What is open core licensing (and what isn’t) UPDATED

This is an updated version of a post that was originally published in July 2009. It has been updated in response to ongoing confusion about open core licensing.

There has been a significant amount of interest in the open core licensing strategy since Andrew Lampitt articulated it and its benefits for combining open source and closed source licensing.

There remains considerable confusion about exactly what the open core licensing strategy is, however, which is strange since the term arrived fully packaged with a specific definition, courtesy of Andrew. Recently I have begun to wonder whether many of the people that use the term open core regularly have even read Andrew’s post.

I feel somewhat responsible for this given that our Open Source is Not a Business Model report was partly responsible for the increased use of the term open core, and since I remembered that it was this post about commercial open source strategies that prompted Andrew to define open core in the first place.

Additionally, since business models related to open source are evolving constantly, I thought it was worth revisiting the definition of open core and putting it in some context.

What is open core?
According to Andrew’s original post it is a licensing strategy whereby a vendor combines proprietary code with open source code, where “the commercial license is a super-set of the open source product, i.e., it offers premium product features that you will not see in the GPL license”.

At first Andrew was very specific about the use of the GPL license and a development model dominated by a single vendor. However, it quickly became clear that a company like EnterpriseDB, which provides proprietary extensions on top of the community-developed, BSD-licensed PostgreSQL database, also fits the general model.

Therefore, Andrew clarified that there were Vendor Controlled (VC) and Community Controlled (CC) variants on open core.

Incidentally, Andrew did not create the open core strategy. As he himself admitted, he “invented nothing, just articulated it”. Credit goes to Barry Klawans and Paul Doscher (Jaspersoft co-founders), as Andrew noted.

In fact our research indicates that the formation of companies using the open core licensing strategy had already peaked by the time the term was coined – but more on that another day.

What isn’t open core
Sometimes it is easier to define what something is by explaining what it isn’t. Open core is a commercial open source strategy, but just as “all of Alma Cogan is dead, but only some of the class of dead people are Alma Cogan”, not all commercial open source strategies are open core (and more specifically, given recent statements, not all strategies that involve copyright agreements are open core – more on that another day as well).

So, to clear up some apparent confusion:

  • Red Hat’s strategy is not open core

Red Hat reserves support and features for paying customers, but it does not do so using closed source licensing (a prerequisite of open core). Instead Red Hat gives away the source code but withholds the compiled, binary version for paying customers.

(N.B. Beware companies claiming to be following “The Red Hat model” as they invariably aren’t – most often I find they mean that they use a subscription revenue model. Very few companies have copied Red Hat’s model for a variety of reasons – a subject I’ll leave for another post.)

  • Dual licensing is not open core

In fact, as Andrew Lampitt explained in his definition, open core is a variant of dual licensing (or proprietary relicesing, as some like to call it, or indeed “selling exceptions”). The important thing to note is that in the dual license strategy a single code base is available under an open source or closed license, while with open core the closed source licensed code is a superset of the open source code. Both result in closed source software, but only in the open core strategy is the closed source version functionally different from the open source version.

  • The MySQL strategy is not open core (yet)

One of the reasons for the confusion is that MySQL originally started out with a dual license model but changed over time to the subscription revenue model, and flirted with open core. At this point the strategy for MySQL remains dual licensing. It remains to be seen whether the MySQL Server code for Enterprise Edition 5.5 will be different from Community Edition with the inclusion of MySQL Enterprise Backup (which would make it open core) or if the new capabilities will be delivered as a subscription service.

  • Subscription strategies are not open core

Although they are a step in that direction. The subscription model provides vendors with a mechanism to distribute value-added features to paying customers. Until now the additional capabilities in MySQL Enterprise (such as Enterprise Monitor) have been delivered as a service via the MySQL Enterprise subscription. Although the code for Enterprise Monitor has not been made available, we would see this strategy as distinct from open core since open core results in a product with a different code base, where as the MySQL Server code in Enterprise and Community is the same. To differentiate from regular support subscriptions I have used the term value-added subscription to refer to this type of subscription. Other examples include Canonical’s Ubuntu Advantage and Nuxeo’s Connect. I would also put Red Hat Network and JBoss Operations Network in this category, although the source code for those value-added services was originally closed, it has now been made available as open source (as previously discussed).

