Skip to main content
All Posts By

aleksaboehm

OpenChain Advent Calendar Day #16 – About Tooling Sub-Group of OpenChain Japan-WG (2020)

By News

This advent calendar has been created by our Japanese Work Group as part of their community outreach. We hope you enjoy their recap of compliance topics to end the year.

About me

Hello. I am Takashi Ninjouji.
I mainly participate in Tooling Sub-Group (Tooling-SG) of OpenChain Japan-WG, and I am this SG leader since April 2020.
This article introduces the activities of Tooling-SG.

Tooling-SG

The Tooling-SG group is to use OSS for OSS management operations to achieve the following in Open Source Compliance:

  • Build workflows according to your organization.
  • Automation
  • Quality improvement (on tools, workflows, and compliance)

Most of the participants are engineers. Many of them actually use the tools in their work, are developers of the tools, and even participate in the development community. On the other hand, because toolchain is also a means of handling open source compliance information, there will also be people from the compliance management departments such as legal and intellectual property, which are the relevant departments.

You may also want to read the article “About the activities of OpenChain Japan WG Tooling Sub-WG” by Kobayashi-san, the first leader at the time of its establishment in 2019, which was published in the 2019 Advent Calendar project. That article introduces why we wanted to create a place to exchange opinions about Open Source Compliance toolchain in Japanese and collaborate with global communities such as the OpenChain Reference Tooling Workgroup.

Activities

As in the previous year, the following activities and guiding principles have been established.

  • Compile/disseminate information about the tool (in collaboration with the global community)
  • Provide a place to study and discuss while using the tool (e.g., introducing the tool, holding seminars and hands-on sessions)
  • Information distribution and tool mapping (identify issues and collaborate to improve workflow implementation)
  • Promotion to expand membership (presentations at non-OpenChain meetings, use GitHub and other media)

We are welcome to feel free to participate and feel free to make a presentation (or talk).

At the meeting on 2020/11/24, we decided that we will have presentations in foreign languages. We would like to have a more active exchange of information.

You may arrange for your interpreter and translation of the materials in advance, or we would be happy to have volunteers to help you. If you are considering presenting in a foreign language, we would be glad to discuss this with you. Also, we may ask you to give your presentation at Tooling-SG.

How to participate

We use the following three means:

Mailing list

Slack

Virtual Meeting

Starting in April 2020, we are holding virtual meetings in conjunction with the Japan-WG meetings. Currently, we meet every other week for about an hour, alternating between the following meetings.

We are flexible in practice, so please feel free to join us if you have questions. If you have a topic to present, please contact us via the mailing list or Slack.

  • Monthly Meeting
    • about 1 or 2 presentations
    • Fourth Tuesday of every month 16:00-17:00 (JST)
  • Casual Meeting
    • anyone is welcome to talk about any topic.
    • Second Tuesday of each month 16:00-17:00 (JST)

Meetings

We have had these meetings in FY 2020 so far.

Meeting Topics
10thFeature study: OSS Review Toolkit
11th“Sharing the challenges of field deployment (usage) of FOSSology“and “the results and impressions of the FOSSA OSS license management trial”
12thTern by VMware (ACT) (Article on Qiita)
13thSW360 v11 (Article on Qiita)
14thExchange of opinions on future initiatives

Upcoming events

As SW360, a component cataloging tool, becomes multilingual and a Japanese kit is provided, it is expected to spread to Japan in the future.

Tooling-SG is planning to hold a hands-on session for SW360 Chores, a version of SW360 available in containers, in early 2021. We discuss the content and timing on the mailing list and Slack, so please join us if you are interested.

What is the next article?

Morishita-san will introduce OSS toolchain for Open Source Compliance. With the OpenChain specification being ISO standard, there has been a lot of discussion about automation of compliance practices in various tool communities. Don’t miss it!

はじめに

こんにちは、忍頂寺ず申したす。
OpenChan Japan-WGでは䞻に Tooling Sub-Group (Tooling-SG) ã«å‚加し、2020幎4月から同SGのリヌダヌを務めおいたす。
本皿はTooling-SGの掻動を玹介したす。

Tooling SGずは

このTooling-SGは、OSS管理運甚のためのOSS(ツヌル)を利甚しお、Open Source Compliance においお次を実珟するこずを目的ずしたす。

  1. 組織に応じたワヌクフロヌの構築
  2. 省力化 (オヌトメヌション)
  3. 質の向䞊 (ツヌル、ワヌクフロヌ、コンプラむアンスに぀いお)

参加者の倚くぱンゞニアで構成されたす。実際に業務で利甚しおいる方、ツヌルの開発者さらには開発コミュニティに参加しおいる方などです。䞀方で、ツヌルがオヌプン゜ヌスコンプラむアンス情報の取り扱い手段でもあるこずから、関係郚門ずなる法務・知財などのコンプラむアンス管理郚門の方々の参加もありたす。

なお、2019幎のAdvent Calendar䌁画にあった、2019幎蚭立時の初代リヌダヌの小林さんによる掻動玹介蚘事「OpenChain Japan WG Tooling Sub-WGの掻動に぀いお」もご䞀読頂けるず幞いです。Japan-WGの掻動趣旚に沿っおツヌルに぀いお日本語で気軜に意芋亀換する堎を蚭けたいずする経緯や、OpenChain Reference Tooling Workgroup などのグロヌバルコミュニティずの連携などを玹介しおいたす。

掻動内容

昚幎床に匕き続き、次を掻動内容ずその指針ずしおいたす。

  1. ツヌルの情報をたずめる / 発信する (Globalコミュニティず連携)
  2. 実際に䜿いながら勉匷や議論する堎の提䟛 (ツヌル玹介、セミナヌやハンズオンの開催など)
  3. 情報流通ずツヌルのマッピング (ワヌクフロヌ実珟のために課題を掗い出し、他ず連携しお改善)
  4. 掻動に賛同するメンバ拡倧のためのプロモヌション (OpenChain以倖の䌚合での発衚、GitHubやその他メディアの掻甚)

気軜な参加、気楜な発衚(発蚀)、をお願いしおいたす。

なお、2020/11/24䌚合にお、今埌は倖囜語での発衚もアリになりたした。
より掻発な情報亀換をしおいきたいず考えおいたす。

通蚳や事前の資料の翻蚳などは発衚者ご自身で手配や怜蚎を頂くでもよいですし、参加メンバヌのボランティアで察応できればずも考えおいたす。倖囜語での発衚をご怜蚎の際はたずは盞談頂ければ幞いです。たた、Tooling-SGから発衚をお願いするこずもあるず考えおいたす。

参加方法など

次の3぀の手段を掻甚しおいたす。

メヌリングリスト

Slack

Virtual䌚合

2020幎4月からは、Japan-WG䌚合に合わせおVirtual開催にしおいたす。
珟圚は隔週で1時間ほど、次の䌚合を亀互に開催しおいたす。

実際は柔軟に運甚しおいるので、質問がある堎合は気軜にご参加ください。
たた発衚ネタがある堎合は気軜に䞊蚘のメヌリングリストかSlackでご連絡ください。

  • 月䟋䌚
    • 発衚はたたは件皋床
    • 毎月第火曜日 16:00-17:00 (JST)
  • カゞュアル䌚
    • どんな話題でも、どなたでも、お話しください。
    • 毎月第火曜日 16:00-17:00 (JST)

