Validating Free and Open Source Software (FOSS)

There are a number of issues associated with allowing your staff to use Free and Open Source Software (FOSS).  There are more issues associated with allowing your software developers to incorporate FOSS in your projects and applications especially if you are in the business of reselling such software as part of a product or service. High on the list of challenges in both cases are the license implications.  Equally high on the list must be concerns about the code quality of the FOSS.  When it comes to validating the quality of FOSS, there is a simple strategy that could allow you to have more confidence in FOSS than in the off-the shelf software packages that your organization probably uses. How?  Well, the nice thing about FOSS is that you actually have access to the source code.  This means that you can run it through a source code analyzer such as those available from CAST Software and their competitors.  You can reasonably expect that a good source code analyzer will not only report on the efficiency and quality of the code but also on any potential security threats.  Using an analyzer in this way will provide a layer of certainty that you do not have over the packaged or COTS software you buy without access to the source code. The business case?  The time saved in bringing in FOSS solutions over the time taken to write and evolve them yourself should cover the cost of the analysis tool.  If you use a lot of FOSS then it makes sense to invest in buying the analysis software yourself.  If you use FOSS only occasionally then DCG can help you by performing one-off analysis as a service using the CAST Software tool whenever you need it.

Written by Michael D. Harris at 04:54



"It's frustrating that there are so many failed software projects when I know from personal experience that it's possible to do so much better - and we can help." 
- Mike Harris, DCG Owner

Subscribe to Our Newsletter
Join over 30,000 other subscribers. Subscribe to our newsletter today!