Shane Coughlan

SAN FRANCISCO, Aug. 15, 2019 – Arm and Western Digital Corporation, Platinum Members of the OpenChain Project and key participants in the global supply chain, today announce conformance with the OpenChain Specification. Qualcomm Technologies, Inc., Platinum Member and founding contributor of the OpenChain Project, today announces expanded conformance to the latest version of the OpenChain Specification.

The OpenChain Project establishes trust in the open source from which software solutions are built. It accomplishes this by making open source license compliance simpler and more consistent. The OpenChain Specification defines inflection points in business workflows where a compliance process, policy or training should exist to minimize the potential for errors and maximize the efficiency of bringing solutions to market. The companies involved in the OpenChain community number in the hundreds. The OpenChain Specification is being prepared for submission to ISO and evolution from a growing de facto standard into a formal standard.

“At its core, Arm is an intellectual property company and our business is built on respecting IP rights,” says Carolyn Herzog, executive vice president and general counsel at Arm.  “Open source license compliance is a key component of that effort, and Arm’s conformance with the OpenChain Specification demonstrates its commitment to be a leader in this area.  Through that leadership, we hope to encourage others to explore this path as a mechanism for license compliance.”

“Qualcomm Technologies has been engaged with the OpenChain Project since its inception,” says Dave Marr, Chair of the OpenChain Governing Board and Vice President and Legal Counsel, Qualcomm Technologies, Inc. “Our goal has always been to ensure open source compliance is accessible to all sizes of organizations and to support an efficient, transparent supply chain. By becoming OpenChain Specification 2.0 Conformant, we are underlining our commitment to continual improvement as a company and our broader support of great open source compliance processes across the industry.” 

“We are excited at the evolution of the OpenChain Project over the last two years and particularly at its growing acceptance in the industry,” says Alan Tse, Associate General Counsel at Western Digital. “Working with other industry leaders to develop OpenChain has been an important initiative for Western Digital. It will be a key resource for compliance that also furthers the open source spirit of joint sharing and learning.  By conforming to the OpenChain Specification, we hope to lead by example, build momentum throughout our supply chain, and show our commitment to open source as a community and ecosystem.”

“Arm, Qualcomm and Western Digital have been pivotal in bringing the OpenChain Project to maturity,” says Shane Coughlan, OpenChain General Manager. “Our announcement today underlines both their continued commitment to our industry standard and a further illustration of its suitability for companies of different sizes in different markets. This is also excellently illustrated by the pioneering activity of Qualcomm in pursuing conformance with the latest version of the OpenChain Specification. We look forward to our next steps, including the evolution of our de facto standard into a formal ISO standard, and the continued growth of the OpenChain community of conformance.”

About Arm 

Arm technology is at the heart of a computing and connectivity revolution that is transforming the way people live and businesses operate. Our advanced, energy-efficient processor designs have enabled intelligent computing in more than 150 billion chips and our technologies now securely power products from the sensor to the smartphone and the supercomputer. In combination with our IoT device, connectivity and data management platform, we are also enabling customers with powerful and actionable business insights that are generating new value from their connected devices and data. Together with 1,000+ technology partners we are at the forefront of designing, securing and managing all areas of compute from the chip to the cloud.

About Qualcomm  

Qualcomm invents breakthrough technologies that transform how the world computes, connects and communicates. When we connected the phone to the Internet, the mobile revolution was born. Today, our inventions are the foundation for life-changing products, experiences, and industries. As we lead the world to 5G, we envision this next big change in cellular technology spurring a new era of intelligent, connected devices and enabling new opportunities in connected cars, remote delivery of health care services, and the IoT — including smart cities, smart homes, and wearables. Qualcomm Incorporated includes our licensing business, QTL, and the vast majority of our patent portfolio. Qualcomm Technologies, Inc., a wholly-owned subsidiary of Qualcomm Incorporated, operates, along with its subsidiaries, substantially all of our engineering, research and development functions, and substantially all of our products and services businesses, including the QCT semiconductor business. For more information, visit Qualcomm’s website, OnQ blog, Twitter and Facebook pages.

