General Information
Over the last 10 years, more and more of the source code that makes up modern software has come from third-parties, that is, not from the company that sells the product. Some of this third party code is from other commercial entities, but much of it is from the global open source community. The use of open source code is not, in and of itself, bad; in fact, its use accelerates delivery and general improves quality. However, the terms of the relevant open source license agreements must be honored. Often the biggest challenge in this regard is remembering what open source code has been included. IP-Fisher is a tool that can help with this by recognizing open source code, it produces a list of open source code used and in some cases can identify the relevant license.
IP-Fisher also incorporates several Algorithms that identify code that is attributed to a particular programmer and verifies if it indeed was written by that programmer. It is critical that companies know that all code attributed to company programmers was indeed written by them. Company liability is huge if it is found later that the Company did not have the right to use a piece of code in a finished product.
The Market
The recognition of open source is important to the ongoing operation of any software company. It is of course best to recognize that open source is being introduced into the product as soon as it happens, well before the code is built and certainly before it is sold so that the terms of the license agreement can be honors.
This issue gets special attention when a company is acquired. Buyers need to understand the ownership of the code they are buying and their on-going obligations. Even sellers need to know what third-party code may have been included in their product, since they many not know (especially if many developers have contributed to the product) and since they are generally expected to make representations about the ownership of the code.
Recognizing third-party code is also important in cases where the ownership of code is in dispute.
Recognizing code is also useful in the software development process itself. For example, developers may want to know that newer (faster, or more secure) versions of an included open source project may be available and that the one originally included should be updated.
Black Duck is the largest competitor in the market of identifying open source code in company owned code. They rely heavily on a data base of open source code. Their data base is the largest in the industry yet covers only 50% of all open source code.
IP-Fisher takes a different approach to solving the problem. It compares code attributed to all company programmers and then identifies if each programmer did write the code that is attributed to them. Programming is like handwriting. IP-Fisher can identify if code is suspect and further investigation can be made.All companies that merge with another must certify that all code being included in the merger is owned by the selling company. Buyers also want to verify themselves if critical code is owned by the selling party.
Potential users of IP-Fisher include:
Lawyers
Merger & Acquisition specialists
Venture Capitalists
Universities that license software
Companies that sell source code software
Companies that buy source code software
Any merger candidate for Buy or Sell
The Product
Differences between the Invention and the prior art:
From the description at the Black Duck web site, it seems that they compare small parts of the source code to find potentially matching code. My approach uses broader statistics and abstractions of the entire piece of code to measure similarity.
Advantages of the Invention over the prior art:
Code can be manipulated so that none of it matches specific patterns, thus defeating the spot checks performed by Black Duck. However, the general structure and complexity of the problem the target code solves is harder to change. Without re-thinking the whole approach, the solution (the code) still has the same inherent complexity.
Patent Information
Dr. Kevin Seppi has been using this code for 5 years for consulting work associated with evaluating the ownership of source code. The code has been copywrited by BYU.
Inventor(s)
Dr. Keving Seppi - Associate Professor - Computer Science Department
Licensing Information
Licensed to Wiora Software GmbH
Contact: Dee Anderson - Associate Director - BYU technology Transfer Office 801-422-3676