Abtracts


Keynote
OSS Ecosystem
OW2 Projects Showcase
OSS State of the Art
Colloborative R&D Projects
OSS Good Governance

Wednesday, June 17

09:30
European Commission
( Luis Busquets )
The ICT domain is certainly the fastest moving sector in the economy. The late developments in the XX century seemed to bring a world where the step to produce new innovation would become locked to new entrepreneurs and only those controlling the previous innovations would be able to produce more. However, Open Source has changed this paradigm. Today, we see how Open Source Software has succeeded everywhere but in a way that was not foreseen neither by its advocates nor its detractors. The world is now in the verge of a digital industrial change and Open Source Software and Hardware will be game changers in this (r)evolution.
09:45
OSS Country Intelligence Report
( Open Source Observatory (OSOR) Team - European Commission )
The objective of this presentation is to briefly present the country intelligence reports on open source software policies within the 27 EU Member States and the United Kingdom. Produced as part of the Open Source Observatory (OSOR) of the European Commission, the reports provide an overview of the governance, political and legal frameworks as well as open source software initiatives. We will focus on two aspects: public sector bodies addressing open source software and legal and political initiatives specifically addressing open source software. Our presentation will also include insights on key governmental bodies and strategic players involved as well as examples of the political and legal frameworks addressing open source.
10:00
Can end-users Apps also be Open-Source ?
( Ludovic Dubost )
Open-Source is highly present. However, the competition in the end-user app space with Cloud providers is tough. A lot of proprietary solutions exist and are build on Open-Source libraries and technologies, but are not shared as Open-Source. XWiki SAS is a provider of open-source collaboration apps (XWiki, CryptPad) for now 15 years living only off it's Open-Source technologies. How is it possible to develop Open Source end-user apps ? What are the challenges to achieve this ? How do you finance the technology ? How do you sell it ? How do you differentiate your software from proprietary solutions ? This is the aim of this presentation, to share our experience and our history.
10:15
LibreOffice 10th Anniversary: the many faces of a Global FOSS Community
( Italo Vignoli )
LibreOffice was announced in 2010 and will celebrate its 10th anniversary in 2020. During these 10 years, the global community has grown from a small group of volunteers - mostly based in Europe - to a large and diverse group of free software advocates active in most countries. The presentation will discuss the challenges faced by the community during its incredible growth over the past 10 years.
10:30
Towards a sustainable solution to Open Source Sustainability
( Tobie Langel )
A few years ago, Heartbleed epitomized a massive open source sustainability problem for critical parts of the internet infrastructure. The bug, which affected the popular OpenSSL cryptographic software library, notably compromised the confidentiality of 4.5 million US patient records and cost the industry an estimated $500M. It was soon revealed that the root cause of the issue was that OpenSSL was precariously understaffed. Open source sustainability became a major theme overnight. Stories of maintainer burn-out made the headlines. And tentative solutions started to emerge, most of them donation-based. In this talk we’ll explore a number of existing strategies to fund open source and make it more sustainable, from patronage to dedicated ad networks. And we’ll defend the idea that the best path to open source sustainability is to help companies understand the tangible business value they can get from contributing to open source.
10:45
NGI Pointer: Changing the Fabric of the Internet
( Claire Tonna )
This presentation will talk about the NGI Pointer project, which was born under the wider NGI Initiative. We will talk about the Open Call, which provides an opportunity for individuals and entities which we call NGI Architects, to apply for up to 200k EUR of funding. The funding will go towards bottom-up projects looking to change the fabric of the internet and the web.
11:15
Software Heritage: a revolutionary infrastructure for Software Source Code
( Roberto Di Cosmo )
Open Source Software is at the heart of our digital society and embodies a growing part of our technical and organisational knowledge, and this raises many questions: how to comply with the obligations of Open Source licenses? how to be sure that the source code of a key module we use will be still there when we need it in the future? do we really know what source code we are using, and where it comes from? how can we adress cybersecurity if we do not know? how do we share this information across the software supply chain? Answering these questions and answering them well is quite a challenge. In this presentation, you will discover Software Heritage, an open non-profit initiative, in partnership with Unesco, and supported by major IT players, and how the revolutionary infrastructure it is building changes the way we adress these issues. With 8 billions unique source files from 120 million repositories, it is the largest archive of source code ever built. You can already access and use this infrastructure. We now invite you to help it grow, and take part in its unique undertaking.
11:30
Introducing LDAP Synchronization Connector, a new OW2 project
( Clément Oudot )
LDAP Synchronization Connector was accepted some months ago in OW2 consortium. This presentation aims to explain what the product does and how it can help system adminsitrators dealing with identity management. LSC is part of FusionIAM, another OW2 project.
