norxs Technology LLC has announced an OpenChain ISO/IEC 5230:2020 and ISO/IEC 18974:2023 conformant program, covering both open source license compliance and open source security assurance.
norxs is a functional safety and cybersecurity engineering firm working on systems where failure is not an option: EV powertrains, power distribution, and industrial controls. Its engagements span the full safety and security lifecycle — from hazard analysis and risk assessment (HARA) and threat analysis and risk assessment (TARA), through safety and security concepts, requirements decomposition, and implementation, to the verification, validation, and assessment evidence required for certification against ISO 26262, ISO/SAE 21434, IEC 61508, ISO 21448 (SOTIF), and the UN R155 / R156 regulations.
Safety-critical software is now built on open source, and the standards norxs’s clients answer to increasingly treat the software supply chain as part of the safety and security case itself. Conformance to ISO/IEC 5230 and ISO/IEC 18974 applies the same engineering discipline norxs brings to hardware and firmware — defined responsibilities, traceability, configuration management, and independent verification — to the open source it uses and ships. In practice this means knowing precisely which components are in a deliverable and the license obligations attached to each, alongside a defined process for identifying and responding to vulnerabilities across the product lifetime.
For norxs, license compliance and security assurance are two halves of a single obligation: providing customers an auditable account of the software they integrate. This maps directly onto the software supply chain expectations of ISO/SAE 21434 and UN R155, and norxs intends to contribute its safety-critical engineering perspective to the OpenChain community.
About norxs
norxs Technology LLC is a functional safety and cybersecurity engineering firm for safety-critical systems. It delivers hardware, firmware, and certification as a single team — built in from the first schematic rather than bolted on at the end — across EV powertrains, power distribution, and industrial controls.
norxs supports OEMs, Tier 1 suppliers, and industrial clients to standards including ISO 26262, IEC 61508, ISO/SAE 21434, ISO 21448 (SOTIF), UN R155 / R156, and ASPICE.
