From TRL to MRL: Assessing The Market Readiness of Open …€¦ · From TRL to MRL: Assessing The...
Transcript of From TRL to MRL: Assessing The Market Readiness of Open …€¦ · From TRL to MRL: Assessing The...
From TRL to MRL: Assessing The Market
Readiness of Open Source Projects
A Progress Report
Cedric ThomasOW2
15 - 16 MARCH 2017 EXCEL LONDON
Code Base
OW2Non-Profit Open Source Organization
European and Global
Community
Code Base
OW2Non-Profit Open Source Organization
European and Global
Community
Activities
Code Base
OW2Non-Profit Open Source Organization
European and Global
Community
Governance
Activities
Code Base
OW2Non-Profit Open Source Organization
European and Global
Community
Governance
Activities
Members
Code Base
OW2Non-Profit Open Source Organization
European and Global
Mar 16, 2017 72016, Cedric Thomas
Mar 16, 2017 82016, Cedric Thomas
Mar 16, 2017 92016, Cedric Thomas
Mar 16, 2017 102016, Cedric Thomas
11
Commercial Open SourceFree Software
Mar 16, 2017 122017, Cedric Thomas
Agenda OSS Projects and the Value Chain
Evaluating Readiness and Maturity
Evaluating Open Source Projects
OW2 OSCAR Approach
Mar 16, 2017 132017, Cedric Thomas
Project categoriesCode to productSupporting market readiness
OSS projects and the value chain
Mar 16, 2017 142017, Cedric Thomas
Community projects
Mar 16, 2017 152017, Cedric Thomas
Enterprise projects
Mar 16, 2017 162017, Cedric Thomas
Collaborative projects
Mar 16, 2017 172017, Cedric Thomas
Software is Code
Mar 16, 2017 182017, Cedric Thomas
What is a Software Product?
Developer Customer
Mar 16, 2017 192017, Cedric Thomas
What makes a Software Product?
Developer Customer
Documentation
Testing
Upgrades Training Etc.
Pricing Contracts Support Expertise
Packaging
202017, Cedric Thomas
Research & Development
Co
deP
OC
sU
se-c
ases
De
mon
stra
tors
Do
cum
enta
tion
Test
ing
Up
grad
esB
ug-f
ixin
gT
rain
ing
Sup
port
Pac
kagi
ngC
ase
stu
dies
Co
llate
ral
Pric
ing
Co
ntra
cts
Ear
ly a
dopt
ers
Etc
.
Pre
dict
abili
tyQ
ualit
yT
rust
Without the code, the rest does not exist,but it's the rest that gives market value to the code
DeliveryChallenge
What creates value?
Market Value
OSS
212017, Cedric Thomas
Research & Development
Co
deP
OC
sU
se-c
ases
De
mon
stra
tors
Do
cum
enta
tion
Ro
adm
apU
pgr
ades
Bug
-fix
ing
Tra
inin
gS
uppo
rtP
acka
ging
Ca
se s
tudi
esC
olla
tera
lP
ricin
gC
ont
ract
sE
arly
ado
pter
sE
tc.
Pre
dict
abili
tyQ
ualit
yT
rust
DeliveryChallenge
Market Value
Who creates value?The ecosystem
ContributorsDistrib. Vendors
Open Source Orgs.
Fiduciary Services Users
Systems Integrators
222017, Cedric Thomas
Research & Development
Co
deP
OC
sU
se-c
ases
De
mon
stra
tors
Do
cum
enta
tion
Ro
adm
apU
pgr
ades
Bug
-fix
ing
Tra
inin
gS
uppo
rtP
acka
ging
Ca
se s
tudi
esC
olla
tera
lP
ricin
gC
ont
ract
sE
arly
ado
pter
sE
tc.
Pre
dict
abili
tyQ
ualit
yT
rust
OW2 is an ecosystem platform that helps create value in open source projects
DeliveryChallengeCollaborative Development Technical Resources
Governance, Projects, Initiatives, Quality Program
Communication, Outreach, Marketplace
OSCAR
Market Value
Supporting market readiness and value creation
232017, Cedric Thomas
Technology Readiness LevelMarket readinessOpen source readiness
Evaluating Readiness and Maturity
242017, Cedric Thomas
Origin: Technology Readiness Level (TRL)
A type of measurement system used to estimate the maturity level of a particular technology
In technology, there are usually nine readiness levels. TRL 1 is the lowest and TRL 9 is the highest.
A TRL number is obtained once the description has been achieved.
For example, successfully achieving TRL 4 does not move the technology to TRL 5.
Pioneered by NASA in the 80’s.
Adopted by the DOE and DOD for procurement and management of complex systems.
Idea(useless)
Operational(useful)
252017, Cedric Thomas
NASA/DOD TRL
http
://w
ww
.fra
nki
cham
aki
.co
m/w
p-c
ont
ent/
uplo
ad
s/2
014
/01/
nasa
-trl.
jpg
262017, Cedric Thomas
http
s://s
teve
bla
nk.
files
.wo
rdp
ress
.co
m/2
01
3/11
/irl.j
pg
Investment Readiness Level
272017, Cedric Thomas http
://w
ww
.ndi
a.o
rg/D
ivis
ions
/Div
isio
ns/S
cie
nce
An
dE
ngin
ee
ring
Tech
nol
ogy
/Do
cum
en
ts/C
oyl
e%
20
ND
IA.p
df
282017, Cedric Thomas
QualiPSoOW2 SQuATCII Badge Program
Evaluating Open Source Projects
292017, Cedric Thomas
OSS Analysis LandscapeEU
Col
lab.