11:45
Boost dataviz with Python
( Marco Balestri )
The new R/Python widget allows to embed R and Python scripts directly within a cockpit filling a gap between datavisualization and datascience. With this widget, datascientists are able to integrate python facilities in a heterogeneous and multi-source environment and to present advanced analytics to a broader audience.
12:00
XWiki: A web development runtime platform
( Vincent Massol )
When developing a web application, the traditional way is to develop the application from scratch using a general purpose language such as Javascript, Python, Java, Ruby, PHP, etc. This presentation will show that a next generation wiki (examples based on XWiki: http://xwiki.org) can be used as a web development platform to develop applications on top of it, providing a strong infrastructure scaffolding to building web applications. The advantages are similar to those of using an application sever. However whereas an application server offers technical services only, a wiki platform offers higher level services such as content management, rendering, storage, WYSIWYGeditor, user management, and a lot more. Not only are these services offered, you can develop using them in your traditional IDE or in the runtime, directly in wiki pages. This allows developing web applications extremely quickly, collaboratively and with a fast turnaround time, which is perfect for adhoc web application development.
12:15
Cryptography: zero knowledge proof and multi party computation
( Andrea D'Intino )
Zenroom is a tiny and cryptography smart contract executor that integrates in any application to authenticate and restrict access to data and execute human-readable smart contracts. In the video we show how to run Zenroom as a command line application or how to use the WASM-based web demo.
14:00
Redefine Corporate CyberSecurity Frameworks under "COVID-19" Situations
( Jesus Escolar )
Elevator Pitch: This talk is about the redefining the existing frameworks on CyberSecurity used in corporate environments to explain and prove the needed changes to apply in order to comply to with unexpected situations, as national confinement. Description: How does look like the existing corporate cybersecurity ecosystem from user to endpoint to perimeter to cloud to SaaS ? What was the existing security situation in terms of capacity, resources and scaling? What were the blind spots we missed in our existing frameworks? What security flaws happened (so far) in the corporate ecosystem? Now, How can we mitigate them going forward? But, How can we mitigate for the future unexpected situations? The Solution: An Unified CyberSecurity End-to-End Framework Lessons learnt (as per today's feedback).
14:15
Decentralized Digital Twins using FLOSS
( Philippe Coval )
Digital twins concept can be summarized as the association of a real entity with a digital replica, many applications will be covered some ethical questions remains and some solutions will be presented to make this technology desirable with a privacy by design approach. The "Web of Twins" experiment will be presented as an implementation using JavaScript and WebThings API from devices to VR/XR user interface.
14:30
Our 4 years journey in GIS at Orange France
( Vincent Flipo, Bertrand Parpoil )
We will present the platform, its component, and will discuss the challenges we met with its deployment. Our platform is for engineer deploying Fiber to Home/Office , providing GIS capabilities among several layers on a Map. Developed by an Orange team of 30 people, half based in Lannion (Britany) and half in Tunis(Tunisia). components : Angular/OpenLayer, Springboot/PostgreSql(with Gis extensions)/GeoServer/QGIS, mapfishprint for PDF. Available on thin client or via APi. The team was able to develop the platform according to business requirements, thanks to the technical support of our open source partner : Oslandia. Moreover, Orange played the open source game by giving back to the community the evolutions on the components.
14:45
Cacti and Big Data at Orange France
( Pascal Seigne, Silviu Dimulete )
We propose a walkthrough of current utilization of Open Source Software in capacity planning for the Orange network infrastructure. The objective of our project is to have a platform that helps engineers to carefully plan the resources available to them as well as to correlate different incidents within remote parts of the infrastructure. In order to achieve this we started using Cacti with the Spine collector which worked great, but Orange France is a very large company with many entities, each with its own governance, and so we began to see some limitations. There was a need to centralize some information from different parts in Orange France as well as to integrate the equipment capacity and load values into BigData Orange. In order to achieve this we developed the “Puits de donneés” platform completely based on Open Source Software. The visualization and statistical analysis part is handled by Grafana while the ETL runs on Apache Software Foundation products like NiFi, Zookeeper and Ambari with a storage solution from MariaDB for which we did extensive performance tuning and customization due to the large amounts of data.
15:00
Nextcloud, the Opensource Collaborative Cloud Platform
( Genma Herledan )
With Nextcloud Hub, Nextcloud offer a new standard in on-premises team collaboration. Discover this solution and its functionnality, an opensource alternative to GoogleDocs or Office365. We'll talk about the "Framacloud" project from Framasoft, based on Nextcloud. And about the offer that Atos provides to its customer around Nextcloud.
