Glossary of Important Terms

API

application programming interface, a software interface providing a way for two or more programs to communicate with each other; libraries, programming languages, computer operating systems and computer hardware all use APIs;

Applet

small application that performs one specific task that runs within the scope of a larger program often as a plug-in;

ASIC

application specific integrated circuit, an IC chip customized for a specific purpose, providing functionality for devices with embedded systems, ‘systems on a chip’; ASICs are commonly manufactured using IP cores.

Binary see Executable;

CI/CD

continuous integration/continuous deployment;

Contributor Agreement, umbrella term for a Contributor License Agreement or a Contributor Assignment Agreement, under which a contributor to an OSS project licenses or assigns the copyright in their contributed code and/or documentation;

CLA

Contributor License Agreement (terms under which software code is contributed to the OSS project);

Compiler

a computer program that translates code written in one programming language into another programming language, usually from a higher level language (source code) into a lower level language i.e. assembly language, object code or machine code;

Container

all parts that the applications needs to run (e.g. the executable itself, libraries and dependencies, system tools and settings) packaged in a way that they are isolated from the host system; containers will run the same way in different environments, do not affect the host operating system and will only modify settings within the container, which makes them ideal for s/w testing and development; containers run on top of a container platform such as ‘Docker’; containers are similar to virtual machines except that virtual machines require a ‘guest OS’;

Copyleft

portmanteau term used to describe OSS licenses (such as the GNU GPL licenses) which require the downstream user/licensee to apply the same license terms and conditions to any subsequently distributed program or package of programs based on the original licensed program or a modified version of the original licensed program (‘copyleft’ licenses are also known as a reciprocal licenses);

Dependency

code that is ‘imported’ by instructions in the code of an application or library from outside of the boundaries of that application or library;

DevOps

portmanteau term for “development” and “operations” i.e. process used to streamline communications between those who build the product and those responsible for its functioning in the market;

DCOB

Developer Certificate of Origin ( Linux Foundation version 1.1 clauses);

Driver

a program assisting communication between the operating system (OS) and hardware or a software application; the driver translates the function requests being communicated by the OS into a format that the hardware or software application can understand; computers typically need multiple drivers to control the installed hardware components and applications;

Embedded Software

Embedded Systems

Executable

an executable program, sometimes called Binary, which causes a computer to execute certain tasks in accordance with instructions written in machine readable code or compiled/assembled into machine readable code from a higher level language;

Extension

in computer programming terms, an extension is a file (sometimes required to be stored in a separate ‘extensions’ file) containing programming that serves to extend the capabilities of or data available to a more basic program; a Browser Extension is a small software module that customizes a web-browser, typically web- browsers allow extensions such as cookie management, ad blocking, UI modification and custom scripting/styling of web pages;

Firmware

lower-level (i.e. before operating system) microcode involved in the implementation of machine instructions: BIOS in the personal computer, boot firmware on mobile phones, control systems on simple consumer electronics, peripheral devices;

Fork

a program (application) copied from an existing program (application) but constituting an entirely new program (application) as opposed to a development branch of the existing program: in theory forking is possible in both the OSS and proprietary domains, the difference being that in theory anyone can fork an OSS program without the need for permission and without breaching copyright, whereas forking by developers external to the owning company may only fork proprietary s/w under license (example: UNIX);

IP Core

what process engineers typically refer to as ‘intellectual property’; pre-designed sub-components of a larger ASIC in the form of hardware description language (“soft micros”) or fully enabled for printing directly onto an ASIC’s mask layers (“hard micros”); IP cores delivered as soft micros are modifiable by chip designers whereas the functions of IP cores delivered as hard micros cannot be significantly modified; IP cores can comprise a mixture of patent and copyright protected source code;

Library

a pre-written set of code containing specific functionality or automation capabilities, which can be included into an application eliminating the need to write complex code into the application itself – the library could be installed during development of the application or by a compiler in run time;

Middleware

software providing common services to applications outside of what is available from the operating system, such as data management, API management, messaging and authentication; middleware helps developers by allowing them to work across platforms using different sets of run times, programming languages and frameworks; by managing the complexity involved in scaling and distributed platforms it is important for both app development and cloud computing

computer operating system

OSPO

Open Source Program Office;

OSS

Open Source Software or software that is subject to a license approved by the Open Source Initiative (“OSI”) and meets the four freedoms as defined by the Free Software Foundation (“FSF”) – (see Background of the OSS Movement);

Peripheral Device

hardware device (input) sending data or instructions to a computer, such as a mouse, keyboard, graphics card, image scanner, microphone, webcam, bar code scanner, light pen; or a hardware device (output) receiving data or instructions from a computer, such as a monitor, speaker, headphones, printer, projector; or a device performing both input and output functions, such as modems, network adapters, multi-purpose printers, data storage devices (SSD, memory cards, USB flash-drive, disc drive); all as can be easily removed or plugged in to a computer;

Permissive License

a term often (inaccurately) applied to distinguish an OSS license which is not ‘copyleft’ from one which is – since a license is a de facto permission the more accurate description of such a license is non-copyleft;

Plug-in

is a software component that adds a specific feature to an existing application, which is designed to support plug-ins (i.e. enables customization by the user);

Reciprocal License see ‘Copyleft’;

Run time

the period of time during which a computer program is executing;

Run time System

a software sub-routine designed to support the execution of computer programs, existing in the computer where the program is created and in the computers where it is intended to be run; all computer programming languages have a run time system in which they implement all or part of their execution model; examples C/Python; Node.js; Java Virtual Machine; Common Language Runtime;

SCA

Software Composition Analysis (Basic function of Source Code Scan Tools)

SBOM

Software Bill of Materials (Formal record containing the details and supply chain relationships of various components used in building software) – definition as per Federal Government Cybersecurity Executive Order 2021;

SDLC

Software Development Life Cycle;

Source Code

any collection of code, with or without comments, written in a human readable programming language, usually in plain text;

Stack

literally a set of technologies stacked together to build an application (both back-end and front-end); they represent an important aspect of modern application architecture designed to enable horizontal and vertical scaling;

Translator

a general term referring to anything that converts code from one computer language into another, such as a compiler, assembler, or interpreter; translators exist at all levels i.e. binary to binary, source to source, low or intermediate level to low level (assemblers) and between different levels including between software implementations and microchip/ASIC implementations;

user interface

USB

or universal serial bus, a standardized way of connecting peripheral devices to transfer information more rapidly than other connection methods; also paving the way for flash memory drives