You are here: Home / OSADL / Events / 
2020-04-02 - 21:37
OSADL Special Events

OSADL Special Events

Software Scanning Workshop: How to reach Open Source license compliance with FOSSology – Legal and practical aspects

Two-Day Software Scanning Workshop:
How to reach Open Source license compliance with FOSSology –
Legal and practical aspects

Canceled

Tuesday, March 31, 2020 and
Wednesday, April 1, 2020
TP ConferenceCenter, Technologiepark Heidelberg

Im Neuenheimer Feld 582, 2nd floor
69120 Heidelberg/Germany
09:30 - 17:00

Agenda first workshop dayAgenda second workshop dayRegistrationMap -  Presentations (member or participant login required)

Cancellation

The workshop was canceled due to the ongoing development of the COVID-19 pandemic. Any information with respect to new workshop dates will be given here as soon as it will be possible to hold such type of events again.

Scope of the workshop

Nearly all Open Source licenses have a common set of license obligations that is to forward the i) license text, ii) a warranty disclaimer in favor of the original authors and iii) a list of copyright notices. In the good old days when software was developed by a small number of authors and there was only a small number of different licenses this was relatively easy to fulfill. These three elements could be handed over to the customer in print but could also easily be included into the software.

Today, however, there are software packages written by more than 10,000 contributors and including up to hundred and more different licenses. Even if someone underwent the enormous work to collect all this information manually, it would still include the risk that something was forgotten, and, unfortunately, even a single forgotten element of this information may already constitute a license infringement. Thus, the only solution is to use automated tools to extract this indispensable information from software. In addition, it is not sufficient to just use this tool once, but it must be integrated into a company's processes to provide continuous integration. Finally, even when this is achieved, the tool should allow to supervise not only a single department of a company but all departments that require such tools and should provide a synergy of departments. The latter clearly asks for a client server concept of such a tool and one of the best suitable tools for this purpose is FOSSology.

The large number of features and configurations of FOSSology makes it a bit difficult for every individual to get acquainted with it, and it therefore was evident that a number of OSADL members asked for a workshop which was then held in October 2019. Since the October workshop was quickly booked out and some of the requested topics could not be covered in the one-day workshop, it was decided to organize a follow-up workshop, but this time as a two-day event. Such follow-up Software Scanning Workshop will take place on March 31 and April 1, 2020 in Heidelberg/Germany.

The first workshop day will cover base aspects of Open Source license obligations and compliance and will give a general overview of the scope and functions of FOSSology and its history. During the second workshop day, participants will learn the theory of license obligations based on the OSADL checklists and the practice of fulfilling them with FOSSology in hands-on sessions. For the latter, a server with preinstalled software packages to be scanned will be available.

We are very pleased that Dr. Michael C. Jaeger, co-maintainer of the FOSSology project and co-lead of the Eclipse SW360 project, and Dr. Miriam Ballhausen, Lawyer and Counsel at Bird & Bird, accepted again our invitation to contribute to the workshop as trainers and speakers.

Both workshop days can be booked either separately or as a block. However, participants who plan to only attend the second workshop day should have either attended the Software Scanning Workshop in October 2019 or otherwise have sufficient base knowledge on license compliance, scanning and FOSSology to follow the second workshop day. On the other hand, interested parties who only want to gain basic knowledge or a first impression of software scanning certainly may book only the first workshop day.

Recommended audience

This workshop is recommended for anybody, who is interested, be it by personal or by professional reasons, in learning the theory, the background and the practice of software scanning in order to obtain license compliance. This comprises but is not limited to software developers, project managers, Open Source officers, legal consultants, employees of purchase departments, etc.

Recommended equipment

In order to actively participate in the practial exercises offered during the second workshop day, participants are invited to take along with them a standard notebook that runs any operating system, provides wireless LAN access and runs an Internet browser to access the in-house FOSSology server via wireless LAN. Attendees who are unable to take along with them such equipment, may use preinstalled OSADL notebooks which will be made available during the workshop.

