It’s time to recognise the defensive potential of open source

Open source has become one of the mainstays of modern vehicle technology. As vehicles move from being a mere assembly of parts into a full automotive experience, OEMs and suppliers need to delve further into the realms of technology but, as research from Flexera has revealed, this revolution is reliant on vast amounts of open source software that many companies do not realise they are even using, as Jeff Luszcz, Vice President of Product Management at the company, explained in a recent Automotive World webinar.

“With our audit team we are lucky to go out and work with some of the largest software organisations in the world,” Luszcz said. “If you look back at 2011, the average number of open source packages that were in use in a typical application were about 135, of which only 18 were known about by the organisation itself. If we flash forward to 2017, the typical application out there is using almost 600 pieces of open source software and again if you ask the team which of those libraries they were aware of, they are only aware of 17.” But the problem here is not just the fact these libraries are going under the radar, but in the security concerns it creates.