15:30
Upcoming Challenges in Artificial Intelligence Research and Development
( Vincent Lequertier )
Artificial Intelligence is now smarter than ever, showing human-like abilities at complex tasks such as images classification or natural language processing. But despite its recent advances, it's still not a silver bullet. This talk will present a few challenges in the research and development of artificial intelligence that slow down its progress and adoption. In particular, problems around fairness, the training of models and how to share them will be introduced as well as possible Free Software solutions.
15:45
Autonomous Multi-Cloud serverless deployment and optimized management
( Marta Różańska, Geir Horn )
This presentation describes how to implement Multi-Cloud native strategies using advanced an open source framework that allows for Cloud-agnostic Multi-Cloud deployment and optimized management of the serverless applications based on flexible monitoring, context aware maximization of the application owner’s utility of the deployed serverless components, and autonomic reconfiguration based on the application’s current execution context.
16:00
Enabling DevOps for IoT Software Development, powered by Open Source
( Hui Song )
We would like to share our research journey towards enabling DevOps for IoT applications, and how Open Source makes the journey feasible and fun. DevOps is widely adopted for developing cloud applications, which supports developers in continuously placing software changes directly to production. As companies are including IoT and Edge devices into their IT infrastructures, supporting DevOps for IoT is a must. However, IoT challenges some fundamental assumptions behind DevOps, such as the homogeneous infrastructure and centralized governance, and therefore, breaking-through research is needed. Funded by H2020, 30 people from 12 partners crossing academia and industry gathered to solve these fundamental challenges, which results in full-stack open source tools for automatic deployment, learning-based operation and security monitoring of IoT applications, and risk management of the development process. The tools are evaluated on industrial use cases in intelligent transportation, smart building, and eHealth. The mass open source tools and communities around IoT development provides the sound foundation for this design research and the opportunities for the further exploitation of the results. In particular, we are proud of spinning off a start-up to commercialize the risk management services in the open source + SaaS model.
16:15
Advanced Proactive and Polymoprhing Cloud Application Adaptation
( Alessandra Bagnato, Maxime Compastie )
Presentation of the novel and advanced optimization concepts for cloud computing application using open source Morphemic platform, which is extending Melodic framework. It will cover application architecture polymorphing and proactive adaptation based on predicted applications needs.
16:30
ReachOut, the Beta-Testing Platform for Collaborative Research Projects
( Alexandre Lefebvre )
ReachOut is an H2020 Coordination and Support Action (CSA), aiming at helping research projects or European SMEs to develop connections with their markets and potential end users. ReachOut provides a platform and methodology to help projects create and implement their beta-testing campaigns, collect user feedback and develop their ecosystem. This presentation will give you an overview of the ReachOut project, and present the Beta-Testing platform.
16:45
DECODER, a Smarter Environment for DevOps Teams
( Virgile Prevosto )
The DECODER project simplifies software library and component reuse, while ensuring that they will behave as expected by the developer. The DECODER central database (PKM) stores code-related artifacts and establish bindings between them, notably by generating formal specification from informal requirements or semi-formal models from source code.
17:00
Intelligent package management with FASTEN
( Amir Mir )
As recent events, such as the leftpad incident and the Equifax data breach, have demonstrated, dependencies on networks of external libraries can introduce projects to significant operational and compliance risks as well as difficult to assess security implications. FASTEN introduces fine-grained, method-level, tracking of dependencies on top of existing dependency management networks. In our talk, we will present how FASTEN works on top of the Rust/Cargo and Java/Maven ecosystems.

Thursday, June 18

09:20
The OW2 Open Source Good Governance initiative
( Cedric Thomas )
This presentation introduces the OW2 Open Source Good Governance initiative and the challenges facing open source governance managers.
09:40
SW360 and FOSSology - A Team for License Compliance
( Michael C. Jaeger )
FOSSology is an open source license compliance software system and toolkit. As a toolkit, you can run license, copyright and export control scans from the command line. As a system, a database and Web user interface provide you with a compliance workflow. License, copyright and export scanners are tools used in the workflow. FOSSology is license under the GPL, it is therefore available for anyone to facilitate license compliance tasks. While FOSSology provides the license analysis for individual OSS components, the Eclipse OSS project SW360 is a software catalogue to provide a central place for managing and sharing license information about software components used by an organization. It is designed to neatly integrate into existing infrastructures related to the management of software artifacts and projects by providing separate backend services for distinct tasks and a Web application to access these services.
