In the age of open-source and large-scale outsourcing, both assuring the quality of software and taking it to market means ascertaining its legal compliance as well. In recent years, numerous legal cases have highlighted the business risks and the enormous costs incurred when this is not done properly. These costs stem from involvement in judicial procedures, software recalls, fixing legal compliance issues post-release, and missed market opportunities caused by delays in the development process. Other consequences include lowered valuations in due diligence processes triggered by customers, potential or existing investors, mergers and acquisitions, and other major transactions.
Software is a pervasive element in most products and processes, and its sources have multiplied over time. Sources now include internal developments, suppliers of subsystems and chips, outsourced development contractors, open-source repositories and the previous work of the developers themselves. Software, unlike hardware, is easily accessed, replicated, copied and re-used.
Open-source software has become a significant player in most software development life cycles, thanks to the wide availability of source code, its apparent free cost, and its high degree of stability and security. Open-source code is generally free on the surface but it's not without obligations. It comes laden with licensing and copyright conditions which are enforceable by law-sometimes with dire effects for users who are not careful to validate the pedigree of the code in their products (for example, the origin and any associated obligations of all software components).
This doesn't mean that leveraging outsourcing and/or open-source software is to be avoided. The issue is not with the use of open source, but with unmanaged adoption and lack of proper care to the copyright and licensing obligations it entails. It's paramount that industrial managers validate the intellectual property (IP) cleanliness of their products and services, and ascertain that they meet all legal obligations before they reach the market.