  • Open foundation is not open core

Vendors such as IBM, Cisco, Oracle and SAP (in fact just about every software vendor) include open source code within larger closed source software packages and hardware products. There is a fine line between the two, but as I previously explained while open core involves offering proprietary extensions targeted at a segment of the open source project user base, open foundation involves using open source software to create entirely new products, targeted at a different user base.

  • Microsoft’s open source strategy is not open core

Microsoft is undoubtedly making use of more open source and encouraging open source development on its platforms, but its strategy is by definition not open core since it is extremely unlikely the core will ever be open source. In fact, as previously discussed, Microsoft’s strategy turns the open core strategy on its head by encouraging open source development around a commercial core, and has been described by Microsoft as open edge, and by Andrew Lampitt (more amusingly) as open crust. We have adopted the term open edge to describe this strategy and have seen it adopted by a small number of players beyond Microsoft.

On the importance of copyright assignment

Some weeks ago Luke Kaines stated his observation that “requiring copyright attribution is a greater sin than providing commercial add-ons”.

His perspective was based on the theory that requiring copyright assignment restricts the developer community, a theory that was apparently repeated by Dave Neary during the recent OSBC event (I missed that session due to our CAOS client lunch).

Daniel Chalef of KnowledgeTree provided some evidence of Dave’s perspective and also the contrary view that the assignment of copyright is critical not just for vendor-dominated projects but also for community projects such as The Mozilla Foundation, The Apache Foundation and The Free Software Foundation.

Daniel referenced Eben Moglen and his explanation of why the FSF requests copyright assignment: “If there are multiple authors of a copyrighted work, successful enforcement depends on having the cooperation of all authors.”

Meanwhile I am also reminded of the presentation given by Lawrence Rosen during the Eclipse Open Source Strategy Summit when he discussed the fact that it would be almost impossible for the Linux kernel to relicensed from the GNU GPLv2.

For vendors that dominate their own projects, Daniel also notes the importance of being able to provide indemnification for customers.

Some time ago I discussed with Marten Mickos the potential for Sun to encourage contributions to MySQL by changing its rules on copyright assignment given the diminishing importance of commercial license version in MySQL’s revenue mix and Marten pointed out that the main reason Sun would continue to require assignment was not to be able to relicense but to be in a position to stand behind the code (although the MySQL project did adopt the more flexible Sun Contributor Agreement, as referenced in the comments below).

Which isn’t to say that copyright assignment is essential for every project, but it does demonstrate that the assignment of copyright isn’t intrinsically linked to a vendor-dominated development project.

Also worth reading on this topic is Andrew Lampitt’s recent update on the Open-Core licensing definition in which he proposes two variants based on whether the copyright is controlled by a vendor or community and lists some of the benefits and risks to the vendor, customer and community, or each approach.

451 CAOS Links 2009.03.27

Red Hat’s financial results. Further Sun acquisition rumours. OSBC round-ups. Cloud. Microsoft. Vendor lock-in. Linux on the desktop (or not). Transparency. Open source in the travel industry. And more.

Follow 451 CAOS Links live @caostheory

Given a large number of events, meetings, presentations and conference sessions to attend this week I am dispensing with the commentary/smart alec remarks. Here are the major headlines from the final two days of EclipseCon, OSBC, etc:

# Red Hat announced annual revenue of $653 million, up 25% from prior year.

# Savio Rodrigues: Don’t worry about Red Hat’s 2009 profit decline.

# Sourcefire named new board member.

# OStatic: Sun Microsystems Was Shopped Around to Potential Buyers for Months.

# The Register: Oracle and HP proposed joint Sun dismemberment deal.

# Matt Asay: Is open source enabling next-gen vendor lock-in?

# Andrew Lampitt introduced two variants on the Open-Core licensing strategy.

# Zack Urlocker: OSBC blog report: It’s all about disruption.

# InfoWorld: Red Hat CEO questions desktop’s relevance in Linux debate.

# Savio Rodrigues: Open source can teach the software industry to use transparency for joint customer/vendor benefit.

# “I respectfully disagree.” Carlo Daffara gives his take on the Microsoft open source software white paper. Our take is here.

