IHS Automotive forecasts that there will be 152 million actively connected cars on roads worldwide by 2020. As automobiles and other vehicles become more intelligent and connected, they are increasingly dependent on software built with open source. This fuels innovation, but failure to track and manage open source components and vulnerabilities can have catastrophic consequences; stolen customer data, costly recalls, damage to reputation, and with autonomous vehicle technologies, even personal injury or loss of life.
To stay ahead of these risks, automotive OEMs, suppliers, technology firms, and other players in the automotive supply chain need to proactively manage their use of open source.
The automotive industry is forecasted to spend $20B to $30B on autonomous driving technology through 2022, with revenues from safety, autonomous driving, and connected services estimated to grow from $36B to $156B. This growth is largely driven by open source infotainment platforms like those adopted by GM and Ford, and fueled by industry alliances like GENIVI and AUTOSAR.
As auto industry manufacturers and suppliers seek to differentiate and compete based on connected car technology, protection of software intellectual property is an increasing concern, made more difficult by the complexity of the automotive technology supply chain. Open source hidden within applications and vehicle components can carry reciprocal licenses which threaten your intellectual property, or conflicting license requirements which can prohibit the commercial use of critical technologies. As seen in other industries, remediation of these open source license compliance issues can also be costly.
We found that, in addition to ensuring compliance, Black Duck helps us to be more productive simply by avoiding issues right from the beginning, thus avoiding unnecessary rework.