1999 - 2000 - 2001 - 2002 - 2003 - 2004 - 2005 - 2006 - 2007 - 2008 - 2009 - 2010 - 2011 - 2012 - 2013

Announcement - Call for participation (ASCII) - Hotels - Directions - Agenda - Paper Abstracts - Presentations - Registration - Abstract Submission - Sponsors - Gallery

What is Coccinelle? - Linux RTOS Howto - Git version control - GPL compliance - openPOWERLINK - Linux kernel analysis - OSADL QA Farm

by Armijn Hemel, Tjaldur Software Governance Solutions

Checking a device for GPL license compliance (also called 'GPL compliance engineering') is often seen as black magic. Many companies in the consumer electronics industry have told me that for them it is impossible to check what they get from suppliers for license compliance because they simply don't know how to do it. My experience on the other hand is that it is quite straightforward to check for license compliance. In the vast majority of cases detection of what's in a binary and verification with a source code archive is even so simple that it can be automated using very straightforward methods. In the past few years I have been working on tooling for compliance engineering and proven that they work in audits, like the OSADL license compliance audits.

In this workshop I want to explain why things go wrong in the consumer electronics industry and what common mistakes are made. I will also explain what methods you can use for verifying binary code and source code, describe challenges in compliance engineering, future work and research topics, plus give you some hands on experience on verifying a firmware or two.

Armijn Hemel, MSc, is the owner of Tjaldur Software Governance Solutions. He specialises in GPL compliance engineering and creating tooling and methods for GPL compliance engineering. As a former core team member of gpl-violations.org he has extensive knowledge of the field and is currently trying to make it easier for both companies and copyright holders to find and fix possible license issues.