# Stephen Walli declared IBM the winner of Wednesday’s OSBC keynote contest between Sun, Microsoft, and IBM.

# InformationWeek: Sun Links Open Source Strategy To Cloud Computing.

# Infoworld: Microsoft holds hands with but won’t join Eclipse.

# Novell’s John Dragoon wrote in Forbes on how the U.S government could “save billions and foster innovation” with open source software.

# Sun launched version 3 of its Virtual Desktop Infrastructure software.

# Deutsche Post spin-off SOPERA introduced next-generation application development platform.

# Essentia released next generation of EssentiaESP for building online communities.

# Eric Raymond explained why the world doesn’t need reciprocal licenses.

# Aptana unveiled cloud integration for Java and Eclipse.

# Red Hat announced contribution to Apache CXF.

# MindTouch delivered the Social Media News platform powered by MindTouch.

# EclipseSource introduced security for open source downloads.

# Farelogix launched ‘Project Hawkeye’, an open source travel management point-of-sale application.

# Swiss company Skysoft started Albatross, a set of open source applications for air traffic controllers.

Further thoughts on defining “open source vendor”

Savio Rodrigues picked up the ball and ran with it, furthering the discussion on what makes a vendor an “open source vendor”. I left a few comments to Savio’s post that I thought were worth repeating here.

First off, Savio altered my definition slightly to ensure that the likes of Google and Amazon could not be considered “open source vendors”. This is what he came up with:

    “An ‘open source vendor’ is one that develops, contributes to, and distributes open source licensed products, which are integral to driving its revenue.”

Which I think does a good job, although as Savio notes:

    “The problem with this definition is how it applies to companies such as IBM, HP, and Accenture. They all contribute to and distribute Linux and other open source in order to generate revenue from servers or implementation services. As such, they would be considered “open source vendors” by my definition.”

As I commented, The discussion around The five stages of community open source engagement considered the fact that different business units within the same company can exhibit different attitudes to open source.

Consider Actuate and its BIRT business, which is a small but growing business based around the Eclipse BIRT project ($15.4m in 2008, compared to $131m for the company as a whole).

We will see more and more companies taking this approach to open source I believe. Progress and its FUSE business is another.

I wouldn’t consider Actuate or Progress (or IBM or HP) to be “open source vendors” so there’s a line to be drawn somewhere.

Perhaps the definition needs to be refined to take that into account, although I wouldn’t want to be the one who had to decide to draw that line (except for my own purposes).

Carlo Daffara, who has been at the forefront in terms of examining open source business strategies, commented:

    “We used a very similar one for our work in classification of business models. We set an (approximate) threshold on 33% of revenues from OSS-related activities, as in our informal experiments with clustering around revenues we found that was the ‘barrier’ across groups (the light-OSS companies like IBM or HP) and the OSS-based companies (like Alfresco, Actuate, etc.)”

As Carlo admits, however, “having a strict number as a barrier is problematic given obtaining realistic data on percentage of revenue is quite difficult.”

Meanwhile Andrew Lampitt asked whether this wasn’t just a re-hash of the “Is Obama black enough debate” referenced by Shaun Connolly in relation to the debate over types of open source community.

To which I would have to admit that yes, defining what constitutes an “open source vendor” is mostly an academic exercise that it of interest to only a few people. I have to do this sometimes to define the vendors that we cover in some of our reports, while others are trying to do it to meet their own commercial ends.

On our recent podcast Raven commented that a strict definition was not necessarily a good thing, echoing Shaun’s perspective that “Like the software these communities produce, the definition of community needs the chance to evolve and change in ways that we can’t even imagine.”

