Having just completed the annual IBM Intellectual Property training, and while thinking more about the CodePlex Foundation, I saw the following Open World Forum conference track description:

“The growing use of Open Source and economics of outsourcing have made testing for intellectual property (IP) cleanliness and proper satisfaction of legal obligations an essential task for ensuring quality and market acceptability. Real or perceived IP issues can delay product cycles and derail entire projects or business transactions. “

Upon further digging, I realized that Protecode, a company I wrote about back in 2008, was playing a key role in this track.

It goes without say that enterprises using open source code within their software development process should have policies in place to protect the enterprise.  Clearly there’s a risk of contaminating a custom enterprise application by misusing open source code.  But in most cases, the enterprise can be safeguarded unless the derivative work needs to be distributed outside of the enterprise’s walls.  With applications delivered over the web, very few enterprises find the need to distribute their internally developed software.  However, whether the enterprise is distributing the derivative work or not, there’s also a risk of patent infringement.

That’s where Protecode comes in with its three pronged approach:

Enterprises can, and should, create policies for developers, on the enterprise’s payroll and contracted via consultants or off-shoring, to utilize open source code appropriately.  But that can’t be the only line of defense.  Enterprises must be able to retroactively and proactively ensure that code their developers are writing is free of intellectual property concerns.  Being able to analyze existing software assets with a product such as Protecode’s Enterprise IP Analyzer is step one.  But the real goal should be validating IP on the fly, with a product such as Protecode’s Developer IP Assistant.  There’s also the interim step of testing IP ownership during builds with a product such as Protecode’s Build IP Analyzer.

I wonder what portion of enterprises have analyzed their existing software assets to validate that they are in fact the rightful IP owners to the entirety of their internally developed software.  Or better yet, what portion of enterprises that analyzed their software assets were surprised with the results!

Follow me on twitter at: SavioRodrigues

PS: I should state: “The postings on this site are my own and don’t necessarily represent IBM’s positions, strategies or opinions.”