open source in m a transactions
play

Open Source in M&A Transactions Ibrahim Haddad, Ph.D. Oskar - PowerPoint PPT Presentation

Nov 04, 2023 •398 likes •749 views

Open Source in M&A Transactions Ibrahim Haddad, Ph.D. Oskar Swirtun VP of R&D and Head of Open Source Founder and CEO Samsung Research America FOSSID AB @IbrahimAtLinux Oskar.Swirtun@fossid.com IbrahimAtLinux.com Agenda Open

  1. Open Source in M&A Transactions Ibrahim Haddad, Ph.D. Oskar Swirtun VP of R&D and Head of Open Source Founder and CEO Samsung Research America FOSSID AB @IbrahimAtLinux Oskar.Swirtun@fossid.com IbrahimAtLinux.com

  2. Agenda • Open source is inevitable • Open source usage models • Open source in M&As • Source code audits • IP audits • Insights gained (technical, business, legal) • Preparing for an audit (target, acquirer) • Recommendations (target, acquirer)

  3. Open source is inevitable.

  4. Software – Core differentiator 2011 Real Business Agricultu Media Estate Services re Telecom Travel EDU Energy Govern Financial Internet Utilities ment Services Heath + Pharma Retail Transport Pharma

  5. We can’t build a product without open source software 2014

  6. Saying no to open source is like … 2017 Open source is the new normal.

  7. Companies must master open source if the are to master software.

  8. Common open source usage scenario Incorporation Linking Modification Adding Deleting

  9. Every deal is different. Open Source is a constant.

  10. What specific due diligence open source software is required in M&A transactions?

  11. Start End Open Source Software BoM: Complete software • List of complete open Source code stack: source components, their • Proprietary software scanning and origins, and licenses • 3 rd party software identification • List of open source code • Open source software snippets, their origins and licenses.

  12. Audit methods 1. Traditional 2. Blind 3. Do-It-Yourself (DYI)

  13. Traditional

  14. Blind Blind audit

  15. DIY DIY

  16. Sample reports Portable Dynamic Report Bill of Materials PDF SPDX Conformant Report Interactive self-contained HTML Basic Bill of Materials or software Software Package Data Exchange report that provides advance inventory categorized by (SPDX) conformant XML file that features to filter and investigate the component that includes all serves as software inventory that can report results. It works offline. identified files and the be imported into other compliance corresponding metadata. tools.

  17. IP Audits Extended M&A Due Diligence

  18. IP Audit – Teqmine Describe your idea or copy-paste a a full patent text or a full text product or invention description Compare to millions of full-text Analyze 12M+ patents in seconds patents Visualize, explore or technology automate monitoring

  19. IP Audit – Teqmine Ensure freedom to operate in the new area before you enter and understand Intellectual Property landscape for products based on the acquired technology Analyze 12m+ patents in seconds Technology Map illustrates the position of the products, inventions or patents, and puts these in the context of existing patents

  20. Demo of IP Audits – Teqmine

  21. What insights can you learn from such pre- acquisition compliance diligence?

  22. Engineering Insights 1. Modularity of software components. 2. Integration of various components or modules. 3. Transparent APIs. 4. Documentation. 5. Source code organization including the separation of open source and proprietary components. Observations: - Good programming practices are also legal best practices. - High correlation between good compliance practices and good engineering practices.

  23. Legal and Compliance Insights 1. Receive insights on policies and processes setup to handle open source compliance at target company. Including adequate mechanisms to satisfy open source license obligations. 2. Learn about open source development practices that may conflict with the acquiring company's open source policies: To what extent, and a way to compare the target company's record of fulfilling of open source license obligations for current commercial offerings. 3. Discover proprietary software assets are at risk due to misuse of open source software with strong copyleft license. 4. Understand the compliance risk portfolio of the target company: The open source licenses the target uses and if it is aligned with the comfort zone of the acquiring company.

  24. Business Insights 1. A better understanding of whether the bulk of the target's valuation is a result of the integration of open source or in proprietary added value. 2. A confirmation whether the target company has identified all open source software contained in distributed products and services and whether or not they've satisfied all obligations resulting from mixing the open source code with code under a proprietary or alternative open source license.