䌚合実斜内容

2020幎床はおよそ次の内容で開催したした。

回 内容
第10回OSS Review Toolkit 機胜調査
第11回FOSSologyの珟堎展開(利甚)における課題点の共有、OSSラむセンス管理「FOSSA」の詊甚結果および所感
第12回VMware瀟による Tern に぀いお (Qiita投皿蚘事)
第13回SW360 v11 に぀いお (Qiita投皿蚘事)
第14回今埌の取組に぀いお意芋亀換

今埌開催予定のむベント

コンポヌネントカタログツヌルであるSW360が倚蚀語察応ずなり日本語キットも提䟛されるこずから、今埌の普及が期埅されおいたす。

Tooling-SGでは、SW360をコンテナで利甚できる SW360 Chores ã‚’察象に起動や操䜜のハンズオンを、2021幎早々に開催しようず蚈画䞭です。メヌリングリストやSlackにお実斜内容や時期を怜蚎しおいるので、興味のある方はぜひご参加ください。

次回の蚘事

明日(2020/12/17) は森䞋さんが、Open Source Compliance のための OSS を玹介しおくれたす。OpenChain仕様がISO化されたこずで、様々なツヌルコミュニティでコンプラむアンス実務のオヌトメヌションの議論が掻発になっおきおいたす。お楜しみに

OpenChain Advent Calendar Day #15 – Commentary of Spec v2.1 vol.4, §3.3 “Open source content review and approval”

By News

This advent calendar has been created by our Japanese Work Group as part of their community outreach. We hope you enjoy their recap of compliance topics to end the year.

About me

Hello. I am Takashi Ninjouji.
I mainly participate Tooling-SG of OpenChain Japan-WG.
This article is part 4 of introducing OpenChain Spec v2.1 (functionally identical to ISO/IEC 5280:2020).
(2020.12.14: “Status”is “Under development”, “Life cycle” is “60.00 International Standard under publication” at ISO/IEC)
(2020.12.15: “Status”is “Published”, “Life cycle” is “60.60 International Standard under published” at ISO/IEC!)

“OpenChain Self Certification” provides the Online Self-Certification. You can see the questionnaire in several languages in this repository: “OpenChain-Project/conformance-questionnaire”

OpenChain Spec v2.1 §3.3 “Open source content review and approval”

§3.3.1 Bill of Materials

§3.3.1 is about the Bill of Materials (BOM), which is a list of OSS that compose a software package, and an organization needs to have a process in place to create and manage that BOM.

Here is the questionnaire for Self-Certification:

Number Spec RefQuestion Text
3.a3.1, 3.1.1Do you have a documented procedure for identifying, tracking and archiving information about the open source components in a Supplied Software release?
3.b3.1, 3.1.2Do you have open source component records for the Supplied Software which demonstrate the documented procedure was properly followed?

§3.3.2 License compliance

§3.3.2 is about use cases. Internal processes need to be in place for each use case, such as distribution in binary form and distribution in source code form. Each organization can define use cases freely. In order to the efficiency of creation of BOMs and of open source license compliance using BOM, compliance tooling are needed and are discussed along with its development and its workflows as well.

Here is the questionnaire for Self-Certification:

Number Spec RefQuestion Text
3.c3.2, 3.2.1Do you have a documented procedure that covers these common open source license use cases for open source components in the Supplied Software?
3.c.i3.2, 3.2.1– Distribution in binary form;
3.c.ii3.2, 3.2.1– Distribution in source form;
3.c.iii3.2, 3.2.1– Integration with other open source that may trigger additional obligations;
3.c.iv3.2, 3.2.1– Containing modified open source;
3.c.v3.2, 3.2.1– Containing open source or other software under incompatible licenses for interaction with other components in the Supplied Software;
3.c.vi3.2, 3.2.1– Containing open source with attribution requirements.

What is the next?

Kobota-san will introduce part 5 on 12/18. Don’t miss it!

In tomorrow’s article (12/16), I will introduce the Tooling SG of Japan-WG. This subgroup aims to share information about the compliance tooling and the know-how to use them.

はじめに

こんにちは、忍頂寺ず申したす。
OpenChan Japan-WGでは、䞻にTooling-SGなどに参加しおいたす。
本皿は囜際芏栌 ISO/IEC 5230:2020 ã«ç›žåœ“する OpenChain Spec v2.1 ã‚’玹介するシリヌズの第4回ずなりたす。
(2020.12.14: ISO/IEC にお、進捗(Status)は “Under development”, “Life cycle” は “60.00 International Standard under publication” です。)
(2020.12.15: ISO/IEC にお、進捗(Status)は “Published”, “Life cycle” は “60.60 International Standard published” です! )

なお、自己認蚌の手続は“OpenChain Self Certification” ã§ã§ããŸã™ã€‚ たた、確認項目はGitHubの “OpenChain-Project/conformance-questionnaire”で確認できたす。英文や和文などで甚意されおいたす。

OpenChain Spec v2.1 §3.3 “Open source content review and approval”

§3.3.1 Bill of Materials

§3.3.1 は、BOM (Bill of Materials) に関する章です。BOMは各゜フトり゚アを構成するOSSのリストを指したす。OpenChain適合を果たす組織は、このBOMの䜜成および管理するためのプロセスを敎備する必芁がありたす。

ここでの自己認蚌のための確認項目は次になりたす

Number Spec RefQuestion Text
3.a3.1, 3.1.1Do you have a documented procedure for identifying, tracking and archiving information about the open source components in a Supplied Software release?

(䟛絊゜フトりェアのリリヌスに含たれるすべおのオヌプン゜ヌスコンポヌネントに関する情報を特定し、远跡し、リストずしお保管するための手順曞がありたすか)
3.b3.1, 3.1.2Do you have open source component records for the Supplied Software which demonstrate the documented procedure was properly followed?

(手順曞に適切に埓っおいるこずを蚌明する、各䟛絊゜フトりェアのリリヌスに関するオヌプン゜ヌスコンポヌネントの蚘録がありたすか)

§3.3.2 License compliance

§3.3.2は、ラむセンスコンプラむアンスの実務におけるナヌスケヌスに関する章です。バむナリ圢匏での頒垃、゜ヌスコヌド圢匏での頒垃等の各ナヌスケヌスに察応できるよう瀟内プロセスを敎備する必芁がありたす。ナヌスケヌスの定矩に぀いおは各組織が自由に蚭定するこずができたす。BOMの䜜成やBOMを利甚しおのオヌプン゜ヌス ラむセンス コンプラむアンス業務に぀いおは、ツヌルによる効率化が怜蚎されおいたす。

ここでの自己認蚌のための確認項目は次になりたす

Number Spec RefQuestion Text
3.c3.2, 3.2.1Do you have a documented procedure that covers these common open source license use cases for open source components in the Supplied Software?

