Two Thirds Of Software Firms Contribute To Open Source

Open source optimisation specialist Black Duck Software has revealed in its tenth annual ‘Future of Open Source Survey‘ that a majoirty of corporations are now contributing to open source projects.

Its survey, conducted in conjunction with VC firm North Bridge, of 1,300 executives found that 65 percent of companies are contributing to open source projects, and that one in three companies have a full-time resource dedicated to open source projects.

Encouraging Results

The survey also revealed encouraging signs that open source is now an established mainstream technology, and indeed is viewed by many as “today’s preeminent architecture and an engine for innovation.”

It says that open source is now the foundation for nearly all applications, operating systems, cloud computing, databases and big data.

But the survey did also find that significant challenges remain, namely to do with open source security and management practices.

“When the first survey launched 10 years ago, hardly anyone would have predicted that open source use would be ubiquitous worldwide just a decade later, but for many good reasons that’s what has happened. Its value in reducing development costs, in freeing internal developers to work on higher-order tasks, and in accelerating time to market is undeniable,” said Black Duck CEO Lou Shipley.

“Simply put, open source is the way applications are developed today,” said Shipley. “The future of open source is full of possibilities.”

And open source is no longer being viewed as a niche platform but is an innovation driver, after 90 percent of survey respondents said they rely on open source for improved efficiency, innovation and interoperability.

Developers it seems appreciate the flexibility of open source, its ability to be customised, as well as the fact that it has no vendor lock-in.

Security Concerns

But issues remain because the rapid adoption of open source has outpaced the implementation of effective open source management and security practices.

“We see opportunities for organizations to make significant improvements in those areas,” said Shipley. “With nearly half of respondents saying they have no formal processes to track their open source, and half reporting that no one has responsibility for identifying known vulnerabilities and tracking remediation, we expect to see greater focus on those areas.”

The survey found that 50 percent of companies have no formal policy for selecting and approving open source code. It also revealed that 47 percent of companies don’t have formal processes in place to track open source code, which limits their visibility into their open source and therefore their ability to control it.

Also, more than one-third of companies have no process for identifying, tracking or remediating known open source vulnerabilities.

“Open source today is unequivocally the engine of innovation, whether that’s powering technology like operating systems, cloud, big data or IoT, or powering a new generation of open source companies delivering compelling solutions to the market,” said Paul Santinelli, general partner at North Bridge.

“Our survey this year showed respondents report that in the next two or three years, the business models that will generate the most revenue for open source vendors are SaaS (46 percent); Custom Development (42 percent) and Services/Support (41 percent),” he said.

Late last year, the executive vice president of the Apache Software Foundation told TechweekEurope that the open source community had to create greater diversity among open source developers. He explained that too many Apache projects are created and dominated by white men – something he says has to change.

How much do you know about Open Source technology? Take our quiz!