An organizational-technical concept to deal with open source software license terms

Open source software (OSS) released under various license terms is widely used as third party libraries in today's software projects. To ensure open source compliance within an organization, a strategic approach to OSS management is needed. As basis for such an approach, we introduce an organizational-technical concept for dealing with the various OSS licenses by using procedural instructions and build automation software. The concept includes the careful consideration of OSS license conditions. The results obtained from this consideration and additional necessary commitments are documented in a so-called license playbook. We introduce procedure instructions enabling a consistent approach for software development using OSS libraries. The procedure instructions are described in a way such that they can be implemented for example for Java projects using the popular build automation tool Apache Maven and the software repository tool Nexus. We give guidance on how to realize such an implementation on basis of automation tools in practice.