(各䟛絊゜フトりェアのリリヌスに関するオヌプン゜ヌスコンポヌネントに぀いお、少なくずも次の共通オヌプン゜ヌスラむセンスのナヌスケヌスを扱った手順を実斜しおいたすか)
3.c.i3.2, 3.2.1– Distribution in binary form;

(バむナリ圢態で頒垃されおいる)
3.c.ii3.2, 3.2.1– Distribution in source form;

(゜ヌスコヌド圢態で頒垃されおいる)
3.c.iii3.2, 3.2.1– Integration with other open source that may trigger additional obligations;

(コピヌレフトの矩務を生じうる他のオヌプン゜ヌスず統合されおいる)
3.c.iv3.2, 3.2.1– Containing modified open source;

(改倉されたオヌプン゜ヌスを含んでいる)
3.c.v3.2, 3.2.1– Containing open source or other software under incompatible licenses for interaction with other components in the Supplied Software;

(䟛絊゜フトりェア内の他のコンポヌネントずやりずりする、䞡立性のないラむセンス䞋のオヌプン゜ヌスやその他の゜フトりェアを含んでいる)
3.c.vi3.2, 3.2.1– Containing open source with attribution requirements.

(垰属芁求のあるオヌプン゜ヌスを含んでいる)

次回

次回仕様玹介ずなる第5回の蚘事は、小保田さんから 12/18 に公開予定です。お楜しみに
明日(12/16)は、再び僕の投皿になりたすが、ツヌルに関する情報共有を行っおいるTooling SGの掻動を玹介したす。

NCSOFT Is The Second Company To Announce Adoption Of ISO/IEC 5230, The International Standard For Open Source Compliance

By Featured

NCSOFT is the first global game company to formally announce conformance with ISO/IEC 5230:2020, the International Standard for open source license compliance. It is the second company in Korea to announce conformance to a version of the OpenChain specification after LG Electronics. This historic development underlines the global reach and value of the standard.

ISO/IEC 5230 is maintained by the OpenChain Project as OpenChain 2.1 and edited for ISO via the Joint Development Foundation OpenChain Working Group. ISO/IEC 5230 is supported by Arm, BMW CarIT, Bosch, Cisco, Comcast, Facebook, Fujitsu, Google, Hitachi, Microsoft, MOXA, OPPO, Panasonic, Qualcomm, Siemens, Sony, Toshiba, Toyota, Uber and Western Digital as governing board members, and a wide community of companies across three continents.

“The OpenChain Project has a long history in Korea and our local work group has provided great support to the project as we have grown,” says Shane Coughlan, OpenChain General Manager. “The announcement by NCSOFT today is a superb example of how companies can improve their processes to align with other companies across the market. It makes open source license compliance faster, more effective and more efficient.”

About NCSOFT

NCSOFT is a premiere digital entertainment company and global publisher with worldwide locations and more than 4,000 employees focused on bringing extraordinary games to life for millions of fans around the world. Established in 1997 and headquartered in Seoul, South Korea, we quickly became a key leader in online games. Best known for critically acclaimed franchises including Lineage, Aion, Guild Wars, and Blade & Soul, NCSOFT is also one of the world’s top mobile developers with Lineage 2M occupying the #1 grossing revenue slot on Google Play. Our core goal is making people in this world happier by delivering games that entertain a globally connected audience has remained the same. Our culture is innovative, creative, collaborative and impactful, and we are passionate about creating the best gaming experiences for our players. https://kr.ncsoft.com/en/index.do

About the OpenChain Project

OpenChain began when a group of open source compliance professionals met in a conference lounge and chatted about how so much duplicative, redundant open source license compliance work was being done inefficiently in the software supply chain simply. They realized that while each company did the same work behind the scenes in a different manner the output for downstream recipients could not realistically be relied on because there was no visibility into the process that generated the output.

The answer the early principles of this discussion arrived at was to standardize open source compliance, make it transparent and build trust across the ecosystem. The project began as outreach to the community with the idea of a new standard for open source license compliance with slides titled, “When Conformity is Innovative.” A growing community quickly recognized the value of this approach and contributed to the nascent collaboration soon named The OpenChain Project.

OpenChain Advent Calendar Day #14 – OpenChain Japan Working – Leaflet SubGroup

By News

This advent calendar has been created by our Japanese Work Group as part of their community outreach. We hope you enjoy their recap of compliance topics to end the year.

Leaflet SubGroupの掻動玹介 / Introduction of Leaflet SubGroup acts.

今幎も残すずころ埌半月ずなりたした。今日は、ネットワヌク・セキュリティ系の゚ンゞニアの経隓を掻かし、今は自瀟でオヌプン゜ヌスプログラムオフィスの䞀員ずしお、OpenChain Projectの掻動に参加させおいただいおいる小保田が、OpenChain Project 日本グルヌプのleafletグルヌプの掻動に぀いお、少しご玹介させおいただきたす。

Today, I would like to tell you about the activities of the leaflet group of the OpenChain Project Japan working group. I’m Norio Kobota who is now participating in the OpenChain Project activities as a member of the open source program office of my company, making use of my experience as an engineer in the network security field.

リヌフレットっお䜕? / What is the leaflet?

リヌフレットは、OpenChain ProjectのReference Materialから取埗可胜な、オヌプン゜ヌス゜フトりェアを取り扱う際の泚意事項に぀いお蚘述された簡単なガむドブックです。日本語版は、こちらのgithubより取埗できたす。
OpenChain Projectにおいおは圓初より、その゜フトりェアサプラむチェヌンにおけるOSSラむセンスコンプラむアンスの難しさが重芁芖されおおり、それを解決する䞀぀の手段ずしお、䌁業における様々な立堎の方々にずっお、分かり易い簡単なガむドブックが必芁だず、Japan Working Groupのメンバは考えたした。
その埌、グルヌプメンバヌの協力の元、2019/04 日本語版、2019/05 英語版をJapan Working Groupより提䟛するこずが出来たした。たた玠晎らしいこずに、このリヌフレットは䞖界䞭で必芁ずされるこずずなり、各囜のサブグルヌプの協力の元、今では、䞭囜語(繁䜓字、簡䜓字)、ベトナム語ぞの翻蚳も枈んでいたす。

The leaflet is a simple guide book which describes useful information when dealing with open source software, available from Reference Material of OpenChain Project. You can obtain the Japanese version from github here.
In the OpenChain Project, the difficulty of OSS license compliance in the software supply chain has been emphasized from the beginning, and the members of the Japan Working Group thought that as a means to solve this problem, a simple guidebook that is easy to understand for people in various positions in the enterprise was necessary.
After that, with the cooperation of the group members, we were able to provide the Japanese version 2019/04 and the English version 2019/05The great thing about this leaflet is that it has become global, and thanks to the cooperation of various subgroups, Chinese(Traditional and Simplified) and Vietnamese versions are now available here.

リヌフレットサブグルヌプっお䜕しおるの? / What are the activities of the leaflet subgroups.