Workshop participation fee

  • Employees of regular OSADL members, associate OSADL members and academic OSADL members: free access (please select the check box "OSADL member" when registering)
  • Regular workshop fee for non-members: EUR 1,500 per person for both workshop days, EUR 800 per person for one workshop day only. Please select the check box "Not an OSADL member" when registering. An invoice will be sent to the given address shortly after the registration. 

All given prices are net prices per person exclusive VAT.

Registration

Please note that the second workshop day on April 1, 2020 is already booked out and that from now on registration is only possible for the first workshop day on March 31, 2020, which is thought for interested parties who want to gain basic knowledge or a first impression of software scanning. However, we plan to offer another edition of the Software Scanning Workshop at a later time. In order to be able to estimate the interest in such a repetition of the workshop, we would appreciate if you could send us a short note by email to officeªosadl.org.

For registration of the first workshop day, please use the registration form available here: Workshop registration: Workshop registration.

Please register before March 23, 2020.

Privacy policy

When you register for participation at the event you agree that the personal data you enter in the registration form will be processed at OSADL (see OSADL privacy policy).

You may revoke this agreement at any time by email, mail or phone using the communication data provided at the OSADL imprint page but this will also cancel your registration.

Agenda first workshop day - March 31, 2020

Software Scanning Workshop:
How to reach Open Source license compliance with FOSSology – Legal and practical aspects

09:00 – 09:30 Get together

09:30 – 09:45 Welcome and introduction, Dr. Carsten Emde

09:45 - 10:30 Overview of the legal aspects of Open Source license obligations and scanning, Dr. Carsten Emde

10:30 - 11:00 "Scanning" - One word for two different things, Dr. Carsten Emde

11:00 – 11:30 Coffee break

11:30 – 12:15 The FOSSology Project: History and current status as well as feedback from the 2019 OSADL Scanning Workshop, Dr. Michael C. Jaeger

12:15 - 12:45 OSADL Checklists Project: Fulfilling Open Source license obligations – Can checklists help? Caren Kresse

12:45 – 13:45 Lunch break

13:45 – 14:30 Open Source license compliance, Copyright Law and Software Supply Chains, Dr. Miriam Ballhausen

14:30 - 15:15 Overview of the scope and functions of FOSSology, Dr. Michael C. Jaeger

15:15 – 15:30 Coffee break

15:30 – 16:15 Don’t let Open Source License enforcement freak you out – options and strategy for successfully handling a cease-and-desist letter, Dr. Miriam Ballhausen

16:15 - 16:45 Delta scanning - A method to confirm or reject alleged copyright infringements, Dr. Carsten Emde

16:45 – 17:00 Questions and answers, discussion, All

Download the agenda as PDF file

The presentations of the workshop will available here after the workshop (member or participant login required).

Agenda second workshop day - April 1, 2020

Software Scanning Workshop:
How to reach Open Source license compliance with FOSSology – Legal and practical aspects

09:00 – 09:30 Get together

09:30 – 09:45 Welcome and introduction, Dr. Carsten Emde

09:45 – 10:15 Set-up of the Hands-on equipment (either on participants’ own computers or on provided ones), Dr. Carsten Emde/Caren Kresse

10:15 – 10:30 FOSS compliance obligations: overview and recap, Dr. Miriam Ballhausen
Forwarding/providing license text
Forwarding/providing copyright notices
Forwarding/providing warranty disclaimer
Forwarding/providing source code

10:30 – 10:45 “YOU MUST Forward/Provide License text”* (Theory), Dr. Miriam Ballhausen
Source code delivery
Binary delivery

10:45 – 11:15 “YOU MUST Forward/Provide License text” – How to do it with FOSSology? (Hands-on), Dr. Michael C. Jaeger

11:15 – 11:30 Coffee break

11:30 – 11:45 “YOU MUST Forward/Provide Copyright notices / Warranty disclaimer” (Theory), Dr. Miriam Ballhausen
Source code delivery
Binary delivery

11:45 – 12:15 “YOU MUST Forward/Provide Copyright notices / Warranty disclaimer” – How to do it with FOSSology? (Hands-on), Dr. Michael C. Jaeger

12:15 – 12:30 “YOU MUST Credit Verbatim 'Acknowledgment text'" (Theory), Dr. Miriam Ballhausen
Source code delivery
Binary delivery