About Western Digital 

Western Digital^® creates environments for data to thrive. As a leader in data infrastructure, the company is driving the innovation needed to help customers capture, preserve, access and transform an ever-increasing diversity of data. Everywhere data lives, from advanced data centers to mobile sensors to personal devices, our industry-leading solutions deliver the possibilities of data. Western Digital^® data-centric solutions are comprised of the Western Digital, G-Technology™, SanDisk^®, and WD^® brands.

About the OpenChain Project

The OpenChain Project builds trust in open source by making open source license compliance simpler and more consistent. The OpenChain Specification defines a core set of requirements every quality compliance program must satisfy. The OpenChain Curriculum provides the educational foundation for open source processes and solutions, whilst meeting a key requirement of the OpenChain Specification. OpenChain Conformance allows organizations to display their adherence to these requirements. The result is that open source license compliance becomes more predictable, understandable and efficient for participants of the software supply chain.

About The Linux Foundation

The Linux Foundation is the organization of choice for the world’s top developers and companies to build ecosystems that accelerate open technology development and industry adoption. Together with the worldwide open source community, it is solving the hardest technology problems by creating the largest shared technology investment in history. Founded in 2000, The Linux Foundation today provides tools, training and events to scale any open source project, which together deliver an economic impact not achievable by any one company. More information can be found at www.linuxfoundation.org.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage. 

Linux is a registered trademark of Linus Torvalds.

Media Contact
Shane Coughlan
+818040358083
coughlan@linux.com

Great Open Source Compliance For Everyone – Version 11 are introduction slides for the OpenChain Project with extensive speaker notes. They are intended to both provide context for the OpenChain industry standard and to enable anyone to help share the purpose, value and outcomes of the project and community.

Great Open Source Compliance For Everyone – Version 11 from Shane Coughlan

For slides, guides, and more documents, visit the OpenChain Reference Library.

Will you join our first OpenChain China workshop on 25th September @ Huawei in Shenzhen? Please let us know before the 6th of September.

We will have a quick global update, we will have short case studies from Chinese and other companies. We will have panel and open discussions. Everything user companies, informal and safe space to talk. 

• 13:00~13:10 “State of the Union” by Shane in English
• After this everything is in Chinese (same for Japan and Korea, Japanese and Korean respectively…we need local languages to solve local challenges!)
• 13:10~14:00 Five minute case studies – Quick overviews of open source compliance from 7~8 companies in China, US, Europe, Japan and Korea
• (If we have Japanese guests some of the case studies might be in English)
• 14:00~14:30 Networking break!
• 14:30~15:15 five minute case studies – quick overview of open source compliance from three Chinese companies 
• 15:15~16:00 Panel and room: the threats and challenges we see today 
• 16:00~16:30 Networking break!
• 16:30~17:00 Panel and room: what we can do to support Chinese companies 

If you would like to attend please send us your name, company and cellphone number.

This is a reminder that the OpenChain Project will host a workshop on the 20th of August adjacent to the Linux Foundation Legal Summit and Open Source Summit North America. 

The workshop begins with an OpenChain Board meeting from 14:00-15:30. This board meeting is for board members and invited guests only.

From 15:30 we open to everyone with our Steering Committee Meeting. This will be followed by a work team discussion from 16:00-17:00. Key topics will be our ISO version of the OpenChain Specification and our improved reference documentation.

The workshop has proven to be so popular that we are already on waitlist!

Add yourself to the list through the LF Events website

• https://events.linuxfoundation.org/events/open-source-summit-north-america-2019/program/co-located-events/

OpenChain will be featured at the forthcoming TechMatrix Seminar on open source compliance to be held in Tokyo on the 4th of September. This event will include case studies from Olympus, FOSSID and TechMatrix.