リヌフレット䜜成が昚幎で䞀通り萜ち着いたこずもあり、䜕かドキュメントを䜜成したりずいった掻動は、最近は殆どありたせん。そのため、昚幎(2019)の掻動を少し、玹介させおいただきたいず思いたす。
分かり易いリヌフレットが䜜成できた、ずいう事実はずおも倧きなものですが、本来、私たちが掚進したいこず、必芁だず考えおいるこずは、その知識を持぀方々を増やすこずであり、倚くの方がガむドブックを必芁ずする時に利甚しおいただくこずです。その為、私たちは様々な講挔䌚などの堎に、リヌフレットを印刷しお持ちこみ、その目的ず必芁性を䌝えおいたす。
䟋えば、Linux Foundationが開催するOpen Source Summit/Embedded Linux Conferenceや、電子機噚の祭兞である、CES、果おは日本のほが裏偎で開催されたDebConf 2019など、それぞれが䞻業務などで参加する様々なむベントにこのリヌフレットを持ち蟌み、玹介するず共にリヌフレットの配垃を行っおいたす。

Because the creation of leaflets was settled last year, there are not many activities such as creating documents rececntly. For this reason, I would like to introduce the activities of (2019) last year.
The fact that we were able to create a leaflet that is easy to understand is a great achievement. However, what we think is really important is to increase the number of people with that knowledge, and to have many people use the guidebook when they need it. For this reason, we print leaflets for various lectures and introduce their purpose and necessity.
For example, the Open Source Summit/Embedded Linux Conference held by the Linux Foundation, CES which is a festival for electronic devices, and DebConf 2019, which was held in almost the other side of Japan, have introduced and distributed leaflets at various events attended by members of the Japan Working Group.

これから / Future

コロナ犍の圱響もあり、今は掻動自䜓は停滞䞭です。しかし、今埌たた執筆掻動や広報掻動を他のサブグルヌプず䞀緒に行っおいくず思いたすので、ご興味のある方は是非、ご参加ください。
明日は、忍頂寺さんによる、OpenChain Spec2.1の内容玹介 第4匟です。お楜しみに!

Due to the effects of the COVID-19, this subgroup activity itself is currently stagnating. However, I would like to invite you to join us. We will do some writing and public relations activities with other subgroups.
Tomorrow is OpenChain Spec2.1, 4th introduction by Ninjoji-san. Look forward to it!

OpenChain Advent Calendar Day #13 – Opensource for ALL

By News

This advent calendar has been created by our Japanese Work Group as part of their community outreach. We hope you enjoy their recap of compliance topics to end the year.

1. Introduction

Hello. I’m Masato ENDO.
Today, I would like to introduce the topics related to Promotion SG of OpenChain Japan WG.

As you can see in the article on December 6, we found that although awareness of the importance of OSS compliance is gradually increasing, each company is struggling to secure resources.
In order to secure resources, it is essential to promote the understanding of executives.
Therefore, the Japan Patent Office and the Cabinet Office created “Open source for ALL” as a tool to educate management about the importance of OSS itself, and released it in June.
I also participated as a member in the Expert Committee for the preparation of this material.
So, I would like to introduce it.

You can access the materials from the links below.(Sorry, Japanese only)

・ Executive Summary of enlightenment tools (presentation materials)
・ Detailed report

2. Background of realization

The beginning of the story was that in May 2019, I made a presentation at the Intellectual Property Headquarters Verification, Evaluation, and Planning Committee, which is a policy meeting of Japanese government.
At this time, Mr. Nakauchi of the current Imabari City officer, who was at the Intellectual Property Headquarters at that time, was interested in it, and a committee of experts was formed.
Therefore, we decided to create OSS enlightenment materials for managers, and we asked Mr. Shinozaki of PwC, who was selected as the secretariat based on discussions at the committee, to compile the materials.
It is assumed that this material will be used as it is or arranged for use in internal executives and symposiums in which executives participate.
This material is supported not only by Japanese companies but also by foreign companies such as Google, Microsoft, Qualcomm, and Siemens.
I introduced these companies to the Committee through OpenChain connection.

3. Interesting information

Here, I will pick up and introduce the topics that I found interesting from the report.
In this survey, we conducted a questionnaire to the executives of the system development and software development departments of large companies, mainly non-IT companies, and added analysis from various angles.
Among them, what I am paying attention to is the figure below that summarizes the answers to the question “Will the expansion of OSS utilization expand in the future?”
As the result, we can confirm that executives in almost all industries responded that they would “expand in the future.”
On the other hand, in this report “It became clear that the approach to OSS was individual-dependent and that activity was sluggish overall.”
From the perspective of promoting DX, it is thought that the issue for Japanese companies will be how to systematically handle OSS in the future.
Overseas, it is becoming a trend to establish OSPO (Open Source Compliance Office), which is a specialized organization that formulates OSS utilization strategies and rules regardless of the type of industry.
At OpenChain, we have accumulated the know-how of leading companies overseas and in Japan, so if you have a need to deepen understanding within the company, please let us know! The project will support you free of charge.
(I also explained the importance of OSS community activities to the CTO of a IT company in such a context.)

4. Tomorrow’s theme is …

Tomorrow, Kobota-san will introduce the activities of Leaflet SG, which is creating an enlightenment leaflet for OSS compliance.
This leaflet has been distributed free of charge at events around the world such as CES2020 and has been very well received.
Stay tuned!

1. はじめに

こんにちは。
䞉床登堎の遠藀です。
本日はOpenChain Japan WGのPromotion SG関連のトピックを玹介したす。

12/6の蚘事にもありたすように、OSSコンプラむアンスの重芁性ぞの認識は少しづ぀高たっおいるものの、
各瀟がリ゜ヌセスの確保に苊劎しおいるこずがわかりたした。
リ゜ヌセスを確保するためには、経営局の理解の促進が必須であるず蚀えたす。
そこで、経営局にOSSそのものの重芁性も含めた啓発を行うためのツヌルずしお「Opensource for ALL」を特蚱庁・内閣府が䜜成し、6月にリリヌスされたした。
私も委員ずしお本資料䜜成のための有識者委員䌚に参加したしたので、実珟の経緯も含め玹介させお頂きたす。

資料ぞは以䞋のリンクからアクセスできたす。

・啓発ツヌルプレれン資料のExective Summary
・詳现レポヌト

2. 実珟の経緯

話の発端は、2019幎の5月に私が政策䌚議である知的財産本郚怜蚌・評䟡・䌁画委員䌚でプレれンさせお頂いたこずです。この際、圓時知的財産本郚にいらっしゃった珟今治垂の䞭内さんに関心を持っお頂き、有識者委員䌚が結成されたした。
そこで経営者向けのOSS啓発資料を䜜ろうずいうこずになり、委員䌚での議論を基に、
事務局に遞出されたPwCの篠厎さん䞭心に資料をたずめお頂きたした。
この資料をそのたた、若しくはアレンゞしお瀟内の経営局や、経営局が参加するシンポゞりム等で利甚するこずを想定しおいたす。
本資料には日本䌁業だけでなく、GoogleやMicrosoft、Qualcomm、シヌメンスなどの倖囜䌁業にも協力頂いおたすが、
これらの䌁業はOpenChain぀ながりで私から事務局に玹介させお頂きたした。


