Frequently Asked Questions

 
What problem does Protecode solve?
Protecode Inc focuses on automatic software Bill of Materials (BOM) generation and Intellectual property (IP) management.  Protecode detects bits and pieces of code that end up in your product (code snippets or full library files), creates a log, and identifies their attributes such as their licensing requirements. With Protecode you can create reports that tell you how many instances of a particular license you have in your project, where a particular file or code snippet came from, and who contributed what to your collaborative project.  Protecode creates automatic records that are part of any quality software development process.
What are the features of Protecode?
  • Simple - simple Eclipse plug-in developers' assistant - download and start protecoding
  • Painless -  unobtrusive,  five minutes to install and use, non-interfering - no change to day to day development process
  • Reliable - detects 100% of external content
  • Functional - detects, logs, identifies pedigree and licensing information associated with external content. Allows manual annotation and comments. Creates Reports (different types, nested IP, historical contamination)
  • Integrated - securely integrated with code versioning system, bug support system, reporting system
  • Proactive IP management - preventive  as opposed to after-the-fact detection and correction
  • Continuous - takes place in the background - no specific actions required
  • Simple Management - define policies and behavior on policy violation detection
  • Secure - no code  or other IP leaves customer premises; encrypted files, HTTPS communication - no one else sees customers' internal operations
  • Scalable - from one person operation to hundreds in a project; single site or multi-city; single organization or multi-organizational projects
  • Enabling - frees developers from understanding open source rules and licenses - enables and encourages safe open source usage. 
What about security?
No code leaves the customers' premises. For identification, we reduce source code to a number (signature) and query the database (GIPS) with that number. The communication between Tracker and GIPS is via secure HTTP (HTTPS).
How do you Administer a policy?
For each individual or group of protecoders, there needs to be one or more Administrators to define one or more policies. A policy selects licenses that are approved for use (approved vendor list). There is a simple menu driven process to define policies. Policies are then exported (or assigned) to specific projects.
How do I start protecoding?
To start protecoding, you just create an account in the Protecode Administrator. This is a two step process for security reasons:
  • Create a user name and password and enter your email address
  • An email will be sent to you to confirm your identity (we promise never spam you - see our privacy policy)
  • You reconnect to complete your registration
  • Then you define policies and select yourself or others to start protecoding
What is a Protecoder?
A Protecoder is a coder who is developing code with a Protecode pedigree. All external content will be detected and logged and will be presented to the central server (GIPS) for identification. A Protecoder can generate reports at any time to view the IP status of any file.
What is an Administrator?
An administrator defines policies, maps policies to projects and invites software developers to become Protecoders.
How are protecoders invited?
Protecoders are invited by the Administrator. A Protecoder can be invited by different Administrators to work on various projects. Policies can be exported and assigned to specific projects. An Administrator can choose to be both administrator and protecoder
Does any code leave my premises?
No code leaves the customers' premises. Only a signature is compared to the Global IP Server (GIPS)
What is a signature?
A signature is a representation of code- basically an intelligent one way hash.
What is stored in the GIPS database?
The GIPS (Global Intellectual Property Server) database has been populated with signatures calculated from publicly available open source repositories by Protecode.
Does anyone know about my content?
No one else can possibly find out anything about your software, content etc. Signatures are one way convertible only.
What happens to my logs?
The pedigree information created by Protecode Tracker is kept with your code, in conjunction with your code management system. If you move files from one project to another, the pedigree file follows. If you check in or check out of CVS/SVN, the pedigree file also follows.
Can I be protecoding off line?
If you don't have Internet connectivity while protecoding, ie. You're working offline, then Protecode will still detect and log all external content. It will mark all the external content as unidentified for the time being. At any time in the future when you are back online, Protecode will try to identify the external code quietly in the background.
What is Annotation?
There is an optional feature which allows the user to annotate information such as the URL where the code came from to be stored with the pedigree. The annotation can include selecting from a pull-down menu of licenses plus a free format comment (maybe that this is something you wrote 6 months before). It may be better to add a comment right when the code is brought in and it's fresh in your mind as opposed to answering the question 6 months later when someone taps you on the shoulder.
What if you do not have the signature on GIPS?
The Protecode GIPS (Global Intellectual Property Server) database has been populated with signatures from publicly available open source repositories. This database is continually growing as the world of open source is very dynamic. In the event that a piece of software is unknown at this time, the pedigree will record it as such. The neat thing is that unknown, unidentified code, is permanently logged in your log file and can be resolved by the time you run a report next time.
What do I do with records marked UNKNOWN in report?
Records marked unknown in a report can optionally be manually annotated. In addition Protecode will continue to try to identify them in the background.
Can I work behind a proxy server?
Yes. We support both standard proxy servers and Basic Authenticating proxy and NTLM authenticating proxy.
How does Protecode scale?
Protecode scales up to support thousands of users and scales down to support one single user. This is possible because the Protecode Tracker does most of the processing in a distributed fashion. The GIPS server is used only for non time critical signature validation lookups.
What if I do not want to protecode anymore?
Simply uninstall the plug in (standard Eclipse procedure), and delete the logs (*.wd files)  if you do not want to keep them any more. Please refer to the release notes for a more detailed uninstall description.
How much does it cost?
Protecode is sold on a subscription basis for an annual fee of $250 US per user seat. Larger implementations will be able to select an enterprise pricing model where the GIPS is located in the enterprise as a licensed application. Please contact Protecode for pricing.

What software can I start protecoding today?
The first release of Protecode supports 
  • Eclipse IDE
  • CDT/JDT
  • C, C++ code
  • Java code
  • CVS and SVN
j0400443.jpg

© 2008 Protecode, Protecoding and the Protecode logo are trademarks of Protecode Inc.

 
Charisma Studios Design