OpenChain Newsletter #81

Key Updates and Announcements

• AI System Bill of Materials Guide: The public comment period for the “Artificial Intelligence System Bill of Materials – Compliance Management Guide for the Supply Chain” has now closed. The AI Work Group, Governing Board, and Steering Committee are reviewing the feedback received. You can follow the progress and view the draft guide here.
• OpenChain at Open Source Summit Europe: The OpenChain Project had a strong presence at the recent Open Source Summit Europe, with talks and panels from board members and work group chairs. A mini-summit was also held to share knowledge on license, security, and regulatory compliance. You can learn more about the event here.
• Call for Translation Collaboration: The OpenChain Project is seeking community assistance in translating the self-certification materials for ISO/IEC 5230 (Open Source License Compliance) and ISO/IEC 18974 (Open Source Security Assurance) into German, Japanese, Korean, and Chinese (Simplified and Traditional). If you are fluent in these languages, you can contribute to this important effort. Draft machine translations are available on GitHub to get you started. Find out more here.
• Improved Self-Certification: The online self-certification process for both OpenChain ISO/IEC 5230 and OpenChain ISO/IEC 18974 has been updated and improved, making it easier for organizations to assess and declare their conformance. Check out the updates here.
• OpenChain in China: A successful mini-summit on “Open Source Software Supply Chain Security Compliance in the AI Era” was held at the 2025CCF China Open Source Conference in Shanghai. The event was led by the OpenChain China Work Group and covered both legal and technical aspects of compliance. Read more about it here.
• Understanding the CHAOSS Project: A recent webinar explored the CHAOSS (Community Health Analytics for Open Source Software) project, a Linux Foundation initiative focused on developing metrics and software to better understand the health of open source communities. You can find more information about this informative session here.

Recent Meeting Recordings

For those who missed them, recordings of recent OpenChain meetings are now available:

• Monthly Specification and Education Call (North America – Europe) – August 13, 2025: This call covered the latest project news, a call for papers for the Open Compliance Summit, and updates from the Specification and Education Work Groups. You can watch the recording here.
• OpenChain Japan Community Day #34 at Mitsubishi Electric: Recordings from this two-day event, featuring discussions on OSPO activities, preventing common licensing mistakes, and an introduction to OSS compliance for beginners, are now online. Access the recordings here.

Potential Further Actions for Readers

• Attend Future Meetings: The best way to stay informed and contribute is to participate in the various OpenChain work group calls. The monthly Specification and Education calls, along with other topical and regional meetings, are open to everyone. You can find the full schedule of upcoming meetings and information on how to join on the OpenChain participation page.
• Contribute to Translations: If you have language skills, your contribution to the translation of self-certification materials would be highly valuable. This is a practical way to help the global community adopt OpenChain standards.
• Engage with Work Groups: Consider joining the mailing lists of the work groups that align with your interests, such as the AI Work Group, Specification Work Group, or Education Work Group. This will allow you to follow discussions and contribute your expertise.

To get more involved in any of these activities and to help build a more trusted open source supply chain, please visit: https://openchainproject.org/participate