  25. Preparing for an audit

  26. Preparation – Establish compliance practices Target Process and policy Staff Training Tooling Measure up your compliance efforts

  27. Preparation – Avoid common pitfalls Target Type Avoidance Unplanned inclusion of copyleft FOSS into proprietary or Training. 3 rd party code (or vice versa). Regularly scheduled scans. Unplanned linking of FOSS into proprietary source code Training. (or vice versa). Dependency tracking tool. Failure to provide accompanying source code. Checklist. Post shipping to-do. Providing the incorrect version of accompanying source Update process to ensure that the accompanying source code. code for the binary version is being published. Failure to provide accompanying source code for FOSS Update process to ensure that source code for component modifications. modifications are published. Failure to mark FOSS source code modifications. Training. Verification before posting source code. Failure by developers to seek approval to use FOSS. Conduct periodic full scan to detect undeclared FOSS. Training. Accountability (including compliance in performance metrics). Failure to audit the source code. Provide proper staffing. Enforce periodic audits. Failure to resolve the audit findings. Time limit before escalation kicks off automatically. Failure to seek review of FOSS in a timely manner. Training.

  28. Preparations Acquirer Choose the right audit model and right auditor for your needs Know what you care about Ask the right questions Identify items to be resolved before executing the transaction Create a compliance improvement plan for post-acquisition

  29. Recommendations

  30. Recommendations Target Identify the origin and license of all internal and external software. Track open source software within the development process (components and snippets). Perform source code reviews for all code entering your build system or repos. Fulfill license obligations when a product ships or when software is updated. Offer open source compliance training to employees.

  31. Recommendations Acquirer Decide with the target company on the appropriate audit method to use, and which 3rd party to engage for the audit o Audit method, inputs and outputs o Primary contact o Timeline and logistics especially if it involves an on-site visit o Confidentiality parameters o Code vulnerabilities and version control (which method is your provider using)

  32. Summary

  33. Final Thoughts Open source compliance is an ongoing process, not a destination. Ensuring compliance is a practice that must ne maintained regardless of any potential corporate transaction. Maintaining good open source compliance practices enables companies to be prepared for any scenario where software changes hands, from a possible acquisition, a sale, or product or service release. New paper coming soon.

  34. Open Source in M&A Transactions Ibrahim Haddad, Ph.D. Oskar Swirtun VP of R&D and Head of Open Source Founder and CEO Samsung Research America FOSSID AB @IbrahimAtLinux Oskar.Swirtun@fossid.com IbrahimAtLinux.com

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Make Money With Open Source What is Open Source? Community Free software vs. open source

Make Money With Open Source What is Open Source? Community Free software vs. open source

Make Money With Open Source What is Open Source? Community Free software vs. open source Licenses: GPL vs. LGPL vs. MIT/Apache Foundations: Linux, Apache, Eclipse, Similar: Open Data, Open Hardware, Open Knowledge, ... Advantages of OS

508 views • 13 slides
Open Source Databases Peter Zaitsev, CEO Percona What a Year! Huge changes for Open Source and

Open Source Databases Peter Zaitsev, CEO Percona What a Year! Huge changes for Open Source and

The State of Open Source Databases Peter Zaitsev, CEO Percona What a Year! Huge changes for Open Source and Open Source databases RedHat Acquired by IBM Image Source: https://techcrunch.com/story/ibm-acquires-red-hat/ Open Source

663 views • 29 slides
Reinventing How America Votes Through Open Source Solutions Deborah Bryant OSU Open Source Lab

Reinventing How America Votes Through Open Source Solutions Deborah Bryant OSU Open Source Lab

Reinventing How America Votes Through Open Source Solutions Deborah Bryant OSU Open Source Lab Joseph Hall Center for Information Technology Policy, Princeton University Gregory Miller Open Source Digital Voting Foundation Visionaries on

942 views • 29 slides
ACCOUNTING recording transactions that have taken place from source documentation provided.

ACCOUNTING recording transactions that have taken place from source documentation provided.