I was reminded of the phrase “you can’t be a little bit pregnant”. Can you be “a little bit open source”? Some would say no. I believe you can, and that there are degrees of openness with OpenNMS at one end and Microsoft at the other and Hyperic and Actuate and IBM somewhere in between.

451 CAOS Links 2009.02.03

US Department of Defense launches Forge.mil. VMware announces View Open Client. SugarCRM previews cloud services. Openbravo appoints Vavision founder to board. The Free Software Song in retrospect. And more.

DOD goes OS
Federal Computer week revealed that the US Department of Defense has created Forge.mil, a hosting site for DOD open source projects. The report indicates that “Forge.mil users must use a common access card for authentication. Smart cards also help control access to sensitive information.”

As does VMware
Well, not quite. But the company has announced an open source client for virtual desktop infrastructure called VMware View Open Client. Available under the GNU LGPL version 2.1, the code is hosted at Googlecode.

SugarCRM gets busy
SugarCRM kicked off its SugarCon 2009 customer event with details on new features such as links to cloud services. It also announced a partnership with Tata Communications, a new training program and DimDim integration via MyCRM.

Actuate reports strong BIRT growth

Actuate released its financial results for Q4 and full year 2008. While totral revenue was down, to $33.2m from $39.2m in the fourth quarter and to $131.0m from $140.6m in the full year, the open source BIRT-related business exceeded $4.5m in Q4 and totaled $15.4m for the year, up 93%.

JP Morgan swaps source code

JP Morgan transfered its CDS Analytical Engine to the International Swaps and Derivatives Association. According to the ISDA: “The CDS analytical engine, originally developed by the Quantitative Research group at J.P. Morgan, is widely used in the industry to price CDS contracts. ISDA will make the analytical engine available as open source code, thereby increasing transparency around CDS pricing.”

Novell layoffs
The cuts may not have been as deep as Matt Asay‘s sources originally indicated, but Novell confirmed that it has cut 100 jobs. Nevertheless, the company is also looking to make acquisitions according to CIO.com.

Openbravo gets some Microsoft experience

Openbravo gets a new board member and VP of commercial operations, both with Navision and Microsoft experience. Jesper Balser, Co-Founder and former CEO of Navision, has joined the board of directors, while former Microsoft executive Cees Poortman is VP of Global Commercial Operations.

Perfecting Open Core Licensing
Andrew Lampitt previously defined Open Core Licensing, to explain the strategy of vendors that build proprietary extensions around a core open source project. The strategy theoretically provides a balance between commercial and community user requirements, but that balance is hard to maintain. In his latest post Andrew provides some tips and discusses the role of the Affero GPL.

Open Windows
The open source Windows debate rumbles on. Charles Babcock insists that Windows must go open source to help Microsoft maintains its developer ecosystem and drive down costs. Joe Brockmeier explains why he thinks its not going to happen soon while Stormy Peters waxes theoretical on what it might mean.

The best of the rest
InfoWorld notes that Andi Gutmans has taken the reigns at Zend Technologies as Harold Goldberg has departed the PHP tools company.

What do community managers, you know, do? asks Joe Brockmeier.

Andrew Lampitt reports that zAgile is going open source.

Baseline provides some tips for taming the wild open source implementation.

LimeWire creator brings open source approach to urban planning reports Wired.

The Free Software Song in a Previous Life
“All I can say is…. holy christ, this was 9 years ago. And it’s still just as embarrassing today as it was then – but because I’m further removed now, I can LMAO about it :)” John Mark Walker

Andrew Lampitt defines Open-Core Licensing

JasperSoft’s business development director Andrew Lampitt has kicked off his new blog with an interesting post related to business models used by open source-related vendors.

In it he attempts to define the approach utilized by the likes of JasperSoft and SugarCRM, which offer open source products with core functionality, as well as commercial extensions. The approach is a twist on the dual licensing approach made famous by MySQL* where the vendor, as copyright holder, makes the code available under both the GNU GPL and a commercial license for customers that would rather avoid the GPL.

