Research Paper: Industry Best Practices for FLOSS Governance and Component Reuse

Abstract: Corporate use of open source in software products is on the rise. While this brings a number of technological and business benefits to companies, it also comes with potential legal and financial risks caused by license non-compliance and ungoverned use of open source components. Companies address these threats with free/libre and open source software (FLOSS) governance – internal guidelines and processes for using open source components in products. An essential aspect of FLOSS governance is component reuse and component repository, which enable efficient governance for the previously used components by the company’s developers. In our study, we aimed to identify the current industry best practices for FLOSS governance and component reuse. We conducted 15 expert interviews in companies with high governance maturity, analyzed these interviews and derived 19 best practices cast in the pattern format of context-problem-solution. The format was inspired by design patterns and enables higher applicability of our research results by practitioners. The 19 best practices form a handbook on FLOSS governance and component reuse that also includes workflows connecting the individual practices into process templates.

Keywords: Open Source Software, FLOSS, FOSS, Open Source Governance, Best Practice, Commercial Use of Open Source, Component Repository, Component Reuse, Industry Best Practice, Introduction of FLOSS in Companies, Pattern, Pattern Language

Reference: Nikolay Harutyunyan and Dirk Riehle. 2019 (July). Industry Best Practices for FLOSS Governance and Component Reuse. In EuroPLoP’19: 23rd European Conference on Pattern Languages of Programs, July 3-7, 2019, Irsee, Germany. ACM, 24 pages.

A preprint of the paper is available here as a PDF file.