ACCOUNTING recording transactions that have taken place from source documentation provided. Source Documentation: evidence of transactions having taken place. Cheque stubs Lodgment Slips Purchase Invoices (Delivery Dockets)

401 views • 10 slides
Creating an Open Source Project Thiago Macieira Who am I? Open Source developer for 15 years

Creating an Open Source Project Thiago Macieira Who am I? Open Source developer for 15 years

Creating an Open Source Project Thiago Macieira Who am I? Open Source developer for 15 years Sofuware Architect at Intels Open Source Technology Center (OTC) and Tizen Platgorm Community Manager Maintainer of two modules in the Qt

649 views • 33 slides
1 A Comparison of Open Source Search A Comparison of Open Source Search Engines Engines

1 A Comparison of Open Source Search A Comparison of Open Source Search Engines Engines

Open Source Search Engines Why? Low cost: No licensing fees Source code available for customization Good for modest or even large data sizes Open-Source Search Engines and Challenges: Lucene/Solr Performance, Scalability

347 views • 13 slides
Automating Your Lights with Open Source Combining Open Source Hardware with Free and Open Source

Automating Your Lights with Open Source Combining Open Source Hardware with Free and Open Source

Automating Your Lights with Open Source Combining Open Source Hardware with Free and Open Source Software Leon Anavi Konsulko Group leon.anavi@konsulko.com leon@anavi.org FOSDEM 2018 Agenda Home automation and smart lightning Open

422 views • 30 slides
mITu Skillologies Open Source World http://mitu.co.in Existence of open source There is a

mITu Skillologies Open Source World http://mitu.co.in Existence of open source There is a

mITu Skillologies Open Source World http://mitu.co.in Existence of open source There is a vast increase in adoption of open source software solutions across the private enterprise, government associations and organizations, industries.

581 views • 18 slides
20 0 6 Transactions $1.01 billion in bonds 18 transactions 20 0 6 Transactions By Num

20 0 6 Transactions $1.01 billion in bonds 18 transactions 20 0 6 Transactions By Num

20 0 6 Transactions $1.01 billion in bonds 18 transactions 20 0 6 Transactions By Num ber of Issues By Par Am ount (in Million $) Source: NJEFA Total NJ Enrollm ent: Total Degrees Conferred 20 0 0 -20 0 5 Total Total Degrees/

574 views • 38 slides
What is open source ? Computer software where the source code is distributed under an open

What is open source ? Computer software where the source code is distributed under an open

What is open source ? Computer software where the source code is distributed under an open source license that allows anyone to study, change, improve and distribute the software. Promotes collaboration Community of developers

462 views • 14 slides
What is open source? Computer software where the source code is distributed under an open

What is open source? Computer software where the source code is distributed under an open

What is open source? Computer software where the source code is distributed under an open source license that allows anyone to study, change, improve and distribute the software. Promotes collaboration Community of developers

878 views • 16 slides
What is open source? Computer sofuware where the source code is distributed under an open

What is open source? Computer sofuware where the source code is distributed under an open

What is open source? Computer sofuware where the source code is distributed under an open source license that allows anyone to study, change, improve and distribute the sofuware. Promotes collaboration Community of developers

439 views • 12 slides
The State of Open Source Databases Peter Zaitsev CEO, Percona October 1 st , 2019 Open Source

The State of Open Source Databases Peter Zaitsev CEO, Percona October 1 st , 2019 Open Source

The State of Open Source Databases Peter Zaitsev CEO, Percona October 1 st , 2019 Open Source Software Amazing times for Open Source Software! Commercial Success Fantastic Success of Open Source Based Businesses! RedHat Acquired by IBM

1.19k views • 52 slides
Open Komodo: An Open Source IDE For Open Languages For Open Languages Own Your IDE Eric

Open Komodo: An Open Source IDE For Open Languages For Open Languages Own Your IDE Eric

Open Komodo: An Open Source IDE For Open Languages For Open Languages Own Your IDE Eric Promislow ActiveState Software Inc. OpenKomodo: Own Your IDE Copenhagen, Denmark April 2, 2008 1 History Perl for Windows Active Python,

820 views • 65 slides
Creating Open Source Electronic Hardware with Open Source Software Tom Anderson Overview

Creating Open Source Electronic Hardware with Open Source Software Tom Anderson Overview

Creating Open Source Electronic Hardware with Open Source Software Tom Anderson Overview Open Source hardware (This is the smallest font) Business model Example circuit, concept -> production Make circuit boards with Open

806 views • 78 slides
1 Version 2: MIT, 1983 Bazaar Model Richard Stallman was Characteristics include

1 Version 2: MIT, 1983 Bazaar Model Richard Stallman was Characteristics include

Open Source Idea? SHARE and the Origins of Open The basic idea behind open source is very simple: When programmers can read, Source Software: 1953-1972 redistribute, and modify the source code for a piece of software, the software evolves.