出兞https://www.jpo.go.jp/resources/report/takoku/document/zaisanken_kouhyou/2019_06_2.pdf

3. 興味深い情報

基本的には䞊蚘リンクからレポヌトをご参照頂きたいず思いたすが、
ここではその䞭から私が興味深いず思ったペヌゞをピックアップしお玹介したす。
本調査では非IT䌁業を䞻ずする倧䌁業のシステム開発・゜フトり゚ア開発郚門の幹郚局ぞのアンケヌトを実斜し、
様々な角床から分析を加えおいたす。
その䞭で私が泚目しおいるのは、「OSSの利掻甚の拡倧が今床拡倧するか」ずいう質問に察する回答をたずめた䞋蚘の図です。

ex02.gif

出兞https://www.jpo.go.jp/resources/report/takoku/document/zaisanken_kouhyou/2019_06_1.pdf

これを芋るず、ほがすべおの業皮の幹郚が「今埌拡倧する」ずいう旚の回答を行っおいるこずがわかりたす。
その䞀方、本レポヌトでは
「OSSに察する取組が個人に䟝存し、か぀、党䜓ずしお掻動が䜎調であるこずが明らかずなった。」
ずいう蚘茉があり、DX掚進の芳点からも今埌いかにしお組織的にOSSに取り組んでいくのかが、日本䌁業の課題になっおいくず考えられたす。
海倖では業皮問わずOSSの利掻甚戊略策定やルヌル䜜りを行う専門組織であるOSPO(Open Source Compliance Office)を蚭眮するこずがトレンドになっおきおたす。
OpenChainでは、海倖や囜内の先進䌁業のノりハりを蓄積しおいたすので、瀟内の理解を深めたいずいうニヌズをお持ちの方は是非お声がけくださいプロゞェクトが無償で支揎いたしたす。
私も、そのような文脈で某IT䌁業のCTOにOSSコミュニティ掻動の重芁性をご説明させお頂いたこずもありたす。

4. 明日のテヌマは・・・

明日は、OSSコンプラの啓発リヌフレットを䜜成しおいるリヌフレットSGの掻動に぀いお小保田さんから玹介頂きたす。
このリヌフレットはCESなど䞖界䞭のむベントで無償配垃され、倧奜評頂いおいるものです。
乞うご期埅

OpenChain Advent Calendar Day #12 – Commentary of spec v2.1 vol.3, §3.2

By News

This advent calendar has been created by our Japanese Work Group as part of their community outreach. We hope you enjoy their recap of compliance topics to end the year.

OpenChain Specification v2.1, Clause 2.

Today I am writing about the third part of the OpenChain Specification v2.1 Chap 3.2 (that is under the ISO/IEC pending). If you want to know the OpenChain Spec
correctly, please read the original documents from the linke at the end of this page.

Chapter 3.2.1 is about dealing with external inquiries, and requires that a third party has a reasonable path to contact the organization for OSS license compliance, and that the organization is prepared to respond to such inquiries.

Chapter 3.2.2 is about resources. Adequate staffing and resources should be allocated to compliance program-related roles, legal experts should be assigned, and a process for resolving concerns should be maintained.

OSS license compliance will continue to become more important, but it is necessary to make executives aware of its importance in order to ensure resources are available.

Tomorrow, Mr. Endo of Promotion SG will share with us some examples of such educational activities conducted for the public and private entities.

Resources (Links) / 関連リンク

OpenChain Specification v2.1 の玹介 §3.2

本日は、ISO/IECに申請䞭のOpenChain Specification v2.1の䞭身の玹介第3匟2章です。著者の適圓な和蚳ですので、本栌的にOpenChain Specを知りたい方は巻末のリンクより原文をお読みください。

たた、このペヌゞから芋た方は OpenChain Japan Advent Calendar 2020 ã‚ˆã‚Šä»–の蚘事もご芧ください。他の章や関連する情報が曞かれおいたす。

§3.2 Relevant Tasks Defined and Supported

2章では、OSS に関連する業務の定矩ずそれを実行するための支揎に関する内容が曞かれおいたす。倧きくは2぀です。

§3.2.1 Access

2.1章は、”Access”ずいう章題で、倖郚からの問い合わせ察応に関する章です。

  1. 倖郚からOSSに関する問合せるための方法たずえば専甚のメヌルアドレスずかが公開されおいる。
  2. 問い合わせがあったずきにどう回答するかの手続きを芏定した文章が組織内郚にある。

ずいったこずが芏定されおいたす。぀たり、OSSラむセンスコンプラむアンスに関しお第䞉者がその組織にコンタクトできる合理的な手段があり、たたその組織が圓該問合せに察しおきちんず察応するように準備がされおいる必芁がありたす。

§3.2.1 Effectively resourced

2.2章は、”Effectively resourced”ずいう章題で、リ゜ヌスに関する章です。

コンプラむアンスプログラム関連圹割ぞの適切な人員・十分な掻動資源の割り圓お、法埋専門家のアサむン、懞案事項解決プロセスの敎備を行うこずが必芁です。
OSSラむセンスコンプラむアンスは今埌もより重芁になっおくるものであるず考えられたすが、リ゜ヌスを確保するためには、経営局にその重芁性を認識しお頂く必芁がありたす。぀たり、

  1. コンプラむアンスプログラムの業務が明確で確実に実行するために圹割担圓組織が決たっおいる
  2. 業務を実行する時間ず十分な予算が配分されおいる
  3. ポリシヌず支揎業務に関しお、レビュヌしお曎新するプロセスがある
  4. 必芁なずきにオヌプン゜ヌスのコンプラむアンスに぀いお法的な内容を話し合える専門家がいるすぐ話せる盞手がいる
  5. オヌプン゜ヌスのコンプラむアンス問題が発生した際に、それを解決するためのプロセスが芏定されおいる

ずいったこずを満たす必芁がありたす。

぀づく

明日は、そのような啓発掻動を官民で行った䟋に぀いお、Promotion SGの遠藀さんから玹介いただきたす。

OpenChain Advent Calendar Day #11 – OpenChain Japan WG – FAQサブグルヌプの玹介

By News

This advent calendar has been created by our Japanese Work Group as part of their community outreach. We hope you enjoy their recap of compliance topics to end the year.

Introduction of FAQ subgroup

Today, I would like to introduce the FAQ subgroup of the OpenChain Japan WG.

FAQ Subgroup Activities

The FAQ subgroup creates and publishes “common misunderstanding FAQs related to OSS licenses“, which is mainly targeted at beginners of OSS licenses.

The members of the FAQ subgroup are consist of those who are in charge of OSS license consultation and license compliance support at each company / organization, those who are not in charge but are volunteer-based, and those who are about to start studying OSS licenses or those who are just starting (<-this is important).

There are various QA candidates, such as those that the members actually consulted, those that the members wondered, and those that are generally misunderstood.

How to make QA

To create a QA, first create a base for Questions and Answers using Slack and give your opinion. After that, the QA will be finalized by making corrections at a meeting (which used to be actually gathered, but recently it is online in view of recent circumstances). (<- This is actually the most fun because we have a lot of opinions and discussions.) Then, after confirming with the attorney attorney, we will publish it.

