The Linux Foundation this week launched the Open Compliance Program, its set of open source software tools and training to further ease open source adoption, including a self-assessment checklist and new data exchange standard for reporting software information, such as license and legal requirements. The program consists of six components: tools such as software dependency checker, bill of materials checker and code janitor that covers code in source code comments such as future product information; self-assessment checklist; SPDX standard with workgroup for standardization of bill of materials and labeling of open source components; compliance directory with alerting system; training and education; and community, which is part of FOSSBazaar.

The offering is somewhat similar to what Black Duck Software, OpenLogic, Palamida, Protecode and HP’s open source FOSSology do, though it is not necessarily as comprehensive and thus not as competitive. The Open Compliance Program is intended to help users of open source — which increasingly are mobile device and software makers, embedded software developers and ISVs and service providers — know their code. We’ve previously discussed how difficult economic conditions can benefit open source software, which is (associated with cost savings) and reduce the ‘risk threshold for using open source,’ and now that more organizations are using open source, there is more demand to understand the ramifications and real risks that go along with the benefits.

A long list of supporters and endorsers of the Open Compliance Program include: Adobe, AMD, ARM, Cisco, Google, HP, IBM, Intel, Motorola, NEC, Novell, Samsung, Sony and the Software Freedom Law Center.

This is not the first effort toward more standardization of the actual adoption of open source software. Previous efforts include the Open Solutions Alliance, which has been fairly quiet since its 2009 merger with the OW2 Consortium. Prior to that, there was the Linux Standard Base, led in large part by Linux Foundation executive director Jim Zemlin, who is widely credited for the cross-industry and developing market growth of the foundation’s membership. So while there is always some skepticism and redundancy in such efforts (this one most likely with the existing FOSSBazaar community), the Open Compliance Program appears to be scratching the right itch.

One thing we continue to hear — whether in enterprise software, embedded software, mobile devices, service providers or other markets — is a demand for alternatives amid a lack of standard technology. This highlights the ongoing opportunity for open source software, which has evolved and matured and in many ways come of age, but which still appears to be in the early stages of reaching fall of its potential.