New Zealand Linux

Red Hat is widely expected to crack a billion dollars in revenue in today’s earning call. This achievement will finally put to bed the argument that “nobody can make money with open source.” I want to congratulate Red Hat for this incredible achievement. However, I would also like to use this occasion to show that there is significantly more at play here. It isn’t just the billion dollars Red Hat is making with open source; there are many more reasons why Linux and open source are fundamental building blocks of the future:

* Red Hat will today pass a billion dollars in revenue.

* The collective investment in Linux is $10billion – freely available to you.

* Billions of users a day use Linux systems in everything from their TV, to their ATM machine to the cell phone to the servers powering the cloud. B

* Billions of dollars are transacted on Linux systems running every major financial exchange EVERY day.

* The fastest Linux computer does 10 quadrillion operations a second (that is a thousand billion or a billiard in long scale countries).

* Facebook used Linux to build a company forecast to be worth one hundred billion dollars.

Credit where credit is due: Red Hat has worked extremely hard and extremely smart to leverage open source to make a billion dollars. Here at the Linux Foundation, we work with them everyday and I am continually impressed by their focus, their management and their consistent commitment to working upstream.

But even more significant to Red Hat’s future prospects is the virtuous cycle that they now participate in. Platform economics have always been dominated by network effects. More users beget more applications, which beget more users and so on. This has resulted in great scale for particular companies who lock people into their network effect but has arguably not resulted in great innovation. Red Hat however, benefits from a different kind of network effect. A network effect centered around innovation.

Since Linux has grown, so have the benefits Red Hat receives (and gives to others). When Facebook contributes code to make their data centers more efficient, Red Hat benefits; when Red Hat contributes code to improve file systems, mobile device makers benefit; when mobile device makers contribute code to improve power consumption, super computer cooling costs go down; when super computer users contribute code to make Linux faster, Wall St. benefits with faster trading systems — and so on and so forth. So you can see that the positive feedback loop that is represented in the billions of figures above shows no signs of slowing down. Congratulations to Red Hat but also to all Linux users and ecosystem members who participate in this virtuous circle.

The “World's First DrupalCar,” a 2011 Camaro, was unveiled at DrupalCon Denver. We don't look under the hood, but we do get hands on with the hardware and software inside this proof-of-concept IVI system.

Phil Odence is Vice President at Black Duck Software and helps lead the SPDX workgroup at The Linux Foundation. He will be moderating a keynote panel next week at The Linux Foundation Collaboration Summit titled “Getting the Kinks Out of the Software Supply Chain.”

Open compliance has become a bigger area of emphasis in the Linux and open source communities as the collaborative development model and software have become widely adopted. The topic is one in which we at The Linux Foundation receive many requests for resource and more information. As part of our series of Q&As with the Summit’s keynote speakers, we asked Phil a few questions about the upcoming panel and the state of open source license compliance.

You will be moderating a keynote panel at The Linux Foundation Collaboration Summit. Can you give us a teaser about what we can expect from the group?

Odence: Everyone on the panel represents a company dependent on a software supply chain and is passionate about achieving efficiency and license compliance. Their organizations are unique, so each has their own perspective. It will be a great combination of conceptual agreement and differing perspectives.

How has the global supply chain changed in recent years and how is this impacting open source license compliance?

Odence: Two things: 1) Software has gone from from being developed within four walls to across complex supply chains, and; 2) the use of open source has ramped dramatically. Companies assembling software don’t have very good upstream visibility and at the same time know there’s lots of open source in the code and therefore potentially many license requirements with which they need to comply.

What are some of the key challenges companies still face with regards to open source licenses and compliance? What is being done to address them?

Odence: It’s a lot of work and it tends to be redundant, i.e. repeated down the supply chain. It’s that frustration that has lead a number of companies to come together to work on SPDX. There are other components to the answer—polices, processes, eduction, tooling—but SPDX is a keystone.

Can you tell us more about SPDX and how it works?

Odence: It conceptually simple: A common way to represent what’s in a software package and the associated license. There are devilish details, but the idea is that if everyone in a supply chain is sharing information in this way, it makes it much easier and cheaper to know what’s in the software and what the licenses are.

The SPDX workgroup has really advanced work on how to ease open source license compliance. Can you tell us how the group was able to accomplish so much? Companies and community members can learn a lot from others about best practices on how to collaborate.

Odence: While the group is not developing software per se, from the outset we’ve run ourselves like an open source project without a lot of rules, hierarchy, structure or budget. Everyone involved is open source savvy so we can tell new participants, “We run like an open source project,” and they get it. The support of The Linux Foundation was helpful in initially assembling a critical mass, and on a ongoing basis, the infrastructure and events have provided us logical gathering opportunities and places. I’m not sure we’d ever actually see each other without Linux events.

What’s next for the SPDX group?

Odence: Each of our three teams has a clear, going forward focus. The Business Team needs to drive broader adoption across, as well as up and down supply chains. The Technical Team wrestles with evolving the spec to support hierarchy in an intuitive and simple way. The Legal Team has a real gem in the standard license list we developed; they are polishing that up and defining a process to expand it.

Literally our next step after the Collaboration Summit is the Forum we are running in San Jose on Friday, April 6. We welcome any locals who want an in-depth introduction to join us.