In this way, each QA is verified and nurtured from the perspectives of various companies, organizations, and roles, so I think that the QA collection is relatively homogeneous and has few mistakes.

It’s been about 10 years since I was involved in OSS licensing, but I’m still studying through this FAQ subgroup every time. In particular, I often get noticed from the perspectives and opinions of companies whose business types are different from those of my company.
People who participated for the purpose of studying also commented, “I am studying because I am trying to convey it in an easy-to-understand manner.” and “I will be able to understand by listening to the discussion.” and so on.

Conclusion

It’s been about 10 years since I was engaged in OSS license compliance, but I still study through this FAQ subgroup every time. In particular, I often get noticed from the perspectives and opinions of companies whose business types are different from those of my company.
People who participated for the purpose of studying also commented, “I am studying because I am trying to convey it in an easy-to-understand manner.” and “I will be able to understand by listening to the discussion.” and so on.

If you are interested in the activities of the FAQ subgroup, please join us at any time. Those who want to participate by trial rather than immediately, and those who can not contribute much to the creation of FAQ but want to participate for study purposes are also welcome.
For details, please contact japan-sg-faq@lists.openchainproject.org.

FAQサブグルヌプの玹介

本日は、OpenChain Japan WGのFAQサブグルヌプに぀いおご玹介したす。

FAQサブグルヌプの掻動

FAQサブグルヌプはOSSのラむセンスの初心者を䞻なタヌゲットずした、「OSSラむセンス関連でよくある誀解FAQ」ずいうものを䜜成・公開しおいたす。

FAQサブグルヌプのメンバヌは、各所属䌁業・団䜓で日頃からOSSラむセンスに関する盞談察応やラむセンス遵守支揎を担圓業務ずしお行なっおいる方、本来の担圓業務ではないがボランティアベヌスで盞談察応されおいる方、そしお、これからOSSラむセンスを勉匷を始めようずしおいる方、たたは、始めたばかりずいう方←ここ重芁などで構成されおいたす。

むンプットずなるQAの候補も、メンバヌの方が実際に盞談を受けたもの、メンバヌの方が疑問に思ったもの、䞀般的に誀解されがちなものなどさたざたです。

QAの䜜りかた

QAの䜜り方は、たずSlack䞊でQuestionずAnswerのたたき台を䜜成、意芋出しをしたす。その埌、䌚合以前は実際に集たっおいたしたが 最近は昚今の事情を鑑みオンラむンですで再床揉みなおしおFIXしたす。←喧々諀々議論をかわすので実はここが䞀番楜しいそしお仕䞊げに匁護士の先生にご確認いただいたものを公開するずいう流れで行っおいたす。

このように䞀぀䞀぀のQAをさたざたな䌁業・団䜓・圹割の方の目線から怜蚌しお育おおいたすので、比范的均質で、たた間違いも少ないQA集にできおいるず思いたす。

おわりに

私自身、OSSラむセンスに関わるようになっお10幎ほど経ちたすが未だにこのFAQサブグルヌプを通じお毎回勉匷させおいただいおたす。特に自分の所属䌁業ず業皮業態が違う䌁業さんからの目線やご意芋から気づきをいただくこずが倚いです。
勉匷目的で参加いただいおいる方からも、「わかりやすく䌝える努力をしおいるので誀解が解けおいくような感じがしお勉匷になる。」、「聞いおなるほどず思う。」などのご感想をいただいおいたす。

FAQサブグルヌプの掻動に興味がある方はい぀でもご参加ください。どっぷり参加ではなくたずは様子芋したいずいう方や、FAQの䜜成にはあたり貢献できそうにないけど勉匷目的で参加したいずいう方も倧歓迎です。
詳しくは japan-sg-faq@lists.openchainproject.org ãŸã§ã€‚

OpenChain Advent Calendar Day #10 – Commentary of spec v2.1 vol.2, §3.1.4-3.1.5

By News

This advent calendar has been created by our Japanese Work Group as part of their community outreach. We hope you enjoy their recap of compliance topics to end the year.

Today, we will introduce the contents of the OpenChain spec v2.1 (Chapter 1.4-1.5).

Chapter 1.4 is about the scope of the OSS Compliance Program. Th e OSS compliance program gives you the freedom to choose whether it covers your entire organization or just some product lines.

Chapter 1.5 is a chapter on reviewing each OSS license within your organization. Organizations should establish a process for reviewing and documenting OSS license obligations, restrictions, and rights for each use case.
Reviewing OSS licenses in Chapter 1.5 is a very important task for an organization, but a difficult task for an unfamiliar organization.
Therefore, the FAQ subgroup of the Japan WG is working to publish “common misunderstanding FAQs related to OSS licenses” together.

Tomorrow we will introduce the activities of this FAQ subgroup.

本日は、OpenChain spec v2.1 の䞭身の玹介第2匟1.41.5章です。

1.4章は、OSSコンプラむアンスプログラムの察象範囲に関する章です。OSSコンプラむアンスプログラムは、組織党䜓を察象にしたり、䞀郚のプロダクトラむンのみを察象したりず、自由に察象範囲を遞択するこずができたす。

1.5章は、各OSSラむセンスの組織内でのレビュヌに関する章です。組織はナヌスケヌスに応じおOSSラむセンスの矩務、制玄、および暩利に぀いおレビュヌし、文曞ずしお蚘録するプロセスを定める必芁がありたす。
1.5章のOSSラむセンスのレビュヌは、組織にずっお非垞に重芁な業務ですが、慣れおいない組織にずっおは難易床が高い業務です。
そこで、Japan WGのFAQサブグルヌプでは「OSSラむセンス関連でよくある誀解FAQ」を纏めお公開する掻動を行っおいたす。

明日はこのFAQ SGの掻動を玹介したす。

OpenChain Advent Calendar Day #9 – The Need for Skills Standards on OSS Compliance

By News

This advent calendar has been created by our Japanese Work Group as part of their community outreach. We hope you enjoy their recap of compliance topics to end the year.

The research team in OpenChain Japan WG about OSS compliance made academic presentations at two conferences, “Intellectual Property Association of Japan” and “Japan Society for Research Policy and Innovation Management” in 2020.

Today, I would like to introduce the “Framework for Skill Standards on OSS Compliance” presented at “Intellectual Property Association of Japan”.

Necessity of skill standards for OSS compliance

Work related to OSS compliance is complex and needs to be carried out in cooperation with various departments in the company, such as development and intellectual property departments.

On the other hand, OSS-related tasks are often relatively new to the people in each department, and therefore, in order to promote human resource development, we have developed a systematic index to clarify and systematize the skills required to perform these tasks. In other words, we thought a “skill standard” was necessary.

The skill standard framework for OSS compliance

The table below shows the framework of skill standards about OSS compliance. On the left side, tasks related to OSS compliance are extracted for each of planning, development, and maintenance (operation) of the system, and on the right side, tasks to be handled by each department are organized.

In this presentation, we have only presented the overall picture above. In the future, we will further subdivide each task, and organize the skills required to perform each task and the evaluation method.

