期刊名称:Journal of Systemics, Cybernetics and Informatics
印刷版ISSN:1690-4532
电子版ISSN:1690-4524
出版年度:2018
卷号:16
期号:5
页码:50-54
出版社:International Institute of Informatics and Cybernetics
摘要:This publication deals with Open Source Software (OSS) compliance. In a previous publication [1], we presented an organizational-technical concept for ensuring basic OSS compliance. Based on this concept, we now address further aspects that are essential to OSS compliance. Our focus is on methods for avoiding license infringements by automated generation of OSS notice lists. We describe means to manage OSS license (OSSL) information of directly and indirectly used OSS. We use methods for establishing a common domain language based on a Domain-Driven Design (DDD) approach that leads to a better communication between experts from different fields, e.g., technical and domain experts, when discussing OSS compliance and developing our solutions. Furthermore, we present already existing Maven tools as well as self-developed Java tools, which make it possible to store the information that has been gained during the OSS compliance process in a structured way. With the aid of said tools, this information can then be used to create the lists of used OSS suitable for internal audits, external software deployments and software deliveries automatically to reduce manual effort and risk of errors.