530 views • 8 slides
So#wareSupportforSo#wareIndependent Audi3ng GabrielleA.Gianelli,

So#wareSupportforSo#wareIndependent Audi3ng GabrielleA.Gianelli,

So#wareSupportforSo#wareIndependent Audi3ng GabrielleA.Gianelli, JenniferD.King , EdwardW.Felten,WilliamP.Zeller CenterforInforma3onTechnologyPolicy DepartmentofComputerScience

377 views • 22 slides
Treasurer Club Officer Training Agenda Treasurer Treasurer Treasurer Role

Treasurer Club Officer Training Agenda Treasurer Treasurer Treasurer Role

Treasurer Club Officer Training Agenda Treasurer Treasurer Treasurer Role Responsibilities Resources www.toastmasters.org Session Objectives Identify your role Fulfill your responsibilities Find resources that help

318 views • 19 slides
Financial Repor ort Aug August 2020 t 2020 Lora Conger Chief Financial Officer To serve

Financial Repor ort Aug August 2020 t 2020 Lora Conger Chief Financial Officer To serve

Financial Repor ort Aug August 2020 t 2020 Lora Conger Chief Financial Officer To serve our communities pre hospital needs through value driven, compassionate, and clinically superior care. Auditors Report

239 views • 5 slides
AUTUMN 2017 FOR Guy Loveday 1 WHAT IS COMING UP? FRC STATEMENT RE: FRS 102 TRANSITIONAL

AUTUMN 2017 FOR Guy Loveday 1 WHAT IS COMING UP? FRC STATEMENT RE: FRS 102 TRANSITIONAL

ACCOUNTS AND AUDIT UPDATE AUTUMN 2017 FOR Guy Loveday 1 WHAT IS COMING UP? FRC STATEMENT RE: FRS 102 TRANSITIONAL EXEMPTIONS FOR SMALL ENTITIES ONLY TRUTH AND FAIRNESS AND THE DISCLOSURE OF DIVIDENDS NEW MICRO COMPANY

573 views • 33 slides
Rendezvous: A search engine for binary code Wei Ming Khoo, Alan Mycroft, Ross Anderson

Rendezvous: A search engine for binary code Wei Ming Khoo, Alan Mycroft, Ross Anderson

Rendezvous: A search engine for binary code Wei Ming Khoo, Alan Mycroft, Ross Anderson University of Cambridge MSR 2013 19 May 2013 Demo: http://www.rendezvousalpha.com 1 To audit or not to audit You cant trust code that you did not

294 views • 15 slides
HARDSPLOIT Framework for Hardware Security Audit a bridge between hardware & a so0ware

HARDSPLOIT Framework for Hardware Security Audit a bridge between hardware & a so0ware

HARDSPLOIT Framework for Hardware Security Audit a bridge between hardware & a so0ware pentester Who am I ? Julien Moinard - Electronic engineer @opale-security (French company) - Security consultant, Hardware & SoDware pentester -

803 views • 40 slides
2 PuLSE-DSSA PuLSE-DSSA is based on the generic architecture development process shown in Figure

2 PuLSE-DSSA PuLSE-DSSA is based on the generic architecture development process shown in Figure

Creating Product Line Architectures 1 Joachim Bayer, Oliver Flege, and Cristina Gacek Fraunhofer Institute for Experimental Software Engineering (IESE) Sauerwiesen 6, D-67661 Kaiserslautern, Germany {bayer, flege, gacek}@iese.fhg.de Abstract .

260 views • 7 slides
Telehealth use of telecommunication techniques for the purpose of providing telemedicine, medical

Telehealth use of telecommunication techniques for the purpose of providing telemedicine, medical

I mmersive A ug m ented Real ity (I Am Real) --- A Remote Clinical Consultation System Qin Qing Zha hang April 2019 @ The Australian Telehealth Conference THE HE AUST STRALIAN E-HEA HEALTH RESEA SEARCH CEN CENTRE Telehealth use of

560 views • 14 slides

More recommend