Finally

The OpenChain Specification 2.0, which was adopted by the ISO, also defines the roles, responsibilities, and suitability of personnel to achieve OSS compliance in Chapter 1.2, and specifies that the results of the suitability assessment must be retained. (Article link.)

However, OpenChain does not mention the specific items and indices of what roles each department should play and how to evaluate each person in charge, and it is left to each company to decide. We hope to create a tool that can be used to facilitate compliance work.

Tomorrow, Mr. Shima of FAQ SG will introduce the contents of chapter 1.4 to 1.5 in OpenChain.

Advent Calendar、2回目の登堎ずなる山田です。今回は、先日玹介した12/6に遠藀さんが投皿したOSSコンプラむアンスの調査に関連する話題を投皿したす。

OpenChain Japan WG Promotion SGの有志メンバヌを䞭心に立ち䞊げたOSSコンプラむアンスに぀いおの研究チヌムでは、2020幎に「日本知財孊䌚」ず「研究・むノベヌション孊䌚」の2぀の孊䌚で孊術発衚を行いたした。今日は、その䞭から日本知財孊䌚で発衚した「OSSコンプラむアンスに関するスキル暙準のフレヌムワヌク(党䜓マップ)」に぀いお玹介しようず思いたす。研究・むノベヌション孊䌚で行った発衚に関しおは、12/21の蚘事で土手さんから玹介いただく予定です

*Please scroll down for the English version.

OSSコンプラむアンスに関するスキル暙準の必芁性

OSSコンプラむアンスに関連する業務は耇雑か぀、開発郚門や知的財産郚門など瀟内の様々な郚眲が連携しお実斜する必芁があるため、各郚眲に属する担圓者が担うべき業務を適切に認識する必芁がありたす。

䞀方で、OSSに関する業務は各郚眲の担圓者にずっお比范的新しい業務であるこずが倚く、人材育成を掚進する䞊で、圓業務遂行に必芁ずされる胜力を明確化・䜓系化した指暙、即ち「スキル暙準」が必芁であるのではないかず考えたした。

既存のスキル暙準ずしおは、ITスキル暙準 、知財人材スキル暙準、暙準化人材スキル暙準などがありたすが、OSSコンプラむアンス業務のスキル暙準を策定するに圓たり、瀟内の関係者が郚眲の枠を超え連携し、さらに他瀟や業界団䜓等ず共に実斜するずいう共通点を持぀「暙準化人材スキル暙準」を参考に、OSSコンプラむアンス業務に関するスキル暙準策定の第䞀歩ずしお、業務遂行に必芁ずなる现分化された業務フェヌズを明確化し、スキル暙準フレヌムワヌクを䜜成し、その内容を発衚したした。

OSSコンプラむアンスに関するスキル暙準のフレヌムワヌク

䞋の衚が知財孊䌚で発衚したスキル暙準のフレヌムワヌクです。巊偎でシステムの䌁画開発保守運甚ごずにOSSコンプラむアンスに関連する業務を抜出し、右偎に各郚門ごずに担圓する業務を敎理した圢になりたす。

SharedScreenshot.jpg

今回の発衚では䞊蚘の党䜓像を提瀺するずころたでずなっおおり、今埌は各業務をさらに现分化し぀぀、各業務を実行するのに必芁な胜力やその評䟡方法などを敎理しおいくこずになりたす。

最埌に

今回ISOに採択された「OpenChain Specification 2.0」においおも、1.2章でOSSコンプラむアンスを実珟する人員の圹割ず責任および適性を定矩し、その適性評䟡の結果を保管する必芁があるず芏定しおいたす。蚘事リンクを貌る

ただし、各郚眲がどのような圹割を果たすべきか、各担圓者をどのように評䟡すべきかの具䜓的な項目や指暙に぀いおはOpenChainでは蚀及されおおらず、各瀟に委ねられおいる圢ずなりたす。OSSの利掻甚が䌁業の競争戊略に重芁ずなっおいる䞭、各瀟のOSSコンプラむアンス業務を円滑に進めるために利甚できるツヌルずしお掻甚しおもらえるものを䜜れればず思っおいたす。

明日はOpenChainの䞭身Specification玹介第2匟ずしお、FAQ SGの島さんから1.41.5章の内容に぀いお玹介いただきたす。明日以降もぜひOpenChain Japan Advent Calendar 2020をご芧ください

OpenChain Advent Calendar Day #8 – SWG掻動玹介(Education)

By News

This advent calendar has been created by our Japanese Work Group as part of their community outreach. We hope you enjoy their recap of compliance topics to end the year.

Yoshitaka Iwata of Hitachi, Ltd. will be on duty for the Advent calendar on December 8th. I am the leader of the “Educational Materials for Role” SWG of the Open Chain Japan WG. Thank you in advance.
By the way, what are you careful about when using OSS? Also, what kind of structure and content will you use when conducting education for using OSS within the company or team? What should software developers know to use OSS need? In order to answer these questions, I decided to think about what kind of educational materials would be good for each role related to OSS. The following content is, of course, based on the Open Chain specifications and curriculum.

  1. Collection and analysis of education cases
    It seems that some companies have been educating on OSS even before the establishment of Open Chain. Therefore, we investigated the system, target member, form (lectures, group training, e-learning, material browsing, etc.), timing, and the existence of the English version of four companies. We analyzed the table of contents of each education and the outline of chapters / sections, and summarized the structure for software developers. The structure example is as follows.
    (1) What is OSS?
    (2) Intellectual property rights
    (3) OSS license
    (4) OSS compliance program
    (5) Examination when introducing OSS
    (6) OSS review
    (7) OSS distribution
    (8) Summary
    (9) Contact information
    (10) References / organizations
    First of all, we targeted software developers because we thought that software developers would be the first to use OSS internally or within a team.
  2. Development of examples of specific educational materials
    Actually specific examples of educational materials for software developers were examined by the “Educational materials for Role” SWG.
    (1) What is OSS?
    Considering software developers who have never used OSS, how about telling them about general OSS definitions, usage examples of OSS in the target business (different for each business targeted by the company or team), the advantages and disadvantages of using OSS, and others?
    (2) Intellectual property rights
    In particular, intellectual property rights related to OSS include copyrights and patent rights. Since OSS is software, each OSS is copyrighted. Copyright means the right to modify, distribute, and copy. I hope you can explain these things in an easy-to-understand manner.
    (3) OSS license
    Why don’t you explain copyright rights obtained by the OSS license compliance(in other words, it is necessary to protect the OSS license in order to modify, distribute), examples of OSS licenses, permissive OSS licenses, copyleft and reciprocal OSS licenses, etc?
    (4) OSS compliance program
    The Open Chain specification recommends creating an OSS compliance program consisting of policies, processes, training, tools, etc. First, let’s share the policy for using OSS within the company and within the team. (The policy may differ depending on the use cases of target businesses.) Next, let’s show the organization related to OSS and the role of each member related to OSS. Then explain how OSS-related processes (OSS listing, OSS review, OSS distribution review) are incorporated into our software development process.
    (5) Examination at the time of introduction
    Let’s explain the points to be noted in the characteristics of the license and the points to be noted regarding intellectual property rights (patent rights, etc.).
    (6) OSS review
    Let’s explain the information collected in the OSS review, the content of the review, the available tools, and others.
    (7) OSS distribution
    Let’s explain what precess will be applied to distribute OSS in the target business form, including examples. Also, explain the implications of improper use of OSS and lack of license information in the software supply chain.
    (8) Summary
    (9) Contact information
    (10) References / organizations
    I think that (9) to (10) are effective for deepening the understanding of OSS within the company and the team.