Pro
ject
sIn
dust
rySt
anda
rdiz
atio
n bo
dies
IP a
naly
sis
Stat
ic a
naly
sis
Qua
litat
ive
anal
ysis
OW2 OMM forms
Engi
neer
ing
met
rics
CI /
Te
stin
g
Crowd testing
302017, Cedric Thomas
2007: QualiPSo European project
48 months (2007-2010)
22 organisations from 9 countries (3 continents)
It is all about TRUST
Trust cannot be claimed without being proved!!!
QualiPSo aimed at standardising the way OSS systems are built, offered and consumed.
312017, Cedric Thomas
322017, Cedric Thomas
2010: OW2 Software Quality Assurance and Trustworthiness(SQuAT)
IP verification: FOSSology
Applied on all OW2 mature projects
Code verification: Antelink
Provides traceability of external libraries
Static analysis: Sonar
Set of OW2 Sonar rules
Maturity analysis: Qualipso
OMM applied to OW2 projects
332017, Cedric Thomas
PDOC STD QTP LCS ENV DFCT MST CM PP REQM RDMP STK
0
1
2
3
4
3.22
3.75
3.43
43.83
3.71 3.754
3
4
3
3.89
OMM Basic level
Trustworthy elements assessment
Trustworthy elements
Assessed
value
PDOC STD QTP LCS ENV DFCT MST CM PP REQM RDMP STK
0
1
2
3
4
5
6
7
8
9
10
56%
75% 43%100%
83%86%
75%
100%
0%
100%33%
100%
22%
25%
57%
0%
17%0%
25%
0%
100% 0%33%
11%
0%
0%
0%
0%14%
0%
0%
0%
0%33%
0%11%
0%
0%
0%
0%
0%
0%
0%
0%
0%
0%
0%
OMM Basic levelPractices assessment value
4 3 2 1
Trustworthy elements
Assessment
value of practices
OW2 Implementation of the QualiPSo OMM
342017, Cedric Thomas
2012: RISCOSS
CommercialProducts/Services
???
Antepedia
Business Users Integrators
Open source as a public resource freely accessible
But OSS come from very different backgrounds
Exploring and mapping the open source landscape
Need to identify, measure, evaluate existing software
Many tools and online services available
352017, Cedric Thomas
2015: Linux Foundation CII Badge Program
Core Infrastructure Initiative (CII)
Launched after the Heartbleed failure
Organized by The Linux Foundation
Supported by Amazon Web Services, Adobe, Bloomberg, Cisco, Dell, Facebook, Fujitsu, Google, Hitachi, HP, Huawei, IBM, Intel, Microsoft, NetApp, NEC, Qualcomm, RackSpace, salesforce.com, and VMware
https://www.coreinfrastructure.org/
David A. Wheeler at OW2con'16
362017, Cedric Thomas
CII BADGE PROGRAM Checklist:
Basics Project website
Project website content
FLOSS License
Documentation
Other
Change control Public version-controlled source repository
Version numbering
Release notes (ChangeLog)
Reporting Bug reporting process
Vulnerability reporting process
Quality Working build system
Automated test suite
New functionality testing
Warning flags
Security Secure development knowledge
Good cryptographic practices
Secured delivery mechanism
Publicly-known vulnerabilities fixed
Analysis Static code analysis
Dynamic analysis
372017, Cedric Thomas
More than just TRLMarket readinessPromotes best practices
OW2 OSCARApproach
382017, Cedric Thomas
OSCAROpen Source Capability Assessment Radar
Requirements
Metrics
Visual Reporting
Risk analysis
OM
M F
orm
Metrics / Scorecards
Documentation
Privacy / GDPR
Standards
Licenses and IP
Fossology
SonarQube
Static code analysis
Code / Commits / Bugs
Testing / CI / Release
Cloud Deployment
OM
M F
orm
Governance Engineering
More to come:- Accessibility- Deployability- Marketing- Funding
Mar 16, 2017 392017, Cedric Thomas
OMM Assessment Web Form
Mar 16, 2017 402017, Cedric Thomas
OMMAssessment
Mar 16, 2017 412017, Cedric Thomas
FOSSologyLicense analysis
Mar 16, 2017 422017, Cedric Thomas
SonarQubeStatic code analysis
Mar 16, 2017 432017, Cedric Thomas
Risk Analysis
Mar 16, 2017 442017, Cedric Thomas
Risk Models
Mar 16, 2017 452017, Cedric Thomas
OSCAR Market Readiness Scorecard
462017, Cedric Thomas
From Data to Market Readiness Levels
A type of measurement system used to estimate the market maturity and readiness of a particular project
Rough Code(useless)
Fully Supported Product(useful)
472017, Cedric Thomas
A Market Readiness Template for Open Source Software
“flight proven”
“flight qualified”
“prototype in space”
“proven demo”
“relevant envt validation”
“Lab validation”
“proof of concept”
“application formulation”
“Basic principles”
Established product with properly financed and organized Business support Customer base, Repeat sales and Market recognition
Early customer base, appropriate financing or active community support, recognized software
Early customer base and fledgeling financing or active community support
Proven product recent, market opening, untested governance
Some customers recent, market opening, un-proven governance
Several users, project leadership well established
One declared user (can be internal) with declared project leader
Basic R&D code developed with one demonstrated use case, some documentation
Basic R&D code developed
48
www.ow2.orgFor more details please contact Cedric Thomas, OW2 CEO, [email protected]
And now let's talkQ&ADisagreementsComplementsFeedbacketc.
Thank You