Beyond the buzz of open source

Beyond the buzz of open source

Open source plays an essential role in the digital landscape. It empowers communities to collectively build, improve, and customize software solutions, with the goal of lowering barriers to innovation and enabling transparency in how technology is built and used. Behind the open source label lies also a complex reality—legal, technical, organizational—that many overlook. 

Dawex engages with the open source world, as Dawex contributes to it, uses it, and understands it. This article clarifies common misconceptions, explains why professional open source management is a strategic capability, and shares Dawex perspective on open source. 

1. Open source: What it really means

Open source means more than just some code made publicly available. It means that a software component is published under a specific license that grants rights to use, modify, and redistribute the code - under certain conditions. And this doesn’t stop there, open source also implies something larger: a community of contributors and users, shared governance rules, technical collaboration models, and an evolving ecosystem of trust. The success of an open source solution will lie therefore on all these characteristics.

2. The open source landscape: Opportunities and illusions

Open source holds great promise, however it is not a silver bullet. Several persistent myths continue to mislead decision-makers:

• Myth 1: Open source means free of charge
  
  It may be free of charge in accessing and using the source code, but it requires investment in set up and integration, compliance, maintenance, hosting and infrastructure, and support, compliance & risk management.
  
  
• Myth 2: Open source avoids lock-in
  
  Through design choices, community governance, or ecosystem dominance, lock-in can still occur.
  
  
• Myth 3: Open source ensures interoperability
  
  Unless open standards are strictly followed, open source may still lead to fragmentation.
  
  
• Myth 4: Open source is always secure
  
  Components that are no longer maintained or are used without a full understanding of their behavior can expose systems to serious vulnerabilities.

Forking a project may seem like an escape route, but you can’t fork a community. Code is not enough—you need momentum, shared leadership, and credibility.

3. Open source business model

The open source business model may seem to offer more flexibility and innovation but differs significantly from proprietary solutions with licensing models.

Open source solutions are often free to use and foster rapid development and community-driven improvements. However, they generally lack the built-in guarantees of dedicated support and accountability unless paired with a third-party support contract. 

In a proprietary solution set up, organizations pay for a license that typically includes a Service Level Agreement (SLA), ensuring predictable costs, dedicated support teams, and guaranteed response times—providing a reliable safety net when issues arise. 

As a result, while open source can reduce upfront costs and encourage customization, organizations must carefully evaluate their internal capabilities and risk tolerance compared to seamless experience offered by proprietary solutions.

4. Dawex & open source: A strategic, competent approach

Dawex’s relationship with open source is defined by responsibility, pragmatism, and alignment with its mission: enabling trusted, secure, and compliant data exchange between multiple and diverse organizations, within and across data ecosystems, industries, organizations and even divisions, factories or shopfloors. Dawex’s engagement unfolds across three strategic axes:

4.1 Consuming open source responsibly
Dawex integrates open source components into its technology solutions when it makes sense to do so—technically, legally, and strategically. But not all components are created equal, therefore Dawex always:

• Assesses the maturity of each component.
• Verifies its license (MIT, Apache, GPL, etc.) and associated obligations.
• Uses tools to trace dependencies, ensures license compatibility, and avoids risky combinations.
• Follows structured processes to audit, validate, and document everything that is being used.

4.2 Contributing to communities
Dawex actively contributes to open source initiatives that align with its ecosystem, such as the Eclipse Data Components Connector (EDC), as well as within the Gaia-X architecture. This involves:

• Respecting community charters
• Participating in working groups
• Submitting code contributions and technical proposals
• Helping ensure interoperability, standardization, and trust

Meaningful participation requires both technical skill and community savvy. The most effective open source communities operate through meritocracy and are guided by strong, transparent governance models. However, navigating these communities also demands a capacity to engage with their political dynamics—understanding how influence is built, how decisions are made, and how strategic alignment plays a role alongside technical excellence.

4.3 Dawex publishing its own open source projects
Dawex is also initiating open source projects. For example, Sigourney is an integration framework designed to facilitate interaction with the Gaia-X Digital Clearing House services. It is published under a permissive open source license and is publicly available on GitHub.

Another example is the Data Transfer Agent, a collective effort to bring efficient, secure, resilient, scalable agents for decentralized data transfers compliant with Gaia-X principles. It is designed as a lightweight, containerized, and scalable solution, offering one-click deployment and seamless integration as a service alongside any component or software. The Data Transfer Agent is released as open source and published on Gaia-X GitLab under Apache 2.0 licence.

5. Why competence in open source matters

Using open source is easy. Using it well is much harder.

Professional open source management requires:

• Legal literacy: Understanding what a license allows or prohibits
• Technical discernment: Choosing mature, reliable, and secure components
• Tooling: Automating audits, license checks, and software composition analysis
• Governance expertise: Knowing how to contribute, navigate, and influence communities

Many companies underestimate the importance of open source due diligence. Mixing incompatible licenses, copying snippets without attribution, or overlooking maintenance obligations can result in major legal or operational risks.

Dawex has invested in internal tooling, legal reviews, and developer training to ensure that our use of open source is fully professional.

6. Community is more than code

Producing open source code is not enough. If a component is not maintained, not documented, and not used, it won’t survive.

Moreover, open source does not guarantee openness:

• Some components are dominated by large players
• Governance models may restrict influence from new members
• Ecosystem decisions may steer away from interoperability or standards compliance
  
  

For instance, a component developed under a public initiative may end up reflecting the strategic interests of one dominant player, ultimately reinforcing platform lock-in.

Forking is theoretically possible, but practically difficult. Recreating the community and trust needed to sustain a fork is a massive endeavor.

7. Toward ethical, European-led open source

At Dawex, we believe in ethical open source:

• Transparent governance
• Community-driven development
• Respect for standards and interoperability
• Open participation, not gatekeeping

We also encourage greater involvement by European industrial actors, not only as contributors but as active participants in the use and governance of open source. Too often, European-funded components—despite being technically robust—are absorbed into U.S.-based platforms and cloud services, where the strategic value created in Europe is monetized elsewhere. 

If European industry does not engage directly with these components, both in adoption and community leadership, Europe risks losing control over the very assets it funded. To retain sovereignty and strategic autonomy, it is essential to assert leadership not just through contributions, but through sustained usage, stewardship, and alignment with European values and standards.

Conclusion: competence, not open-washing

Dawex is not here to claim open source credentials lightly. As a proprietary solution provider we believe in:

• Responsible and professional use of open source
• Strategic contributions to key communities
• Ethical publication of selected components

Learn more about Dawex Data Exchange Solution

Want to learn more about the benefits of Data Exchange? Subscribe to Dawex newsletter here.