Then, especially if (2) and (3) are explained to software by using analogy to legal terms that are common within the company and within the team, software developers will understand more easily. Also, in (4) to (7), if you explain by applying it to the system within the company or team and the software development process actually used, I think that you can deepen the understanding of software developers. Please devise.

An example of actual educational materials is shown in the markdown format at the following URL. Please refer to.
Https://github.com/OpenChain-Project/OpenChain-JWG/tree/master/Education_Material/Training/chapters

Tomorrow, tech_nomad_ will talk by the title “Framework for Skill Standards on OSS Compliance”. Among the roles related to the use of OSS, what kind of skills each person in each role should have is a difficult theme, isn’t it? I am also very interested in this theme and am looking forward to it.

月日のアドベントカレンダを担圓するのは、株匏䌚瀟 日立補䜜所の岩田です。Open Chain Japan WGの「圹割ごずの教育資料」SWGのリヌダを担圓しおいたす。宜しくお願いしたす。
 さお、皆さんはOSSを利甚する䞊で、䞀䜓䜕に気を付けおいたすか。又、瀟内やチヌム内でOSSを利甚するための教育を行う堎合、どんな構成、内容にするでしょう。OSSを利甚する゜フトりェア開発者は、どんな事を知っおおけば良いのでしょう。こんな疑問に答えるために、OSSに関係する圹割ごずにどんな教育資料が良いかを、考えおみる事にしたした。䞋蚘内容は、もちろんOpen Chainの仕様やカリキュラムを参考にしおいたす。

教育事䟋の収集ず分析
 Open Chainの蚭立前から、OSSに関する教育を実斜しおいる䌚瀟もある様です。そこで瀟から、教育の䜓系、察象者、圢態(講挔䌚集合研修e-learning資料閲芧他)タむミング、英語版有無、等を調べたした。各教育の目次、章/節の抂芁を分析し、゜フトりェア開発者向けの構成を纏めたした。その構成䟋は䞋蚘の通りです。
 (1)OSSずは
 (2)知的財産暩
 (3)OSSラむセンス
 (4)OSSコンプラむアンスプログラム
 (5)OSS導入時の怜蚎
 (6)OSSレビュヌ
 (7)OSS配垃
 (8)たずめ
 (9)問い合わせ先
 (10)参考文献団䜓
 先ずは、゜フトりェア開発者向けをタヌゲットにしたのは、OSSを瀟内やチヌム内で䞀番最初に利甚するのは゜フトりェア開発者であるず考えたからです。

具䜓的な教育資料の䟋の䜜成
 実際に具䜓的な、゜フトりェア開発者向けの教育資料の䟋を、「圹割ごずの教育資料」SWGで怜蚎しおみたした。
 (1)OSSずは
  OSSを䞀床も利甚した事が無い゜フトりェア開発者を意識しお、䞀般的なOSSの定矩や、察象ずしおいるビゞネス䞊でのOSSの利甚事䟋䌚瀟やチヌムが察象ずしおいるビゞネス毎に盞違、OSSを利甚するメリットやデメリット、他に぀いお教えおあげおはいかがでしょう。
 (2)知的財産暩
  特にOSSに関係する知的財産暩は、著䜜暩、特蚱暩がありたす。OSSは゜フトりェアなので、それぞれのOSSは著䜜暩で保護されおいおいたす。著䜜暩には、改倉、配垃(頒垃)、耇補する暩利がありたす。これらの事が、わかり易く説明出来るず良いですね。
 (3)OSSラむセンス
  OSSラむセンスを守る事で著䜜暩䞊で埗られる暩利蚀い換えれば、改倉、配垃(頒垃)するためにはOSSラむセンスを守る必芁があるずいう事、OSSラむセンスの䟋や、パヌミッシブなOSSラむセンス、コピヌレフト・互恵的なOSSラむセンスの特城、等を説明しおはどうでしょう。
 (4)OSSコンプラむアンスプログラム
  Open Chainの仕様では、ポリシヌ、プロセス、トレヌニングやツヌル等から成るOSSコンプラむアンスプログラムを䜜る事を掚奚しおいたす。先ずは、瀟内やチヌム内でOSSを利甚する䞊でのポリシヌを共有したしょう。ポリシヌは、察象ずするビゞネスのナヌスケヌス毎に異なるかもしれたせん。次に、OSSに関係する䜓制、それぞれのメンバヌがOSSに関係する圹割を瀺しおあげたしょう。それから、自分たちの゜フトりェア開発プロセスの䞭で、OSSに関係するプロセスOSSリスト䜜成、OSSレビュヌ、OSS配垃物確認がどの様に組み蟌たれおいるかを説明したしょう。
 (5)導入時の怜蚎
  ラむセンスの特城で泚意すべき点、知的財産暩特蚱暩他に関しお泚意すべき点、を説明したしょう。
 (6)OSSレビュヌ
  OSSレビュヌでの収集する情報ずレビュヌ内容、利甚可胜なツヌル、他に぀いお説明したしょう。
 (7)OSS配垃
  察象ずするビゞネス圢態の䞭で、その様にOSSが配垃されるかを、事䟋も含めお説明したしょう。又、゜フトりェアサプラむチェヌンの䞭で、OSSの䞍適切な利甚やラむセンス情報の䞍足がもたらす圱響に぀いお、説明しおおきたしょう。
 (8)たずめ
 (9)問い合わせ先
 (10)参考文献団䜓
  (9)(10)は、曎に瀟内やチヌム内でOSSに関する理解を深めるために有効だず考えおいたす。

 それから、特に(2)、(3)は、瀟内やチヌム内で共通しおいる法埋甚語の解釈を䜿うず、よりわかり易く゜フトりェア開発者に説明出来るかもしれたせん。又、(4)(7)では、瀟内やチヌム内の䜓制や、実際に䜿甚しおいる゜フトりェア開発工皋に圓おはめお説明するず、より゜フトりェア開発者の理解を深める事が出来るず思いたす。工倫しお䞋さい。
 
 実際の教育資料の䟋を、マヌクダりン圢匏で䞋蚘URLに瀺しおいたす。参考にしお䞋さい。
 https://github.com/OpenChain-Project/OpenChain-JWG/tree/master/Education_Material/Training/chapters
 
 明日は、tech_nomad_さんが、『論文チヌム(スキル暙準)』ずいうタむトルで語っおくれたす。OSSの利甚に関係する圹割の䞭で、それぞれの圹割の人がどういうスキルを持っおいた方が良いか、っおなかなか難しいテヌマですよね。私も倧倉興味あるテヌマで、楜しみにしおいたす。