Black Duck Software

In the process of reporting on a press release announcing the increase in open-source health-related software in 2010, Open Health News talked to Peter Vescuso, Executive Vice President of Marketing and Business Development for Black Duck Software and gathered the following information.

Black Duck Software is the leading global provider of strategy, products, and services for enabling enterprise scale adoption of open source software (OSS). They believe the future of software development relies on the effective and informed use of open source software. Black Duck enables companies to shorten time-to-solution and reduce development costs while mitigating the management, security and compliance challenges associated with using open source software.

The first step in the development of any software application is to determine where the application fits in the taxonomy of existing projects and to look for reusable code in order to avoid duplicative effort. Ordinarily this would require developers to keep one eye on their own projects and the other scanning everyone else's similar projects, but Black Duck Software has created a couple of tools to obviate much of the burden.

Black Duck is well-known in the open-source world for its code-search solution. According to Vescuso,  Black Duck continuously searches the internet for open, downloadable code. The result of this is “the industry’s most comprehensive database of open source software and associated license and other information.” They call this the Black Duck KnowledgeBase. Vescuso said that the number of active projects that Black Duck tracks is greater than half a million—and the projects include billions of lines of code—and that they try “to maintain a living connection to each project.” To facilitate that connection, he says there is a team of Black Duck employees, called “spiders”, whose job it is to ensure that the KnowledgeBase stays up to date.

But the most important feature of the KnowledgeBase, what makes Black Duck's claim of a living connection to each project, according to Vescuso, is its rich metadata. Black Duck tags each project with a description, information on the community that produced and maintains it, a full release history, and a variety of other information that helps users to evaluate the quality and usefulness of the code. In addition, the KnowledgeBase contains detailed data on over 2,000 licenses, allowing users to make quick license compatibility determinations.

Black Duck has over a thousand customers, ranging in size from individuals and startup companies to major corporations such as Intel and SAP. Vescuso told Open Health News that collaboration is the new standard in application development. Black Duck works across all industries, but Vescuso made special mention of health IT. He affirmed that the healthcare industry needs innovation; it needs to keep pace with the demand of the community it serves. In order to do this, developers need solutions like those offered by Black Duck, saving them both time and money and allowing them to focus on the true necessities.

Vescuso said that since the KnowledgeBase was designed and is maintained for the open-source world, Black Duck maintains and supports a couple of open-source communities:

One is, a free search engine for open-source code, acquired in 2008 and incorporated into the KnowledgeBase. At that time, had indexed some 766 million lines of code in 32 programming languages. After Black Duck incorporated the additional projects tracked by its KnowledgeBase into the Koders index, the number of indexed lines had increased by 210%.

The second community is, a tool for evaluating projects quality and usefulness. While Koders is an index, Ohloh is something of a social network; according to its website, it is a forum for public review of open-source projects, creating historical reports from directory data to track changes in the open-source world.

Black Duck is also an active member of the greater OSS community. For example, they hold memberships with the Linux Foundation, the Eclipse Foundation, Open Health Tools, Open Source for America, the Open Source Software Institute, and more.