The San Francisco, California-based company was one of a handful of intellectual property management vendors that sprung up in the light of Unix vendor SCO Group Inc’s controversial 2003 claims that Linux contained elements of its Unix System V code.
A series of negative decisions in the courts might have reduced concerns about Lindon, Utah-based SCO’s claims since then, but Palamida’s CEO, Mark Tolliver, maintains that the company’s services are more relevant than ever.
The fundamental proposition we started with is still completely valid, he told Computer Business Review. The software development world has flipped, they now expect to be using third party code such as open source software as part of how they develop code today.
According to Tolliver, the concern now is not what code might have made its way into open source projects, as it is what open source code might have found its way into internal development projects.
The suggestion is not necessarily that code is being misappropriated, he added, but that open source code provides a cost-effective basis for internal development, and sooner or later compliance requirements might call on businesses to account for it.
It is not to assess some sort of blame or suggest bad behavior, maintained Tolliver. The reality is we get a lot of software from a lot of sources. Eventually we will know what went in, why it went in, how it went in, and we’ll begin to see software as a bill of materials.
The company began life targeting fellow technology vendors with its IP Amplifier product, which is designed to detect third-party open source and commercial software components, and while that remains the core user base, interest is also growing in the governance implications.
Compliance still makes up the starting point and will remain so for some time to come, said Tolliver, but people’s definition of compliance is now expanding to ‘what can you tell me about the software’.
Software vendors remain the most obvious customer set, and it’s where we’ve done most of our business to date, he added. Now there’s more interest from software users, particularly those with a high level of IT governance.
Palamida’s software enables users to audit not just open source code, but also their own internally developed software, making it an obvious choice for companies that are using open source software as a base for internal development. A number of our customers have used our product on their code, Tolliver said. In terms of the functions we provide, there is no difference.
While he admitted that only a handful of customers were using the software in this way, he added that it turns out to be something we end up discussing with everyone, indicating that it could be a growing part of the business.
Another opportunity for growth will arrive in the form of version three of the GNU General Public License, which is used for an estimated three-quarters of all free and open source software.
Not only will the new version, expected in the spring, bring a number of changes, but some projects, such as the Linux kernel, are likely to remain on the previous GPLv2, raising the potential for confusion about licensing implications and interdependencies.
I think as that rolls out it will focus people’s attention even further, said Tolliver. People will want to study that, be aware of it, and look to people like us to provide some management assistance.
