How to Assure Legal Compliance from Software Development to Delivery

By S. Cohn-Sfetcu and K. Hassin  |  Posted 2010-01-18 Print this article Print

For organizations involved with software development and delivery, consciously implementing measures for legal compliance into the software development process itself is crucial. Equally important is incorporating effective software intellectual property management into the organization. Here, Knowledge Center contributors Sorin Cohn-Sfetcu and Kamal Hassin explain how to validate the intellectual property cleanliness of software, while ensuring it meets all legal obligations before market delivery.

In the age of open-source and large-scale outsourcing, both assuring the quality of software and taking it to market means ascertaining its legal compliance as well. In recent years, numerous legal cases have highlighted the business risks and the enormous costs incurred when this is not done properly. These costs stem from involvement in judicial procedures, software recalls, fixing legal compliance issues post-release, and missed market opportunities caused by delays in the development process. Other consequences include lowered valuations in due diligence processes triggered by customers, potential or existing investors, mergers and acquisitions, and other major transactions.

Software is a pervasive element in most products and processes, and its sources have multiplied over time. Sources now include internal developments, suppliers of subsystems and chips, outsourced development contractors, open-source repositories and the previous work of the developers themselves. Software, unlike hardware, is easily accessed, replicated, copied and re-used.

Open-source software has become a significant player in most software development life cycles, thanks to the wide availability of source code, its apparent free cost, and its high degree of stability and security. Open-source code is generally free on the surface but it's not without obligations. It comes laden with licensing and copyright conditions which are enforceable by law-sometimes with dire effects for users who are not careful to validate the pedigree of the code in their products (for example, the origin and any associated obligations of all software components).

This doesn't mean that leveraging outsourcing and/or open-source software is to be avoided. The issue is not with the use of open source, but with unmanaged adoption and lack of proper care to the copyright and licensing obligations it entails. It's paramount that industrial managers validate the intellectual property (IP) cleanliness of their products and services, and ascertain that they meet all legal obligations before they reach the market.

Sorin Cohn-Sfetcu is involved in Marketing at Protecode. Sorin brings over 30 years of entrepreneurial involvement in technology and business management in multinational (Nortel) and small companies, with a significant portfolio of market successes, innovative products and publications. Sorin holds several patents in Web services, wireless, and digital signal processing. Sorin has a Ph.D. from McMaster University, a Masters of Science degree from University of Calgary, and a Masters of Engineering degree from Polytechnic Institute of Bucharest. He can be reached at Hassin is responsible for product portfolio capabilities at Protecode. Kamal is a thought leader in the area of open-source licensing. Kamal is the author or co-author of a number of papers on Software Intellectual Property management. Kamal has a Bachelor of Engineering degree and a Masters degree in Technology Innovation Management from Carleton University. He can be reached at

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel