Know Your Software. Ship on Time. Avoid Recalls.

As an embedded systems manufacturer, you have to coordinate the integration of numerous hardware and software components. Once they are assembled, the cost of stopping production or recalling devices is enormous. With complex production schedules and aggressive delivery schedules, the software must come in on time and work with the hardware immediately. If software components are outsourced, it is vital to know exactly what suppliers are delivering, without surprises such as unanticipated software licensing obligations.

How can you get suppliers to deliver robust software on time without licensing surprises and disrupting the supply chain?

• Use an Automated Software Code Evaluation System In House. The days of an honor system when an engineer could eyeball the code and tell you what is in it and what licenses applies to all the components are long gone. The complexity of software development has expanded exponentially; often software contains code components of mixed origin with multiple associated licenses. An automated system will report a comprehensive inventory of code components and licenses while highlighting any incompatibility among licenses or with company policies. Without such a system, undesirable licensing obligations could result in supply chain delays or product recalls.

• Get Bill of Materials for Software. Creating or obtaining a bill of materials for hardware, all the way down to the last circuit, is standard practice. Now it is possible to do the same for software. If software code flaws or security holes are discovered, knowing exactly which modules contain the code allows you to respond rapidly. A complete bill of materials greatly simplifies the process of finding and replacing software code components. Similarly, when customers ask for information about software versions, the answers are quickly available. Software projects need no longer be black boxes.

• Educate and Enforce Policy with Your Suppliers. Develop policies to specify acceptable code origins and licenses for your product’s software components within your supply chain and communicate these to your suppliers. Once your suppliers have been educated, they can demonstrate adherence to your specifications by producing a bill of materials for the software they deliver. Your software procurement procedures will attain a higher level of assurance when your suppliers know you will rigorously inspect code.

Black Duck Software offers products and services that provide information about the code in your software projects and their associated licensing. If you Know Your Code, you and your suppliers can take advantage of open source software and code reuse when building your products.

How do I find out more information?

• Read more about the protexIP/development platform which automates component approval within your software development. protexIP/development identifies potential license conflicts before it’s too late.

• Find out how storage solution Adaptec documented, managed, and properly licensed open source and third party software into its products.

• Find out how software compliance systems are helping to unlock the potential of modular, collaborative development to significantly enhance profitability, reliability and ROI. Read the whitepaper Software Compliance Management: Automating License Compliance in the New, Mixed-IP Development World.