Open Source

Getting It Right With Open Source Software (SCC 01)


Description

This open source software course provides participants with the relevant knowledge and training to effectively manage the risks associated with the use of open source software across their organisation and their supply chain. Pre-requisite knowledge is not required.

Content
  • Chapter 1 Getting it Wrong with Open Source Software
  • Getting it Wrong with Open Source: Introduction
  • What is Open Source Software?
  • Accumulating the Risks with Open Source
  • The Organisational Impacts: Apache Struts
  • The Organisational Impacts: Log4J
  • The Organisational Impacts: Supply Chain Attacks
  • The Organisational Impacts: Heartbleed
  • Regulating Open Source Software
  • The Open Source Definition
  • The Organisational Impacts: Patrick McHardy
  • The Organisational Impacts: SFC v Vizio
  • The Organisational Impacts: Stockfish v ChessBase
  • The Organisational Impacts: Truth Social
  • The Organisational Impacts: CoKinetic Systems v Panasonic Avionics
  • The Organisational Impacts: Artifex
  • The Organisational Impacts: Lynwood Investments v F5 Networks
  • The Organisational Impacts: XimpleWare v Versata Software
  • The Organisational Impacts: Enforcement is not Exclusively GPL
  • The Organisational Impacts: Due Diligence
  • Chapter 1 Recap
  • Test Your Knowledge
  • Chapter 2 THE INTELLECTUAL PROPERTY BEHIND MODERN SOFTWARE
  • The Intellectual Property Behind Modern Software: Introduction
  • IP Concepts Relevant to Open Source Software
  • Chapter 2 Recap
  • Test Your Knowledge
  • Chapter 3 OPEN SOURCE LICENSES AND LICENSING MODELS
  • Open Source Licenses and Licensing Models: Introduction
  • The Spectrum of Licenses
  • Permissive Licenses
  • Copyleft Licenses
  • JIDE: A Licensing Story
  • BMW: A Licensing Story
  • Tesla Violates the GPL
  • Non–Open Source Licensing
  • Non-Open Source Licensing: Morality Licenses
  • Non-Sensical Licenses
  • Licensing Compatibility
  • Multi- Licensing or Dual Licensing
  • Non-Open Source Licensing: Closed Source Licensing
  • Chapter 3 Recap
  • Test Your Knowledge
  • CHAPTER 4 OPEN SOURCE SOFTWARE COMPLIANCE
  • Open Source Software Compliance: Introduction
  • Open Source Software Compliance Goals
  • Licensing Triggers: Distribution
  • Licensing Triggers: Incorporation
  • Licensing Triggers: Linking
  • Aggregate Software
  • Licensing Triggers: Modification
  • Licensing Triggers: Translation
  • Open Source Software Blind Spots
  • Chapter 4 Recap
  • Test Your Knowledge
  • CHAPTER 5 GETTING IT RIGHT WITH OPEN SOURCE SOFTWARE
  • Getting It Right With Open Source Software: Introduction
  • Achieving Success In Your Compliance Program
  • ISO 5230 OpenChain Standard
  • OpenChain Program Management Plan
  • The Open Source Program Office
  • Best Practices For Your Open Source Software Compliance Part 1
  • Best Practices For Your Open Source Software Compliance Program Part 2
  • Chapter 5 Recap
  • Test Your Knowledge
  • CHAPTER 6 MANAGING COMPLIANCE: TOOLS
  • Managing Compliance: Tools: Introduction
  • Combining Open Source Software Compliance with the DevOps Processes
  • The SBOM & Software Composition Analysis
  • Software Composition Analysis Tools
  • The Integration of Tools
  • Shifting Left
  • Chapter 6 Recap
  • Test Your Knowledge
  • CHAPTER 7 INTERNEURON OPEN CHAIN: A CASE STUDY
  • Interneuron OpenChain: A Case Study: Introduction
  • An OpenChain Conformance Case Study
  • Final Certification
  • Getting It Right With Open Source Software Certification
  • Resources
  • Useful Links
Completion rules
  • All units must be completed
  • Leads to a certificate with a duration: 1 year