開催日程	2019年9月4日(水)　14:00～17:30 (開場 13:40)
開催場所	東京コンファレンスセンター・品川 406 〒108-0075 東京都港区港南 1-9-36 アレア品川 3F-5F 地図  JR品川駅港南口（東口）より徒歩2分

Learn More

• https://www.techmatrix.co.jp/es/seminar/fossid_201190904.html

SZ Lin and his colleagues at MOXA will actively promoting the OpenChain Project via their sponsorship and their physical presence at the Taiwanese COSCUP Conference on the 17th and 18th of August.

MOXA are well known for their work around complex technologies like the Civil Infrastructure Platform (CIP) and for their on-going engagement with OpenChain. SZ Lin was recently at the OpenChain Japan Work Group to present on their experiences and (top secret) we have begun discussions about when the OpenChain Taiwan Work Group can formally start.

Learn More about the Event:

• https://blog.coscup.org/2019/08/moxa.html (Chinese)

Fukuchi San from Sony will be sharing ‘Experiences Building a Local Open Source Community via the OpenChain Project’ on Tuesday, October 29 @ 11:30 during Open Source Summit Europe.

“This session shares challenges that were encountered and lessons that were learned working together as a new local open source community around the OpenChain project in Japan. The OpenChain project is dedicated to building trust in software supply chains. The project prepares specifications, conformance evaluations and curriculum to promote OSS compliance. In Japan, we have been building a local workgroup(Japan WG) of the project since 2017. A local workgroup gives non-native English speakers the opportunity to have easier and deeper discussions in their native language. While we communicate internally in Japanese, Japan WG communicates with the global community in English. OSS compliance is not an area where companies compete, but rather benefits greatly from inter-organization collaboration. Japan WG provides real solutions for business. Now that they are aware of the value of collaboration, over 150 people from over 60 companies across automotive, CE and IT industries work together.”

Learn More

• https://sched.co/TLG2

Paul McAdam, Director at Source Code Control, will be hosting a workshop exploring the Equifax scandal. This hack resulted in costing more than $4bn yet was started by a failure to manage a single Open Source component. His workshop will focus on three practical matters:

• An understanding of Open Source components
• OpenChain – a future standard in managing open source in order to protect your supply chain
• The importance of technical due diligence

Paul McAdam is well known in the UK IT industry as Director of Open Source Management specialists, Source Code Control, but also for his roles at Microsoft. Paul was the Chief of Staff at Microsoft UK preceded by leading the SAM engagement team for 4 years. He was involved in the creation of key initiatives such as settlement with cloud and SAM Managed Services as well as earlier versions of ISO 19770 and the Microsoft Licensing exams. Prior to Microsoft, he was an IT infrastructure manager at AstraZeneca in the UK and for 2 years in the US. Paul is also the chairperson for the charity Sport In Mind.

Learn More About the Event

• https://conference.techexeter.uk/speakers/paul-mcadam

The OpenChain Japan Work Group has announced the latest participation metrics. The recent meeting #10 hosted by Fujitsu had 84 individuals from 44 companies in attendance, marking our largest main event yet. Meanwhile, the OpenChain Japan mailing list continues to grow, with 159 participants from 68 companies subscribed.

All parties are welcome to join the OpenChain Japan Work Group mailing lists and meetings. You can get started by visiting the dedicated wiki page listed below.

Learn More About the Japan Work Group

• https://wiki.linuxfoundation.org/openchain/openchain-japanese-working-group

The OpenChain Korea Work Group has announced details of their forthcoming third meeting on Wednesday the 4th of September 2019. It will take place from 3pm in the B1 meeting room on the 19th floor of SK T Tower.

This meeting will be held in Korean. All parties from open source user companies are welcome to attend.

Venue Information

• B1 meeting room on the 19th floor of SK T Tower (https://goo.gl/maps/7MHev7Ja6GXZ1EMH8)

More Information about the Korean Work Group

• https://wiki.linuxfoundation.org/openchain/openchain-korean-working-group