SAP implements Black Duck Suite

SAP is implementing the Black Duck Suite to manage open source code in its applications. This is being seen as an indicator of how far the company has come in its acceptance of open source as a catalyst to speeding up the development process.

SAP's problem is a challenge that faces many companies when incorporating open source code. There is a range of licences that accompany the components and these have to be complied with before the code can be used in otherwise proprietary software.

The Black Duck Suite handles the management, compliance and security issues associated with open source. It provides a search engine for selecting open source code, monitors the components in use and validates them before they are deployed.

Francis Ip, head of global technology legal compliance at SAP, said: "With the continuously increasing importance of open source globally and SAP's recent strategic change towards systematically utilising benefits that come with open source, it was necessary for us to scale our open source process through further automation."

SAP first considered introducing open source in 2001, but it was seen as a risky option and managed as an exception.

In 2002, it joined the Eclipse Project, but it was an uneasy relationship for the first five years. In the past few, the company's relationship with the open source movement has improved as it began to see it as a productivity enabler.

Initially, external components were strictly controlled but the implementation of Black Duck will allow greater freedom for the SAP developers to validate and incorporate open source in a fully compliant way.

Bob Tarzey, analyst and director at Quocirca, said: "SAP is just recognising the reality in the growth of open source. Some of its code is built from the bottom up but increasingly exciting proprietary code is being put in the public domain under open source licences."

"Like many other software vendors, it makes little sense for SAP to reinvent the wheel for utility functions."