The approach taken by JasperSoft et al is not to segment by user base but by features. As Andrew explains, “the commercial license is a super-set of the open source product, i.e., it offers premium product features that you will not see in the GPL license.”

The model is widely used (Hyperic, xTuple, Zenoss, Talend and GroundWork also use it) but has not been properly defined. Savio Rodrigues has referred to it as the “Product Driven OSS Business Model”, Carlo Daffara calls it Split OSS/Commercial, while I have used the term “Split Licensing”.

Andrew recommends referring to the model as Open-Core Licensing, arguing: “My feeling is that we would save a lot of confusion for communities, customers, and vendors if all recognize that a dual license ”open core” model is a sensible business model for all involved,” and that “In this way, it is clear to customers that there is a “core” open source product that is GPL, and there is also additional high-value available as add-on features for purchase.”

Defining the model is important because it should help customers understand the actions and strategies of their vendors and, as Andrew puts it: “If you rename what it is called, you help to remove the “bait and switch” controversy by openly recognizing it as an emerging standard business model with specific attributes associated to it.”

(It is also important to distinguish between Open-Core Licensing and what I would call Embedded Open Source, where the open source code is embedded with a larger commercial package – for example IBM has for many years embedded the Apache HTTP server within its WebSphere middleware, while the Apache Geronimo project forms the basis of its WebSphere Application Server CE product. There is sometimes a fine line between the two models.)

The term Open-Core Licensing (OCL) certainly makes sense to me and I have decided to adopt it for The 451’s forthcoming report on business models related to open source software. I had originally used the term “split licensing” but have decided to switch to OCL as some people use the term “split licensing” interchangeably with “dual licensing”, such as in this research report from the University of Southampton. (Just to confuse things further, Carlo uses “twin licensing” rather than “dual licensing”).

Another example of “split licensing” being used to describe what I would call “dual licensing” is this blog post by Kirk Wylie, a software engineer in the financial services sector, which also eloquently describes why the OCL model is of interest to customers as well as vendors.

“Let’s say you’re an open source company, and you’re trying to figure out how to sell yourself to me in the Money… “What you have to do is give me something tangible if I give you money. It’s just that simple,” he writes.

“Give me a cookie. Seriously. Give me something I only get if I pay you… It might be development tools… It might be support tools… It might be domain-specific functionality… Heck, figure out how to leverage GPGPUs or Infiniband or whatever. Just find something that I’m going to have to pay you for, and make sure it’s of merit to me. Then sell me that with my support contract.”

(Kirk also concisely describes why the subscription services model doesn’t cut it for the company he works for: “No matter how good your SLA is, getting someone to remote diagnose a problem over a telephone line during a production outage with traders yelling at you is impossible… This means that support is mostly useful pre-production, and post-outage post-mortem. In the middle of the crisis, it’s less than useless. If you can’t fix it, you shouldn’t be running it.”)

One of the issues that Open-Core Licensing raises for vendors is deciding what that cookie will be (it’s what Matt Asay has called “the nettlesome question”). It is up to the vendor to try and decide what features should be commercial and how the balance between the core and the extensions changes over time.

Savio has suggested drop-feeding features from the commercial to the open source product over time, with new features added to the commercial product to ensure customers continue to be willing to pay.

Andrew cites “a timebomb on all commercial features after a certain period of time,” that “makes those commercial features become GPL” but notes that it may not be workable “as it would make a long-term business model a lot trickier”.

As this suggests, there is more to discuss with OCL than its name. Some of the plusses and minuses of the model were discussed here. Andrew also makes the point that it is also debatable whether the code for the commercial extensions should be visible or completely closed.

Naming the model is an important first in setting the terms for the debate, however, and even though it means re-writing my ongoing research report, Open-Core Licensing gets my vote.

*Commercial licensing, via the dual license model, was originally responsible for driving MySQL’s revenue growth, although in recent years subscription services have been a more significant revenue generator.