12:30 – 13:00 “YOU MUST Credit Verbatim 'Acknowledgment text'" – How to do it with FOSSology? (Hands-on), Dr. Michael C. Jaeger

13:00 – 14:00 Lunch break

14:00 – 14:15 “YOU MUST Forward/Provide Source code” (Theory), Dr. Miriam Ballhausen
Source code delivery
Binary delivery

14:15 – 14:45 “YOU MUST Forward/Provide Source code” – How to do it, how to ensure it is complete and corresponding? (Hands-on), Dr. Carsten Emde/Caren Kresse

14:45 – 15:15 “A Lawyer is in the room” – Questions and answers with respect to copyright law, Dr. Miriam Ballhausen

15:15 – 15:45 Coffee break

15:45 – 16:15 Redistributing a complete Linux distribution – how to use the package manager instead of scanning? Caren Kresse

16:15 – 17:00 The next step: Component catalogue, product BOM and Eclipse SW360 – How to combine them with FOSSology and practical demonstration, Dr. Michael C. Jaeger

----
* The quoted instructions „YOU MUST...“ are taken from the related sections of the OSADL checklists project: https://www.osadl.org/?id=2525

Download the agenda as PDF file

The presentations of the workshop will be available here after the workshop (member or participant login required).

Speakers

  • Dr. Miriam Ballhausen, Lawyer and Counsel, Bird & Bird
  • Dr. Carsten Emde, General Manager, OSADL
  • Dr. Michael C. Jaeger, Co-Maintainer FOSSology Project and Co-Lead Eclipse SW360 Project
  • Caren Kresse, Compliance and Technology, OSADL

Workshop language

The workshop language is English. The presentation material will be in English, too.

Accommodation

For accommodation, below please find a list with some hotels quite close to the workshop location:

Auerstein Hotel (approx. 1,5 km)
Dossenheimer Landstraße 82, 69121 Heidelberg
Phone: +49 6221/64 99 700, Email: info@auerstein.de,
Homepage

IBIS Hotel Hauptbahnhof (approx. 2 km)
Willy-Brandt-Platz 3, 69115 Heidelberg
Phone: +49 6221 9130, Email: H1447-RE@accor.com,
Homepage

Hotel NH Heidelberg (approx. 2,5 km)
Bergheimer Str. 91, 69115 Heidelberg
Phone: +49 6221 13270
Homepage

Star Inn Hotel & Suites Premium Heidelberg, by Quality (approx. 3 km)
Speyerer Straße 9/ Gottlieb- Daimler- Straße, 69115 Heidelberg
Phone: +49 6221 36 00 0, Email: heidelberg@starinnhotels.com,
Homepage

Hotels located in Heidelberg old-town:

Hotel Weisser Bock (approx. 3,6 km)
Große Mantelgasse 24, 69117 Heidelberg
Phone: +49 6221 90000, Email: info@weisserbock.de
Homepage

Hotel Kulturbrauerei Heidelberg (approx. 4 km)
Leyergasse 6, 69117 Heidelberg
Phone: +49 6221 502980, Email: info@heidelberger-kulturbrauerei.de
Homepage

How to get to the TP ConferenceCenter in Heidelberg?

Venue:
The Security Innovation Workshop will take place at the TP ConferenceCenter im Technologiepark Heidelberg (TP ConferenceCenter at Heidelberg Technology Park), Im Neuenheimer Feld 582 in 69120 Heidelberg/Germany.

By car:
A map to calculate directions to the TP ConferenceCenter im Technologiepark Heidelberg is available here. A limited number of parking spaces is available and will be reserved for workshop participants.

Public transportation:
The TP ConferenceCenter im Technologiepark Heidelberg is located about 2.5 kilometers away from Heidelberg main railway station. From there, the electric tram lines RNV 21 or 24 direction „Handschuhsheim” take about seven minutes. Please leave the tram at stop „Technologiepark”. The ConferenceCenter can be reached from there in a short walk.

Questions?

Please do not hesitate to contact us in case you have further questions:
Andrea Ruf
officeªosadl.org
Phone.: +49 6221 98504 13