Guilty or not guilty

Using clone metrics to determine open source licensing violations

Akito Monden, Satoshi Okahara, Yuki Manabe, Kenichi Matsumoto

Research output: Contribution to journalArticle

10 Citations (Scopus)

Abstract

Unintentionally violating open source software (OSS) licenses by reusing OSS code is a serious problem for both software companies and OSS developers. The simplest intuitive way to identify such reuse is to measure code clonesduplicated code fragmentsbetween a suspected program and an existing OSS program. The question then becomes, what is the lower bound of code clone measurements needed to conclude that the suspected program is guilty (reused code exists) and the upper bound needed to conclude that it is not guilty? In their analysis of 1,225 pairs of OSS products, the authors found 121 with reused code. They experimentally explored the boundaries for three code clone metrics: maximum clone length (MCL), number of clone pairs (NCP), and local product similarity (LSim). Using these metrics, they identified guilty, not guilty, and suspicious programs.

Original languageEnglish
Article number5661763
Pages (from-to)42-47
Number of pages6
JournalIEEE Software
Volume28
Issue number2
DOIs
Publication statusPublished - Mar 2011
Externally publishedYes

Fingerprint

Open source software
Industry

Keywords

  • open source software reuse
  • product metrics
  • software licensing violations

ASJC Scopus subject areas

  • Software

Cite this

Guilty or not guilty : Using clone metrics to determine open source licensing violations. / Monden, Akito; Okahara, Satoshi; Manabe, Yuki; Matsumoto, Kenichi.

In: IEEE Software, Vol. 28, No. 2, 5661763, 03.2011, p. 42-47.

Research output: Contribution to journalArticle

Monden, Akito ; Okahara, Satoshi ; Manabe, Yuki ; Matsumoto, Kenichi. / Guilty or not guilty : Using clone metrics to determine open source licensing violations. In: IEEE Software. 2011 ; Vol. 28, No. 2. pp. 42-47.
@article{8f4c917c1a47461e98cc183f9f58f8e8,
title = "Guilty or not guilty: Using clone metrics to determine open source licensing violations",
abstract = "Unintentionally violating open source software (OSS) licenses by reusing OSS code is a serious problem for both software companies and OSS developers. The simplest intuitive way to identify such reuse is to measure code clonesduplicated code fragmentsbetween a suspected program and an existing OSS program. The question then becomes, what is the lower bound of code clone measurements needed to conclude that the suspected program is guilty (reused code exists) and the upper bound needed to conclude that it is not guilty? In their analysis of 1,225 pairs of OSS products, the authors found 121 with reused code. They experimentally explored the boundaries for three code clone metrics: maximum clone length (MCL), number of clone pairs (NCP), and local product similarity (LSim). Using these metrics, they identified guilty, not guilty, and suspicious programs.",
keywords = "open source software reuse, product metrics, software licensing violations",
author = "Akito Monden and Satoshi Okahara and Yuki Manabe and Kenichi Matsumoto",
year = "2011",
month = "3",
doi = "10.1109/MS.2010.159",
language = "English",
volume = "28",
pages = "42--47",
journal = "IEEE Software",
issn = "0740-7459",
publisher = "IEEE Computer Society",
number = "2",

}

TY - JOUR

T1 - Guilty or not guilty

T2 - Using clone metrics to determine open source licensing violations

AU - Monden, Akito

AU - Okahara, Satoshi

AU - Manabe, Yuki

AU - Matsumoto, Kenichi

PY - 2011/3

Y1 - 2011/3

N2 - Unintentionally violating open source software (OSS) licenses by reusing OSS code is a serious problem for both software companies and OSS developers. The simplest intuitive way to identify such reuse is to measure code clonesduplicated code fragmentsbetween a suspected program and an existing OSS program. The question then becomes, what is the lower bound of code clone measurements needed to conclude that the suspected program is guilty (reused code exists) and the upper bound needed to conclude that it is not guilty? In their analysis of 1,225 pairs of OSS products, the authors found 121 with reused code. They experimentally explored the boundaries for three code clone metrics: maximum clone length (MCL), number of clone pairs (NCP), and local product similarity (LSim). Using these metrics, they identified guilty, not guilty, and suspicious programs.

AB - Unintentionally violating open source software (OSS) licenses by reusing OSS code is a serious problem for both software companies and OSS developers. The simplest intuitive way to identify such reuse is to measure code clonesduplicated code fragmentsbetween a suspected program and an existing OSS program. The question then becomes, what is the lower bound of code clone measurements needed to conclude that the suspected program is guilty (reused code exists) and the upper bound needed to conclude that it is not guilty? In their analysis of 1,225 pairs of OSS products, the authors found 121 with reused code. They experimentally explored the boundaries for three code clone metrics: maximum clone length (MCL), number of clone pairs (NCP), and local product similarity (LSim). Using these metrics, they identified guilty, not guilty, and suspicious programs.

KW - open source software reuse

KW - product metrics

KW - software licensing violations

UR - http://www.scopus.com/inward/record.url?scp=79952126469&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=79952126469&partnerID=8YFLogxK

U2 - 10.1109/MS.2010.159

DO - 10.1109/MS.2010.159

M3 - Article

VL - 28

SP - 42

EP - 47

JO - IEEE Software

JF - IEEE Software

SN - 0740-7459

IS - 2

M1 - 5661763

ER -