10:00
Ideas, Methods and Tools for OSS Compliance Assessment
( Boris Baldassari )
While Open Source Software has become mainstream, the understanding of its key principles, from ethics and collaboration to governance and community management, is gaining more interest and attention. There is a comprehensive volume of studies and reports backing up our individual and collective experience, yet we still cannot reliably measure these characteristics, and even less clearly define or assess them. In an attempt to build up confidence and foster maturity in this area, this talk will look at the various existing models and metrics related to OSS compliance and governance, and build upon them to propose methods and tools for their evaluation and analysis. We will discuss the requirements and essential questions to ask, offer guidelines for implementation and suggest efficient ways to present results.
10:20
Open Source Compliance at Orange
( Nicolas Toussaint )
Orange and Orange Business Services have turned to full open source solutions to tackle the complex problem of respecting the open source legal compliance constraints. This talk presents the journey undertaken the past few years to build and improve the existing tooling and processes to make compliance validation possible, as well as allow overseeing progresses.
10:40
The OpenChain Reference Tooling Work Group - An Overview
( Oliver Fendt )
The well-known OpenChain project launched in Sept 2019 a Tooling Group. The objective of this group is to realize a turn-key Open Source toolchain for Open Source Compliance, which is / can be easily integrated in the software development CI/CD pipelines. The Tooling Group uses open source principles to accomplish this, creating a meritocracy producing real world solutions for real world challenges, and sharing these results with all interested parties. The presentation gives an overview of the Tooling group its objectives, the areas of focus, the current state and future plans.
11:20
Software Development at Scale: Lessons learned from a pandemic lockdown and Open Source Ecosystems
( Jose Manrique Lopez de la Fuente )
2020 has started intense for many countries. It's been just a few months, but the things we have lived make us feel like it's been years. Covid-19 pandemic has hit everywhere and forced many people to work from home. If you were lucky enough to be in one of these modern companies that have adopted digital transformation years ago, would that be a problem? Many people have thought it wasn't, but it has really been. And what about the rest of the software developers involved in companies not ready for remote work at all? It's been said that nothing has boosted more companies' digital transformation than covid-19. But, are their managers ready for such change? Managing software development at scale is not an easy task, and this pandemic has disrupted the way projects are being developed in many companies. During this talk, I would like to share lessons learned from open source development at scale that might help companies to adapt to these changes. But more specifically, lessons about how software development analytics help managers to understand collaborative remote work.
11:35
Open Source contribution Policies that don't suck
( Tobie Langel )
Open source contribution policies are long, boring, overlooked documents, that generally suck. They're designed to protect the company at all costs. But in the process, end up hurting engineering productivity, and morale. Sometimes they even unknowingly put corporate IP at risk. But that's not inevitable. It's possible to write open source contribution policies that make engineers lives easier, boost morale and productivity, reduce attrition, and attract new talent. And it's possible to do so while reducing the company's IP risk, not increasing it. In this talk, we'll look at the general structure of contribution policies, examples in the wild, and tactics to make them suck less. We'll also look at how to turn these policies into self-service software, preventing the tedious email back and forth between engineering and legal in most cases and making open source contribution a breeze.
12:00
Open Source Strategy at Orange France
( Gilles Viton )
Open source Program at Orange France = community open source Governance network and organisation at Orange France Technical Key enablers => Major fields to enable open source KPIs to follow open source deployment and results Support and expertise internal and external Key enablers for budget Contribution to open source
12:20
The NGI0 Initiative: Encouraging Adoption of FOSS Licensing Best Practices
( Gabriel Ku Wei Bin )
The Next Generation Internet Initiative is a funding action organized by the European Commission. It is intended to provide funding opportunities to developing technologies and software that has the potential to improve the internet's potential to be a platform that supports human values, such as privacy, transparency, inclusivity, and the protection of data. The results of these efforts are intended to be eventually made available as Free Software. The FSFE currently assists this Initiative, together with several other NGOs. The FSFE's role in particular is to encourage participant software projects to adopt best practices in displaying copyright and licensing information in their software projects. We estimate that the FSFE will have had to provide advice and guidance on how to properly display their license and copyright information to around one hundred small software projects involved in this Initiative. This presentation will talk about the NGI0 Initiative, the importance of proper license compliance, as well as share some patterns that we have observed on how developers of small, independent software choose to license their projects, and how they may deviate from best practices that can cause problems later.
12:40
Open Source Governance and the Eclipse Foundation
( Gaël Blondelle )
In this talk, we will cover two complementary topics: * The different Eclipse projects related to Open Source governance, like Eclipse SW360, SW360 Antenna, and Eclipse Steady, as well as the opportunity to leverage SW360 as the core of a larger Open Source governance initiative. * The Eclipse IP Process that has been applied to hundreds of Eclipse projects for more than 15 years and is going through a modernization process that involves both simplification from the developer point of view, and openness to new sources of trusted data like Clearly Defined.