which respondents cited open source software (OSS) as having better quality and better security. I think what we’re seeing now is a realization on the part of large enterprises that the open source collaborative development model ensures time to quality and time to security will always be faster than proprietary alternatives because of the visibility into the code. When a quality issue or security vulnerability is discovered, the pace at which developers can iterate in an open source collaborative model is much faster. 

Even conservative enterprises starting to look at next-generation cloud-based infrastructure recognize it’s all built out of open source, and that more and more companies are relying on the quality and robustness of OSS. 

SandHill.com: Can you give me an example of companies collaborating with competitors? 

Tim Yeaton: I think the one that’s most compelling today is the GENIVI Alliance. The “IVI” in the name refers to In-Vehicle Infotainment. GENIVI is led by a number of the automotive OEMs, many tier-one suppliers and other members of the ecosystem including chip vendors and software providers. These 160+ companies have self-organized into a foundation that will collaboratively build the next-generation in-vehicle infotainment operating platform. 

SandHIll.com: What’s driving them to collaborate? 

Tim Yeaton: They are getting pressure from their customers. Auto buyers today expect innovation cycles in IVI to occur at the same pace as innovation cycles in consumer electronics. To date that’s not been the case; it’s been a dramatically slower pace of innovation. The GENIVI companies recognized they can’t match the pace of consumer electronics’ innovation if everybody is constantly reinventing the same wheel (the core platform). 

So they decided to collaborate on a single OSS-based in-vehicle infotainment operating platform. Then each company will build its own unique apps and interfaces above the platform and compete there. Black Duck is built into the development process. With our understanding of OSS, we’ll be able to ensure that OSS best practices are in place as all these collaborators work together.

Another example in the technology sector is OpenStack. In much the same way as GENIVI, they decided not to separately invent their own version of a cloud operating system, but instead to collaborate on one version and then innovate and compete above that layer. 

SandHill.com: What does the survey reveal about the role of OSS in interoperability challenges? 

Tim Yeaton: There is a lot of interest at the intersection of open source, SaaS and open APIs. Some companies are using open source to build their own applications, combining those with their own technology and ensuring interoperability that way. Many large vendors expose their data and content via open APIs. 

Amazon, Yahoo!, FedEx and Twitter are examples of companies providing open APIs on an open source basis to deliver value-added functionality for people building applications for consumers of their content. So we’re witnessing interoperability driven by open source and open APIs, largely enabled by SaaS. 

SandHill.com: The survey also found an increase in use of OSS in academia. Are they using open source for something other than collaborating in research? 

Tim Yeaton: Yes. It’s sort of de rigueur in computer science curriculum now. It’s what they are using day in and day out.  A lot of research projects in various fields — especially healthcare and genomics research —are leveraging open source collaborative-development style approaches. Academia has really woken up to how to do this at scale. 

MIT and Harvard are collaborating to make their course curricula and content open source under a creative commons license. Like super communities in the commercial world, they decided not to separately reinvent the core online platform for education. Instead they are applying OSS collaboration to raise the tide for all boats in education. 

SandHill.com: And the survey found an uptick in the defense industry as well, a segment known for its stovepipes and not known for collaborating externally. 

Tim Yeaton: That’s true, but it’s changing. We’re seeing it in areas like the Department of Veterans Affairs, where they are moving their electronic health records system to open source. It’s one of the biggest OSS projects we know of. They intend to franchise that to other governments around the world. 

There is also the forge.mil site, which is administered by CollabNet, an open source tools company. Here, the government retains ownership of non-classified code for which it has contracted. It puts the code into forge.mil so future defense projects or R&D projects can use it as a starting point, rather than the government paying for new invention every time. 

SandHill.com: Another aspect that caught my eye in the survey findings is that the respondents said they are looking for deeper experience and that this represents a shift in their priorities. Could you please elaborate on the implications from this finding? 

Tim Yeaton: The survey clearly indicates we’re past the chasm; customers and decision makers have gotten their heads around the value of using open source technologies and methods. But now they face the challenge of how to enable their developers to make good choices when navigating the open source ecosystem of over one million projects, spread across 6,000 different sites on the Internet. They have to make good choices around code, while thinking about supportability and traceability once things go into production. Organizations need to help their developers learn best practices around consuming OSS effectively, and they need to do it in a pragmatic way that is managed. Black Duck has a software platform that helps organizations properly manage this development process.  

We also directly invested in improving the ecosystem through our website Ohloh.net, which is an education portal where developers can learn about open source and best practices. It includes free versions of our tools so they can search, select and track individual components they care about. 

SandHill.com: You launched that site a little over a year ago. Have you seen a lot of growth in the number of developers using that portal this past year? 

Tim Yeaton: We’ve seen growth in the number of developers using the site and, interestingly, growth in foundations and organizations using it. One of the features we built in fairly recently is the ability to look at a slice of data based on who is in a particular organization or foundation (such as Apache, Eclipse, Mozilla, etc.). So if a company or organization wants to understand what all of their developers are doing in open source, they can see that. It has been a huge driver for the site’s growth. 

SandHill.com: Is there anything in the past 12 months that Black Duck has heard from existing or potential customers about their needs or capabilities that still need to be addressed? 

Tim Yeaton: Yes, and it was alluded to in an indirect way in the Future of Open Source survey. I think the number of large enterprises thinking about applying the open source style of development inside their organizations is extraordinary.  Tim O’Reilly refers to this as “inner-sourcing.” Another way to think about it is social coding behind the firewall. Enterprises want to achieve the same effects as the super communities in reuse across business units and stovepipes. 

CIOs get enthusiastic when they think about the possibilities. Often major corporations are not getting leverage across their divisions. Inner-sourcing is a way to get there. Most companies are budget constrained these days; if they can avoid reinventing code or getting code reapproved, and get teams to collaborate across stovepipes, that’s huge leverage. And it helps make the CIO’s organization relevant again, even in the world of self-service IT. 

Our Olliance Consulting group has done a lot of inner-sourcing engagements, helping customers think through how to go about this and create a new environment for it. We’ve seen a sea change in this area with a lot of interest among some of the largest financial institutions, media companies and technology companies.

SandHill was a collaborator on the 2013 Future of Open Source Survey conducted by North Bridge Venture Partners, Black Duck Software and Forrester Research. Click here to view a slide presentation of survey findings.

Tim Yeaton is president and CEO of Black Duck Software. He has 30 years of software and technology management experience and was named one of the Most Influential People in the Open Source Industry by Mindtouch. Prior to joining Black Duck, he was CMO at EqualLogic, vice president of Dell’s Nashua (N.H.) Design Center, and SVP of Worldwide Marketing & general manager of Enterprise Products at Red Hat, where he was instrumental in expanding into developer and middleware markets with acquisitions of JBoss and MetaMatrix.

Kathleen Goolsby is managing editor at SandHill.com