Skip to main content
All Posts By

Shane Coughlan

Shane Coughlan is an expert in communication, security and business development. His professional accomplishments include spearheading the licensing team that elevated Open Invention Network into the largest patent non-aggression community in history, establishing the leading professional network of Open Source legal experts and aligning stakeholders to launch both the first law journal and the first law book dedicated to Open Source. Shane has extensive knowledge of Open Source governance, internal process development, supply chain management and community building. His experience includes engagement with the enterprise, embedded, mobile and automotive industries.

Introducing The OpenChain Interviews

By News

The OpenChain Project is delighted to announce the launch of a series of interviews about the people behind our work. While open source is mostly about software, and governance is mostly about licenses, it is also the story of thousands of individuals collaborating. We hope these interviews with inform and inspire our readers, and encourage more people to participate in open source and OpenChain.

Kayoko Takanishi from TUV SUD has kindly agreed to be our first featured community figure.

Read Our First Interview Now

OpenChain Specification – ISO Draft Review Process

By News

The latest draft of the next version of OpenChain Specification can be found here:

Our objective is to make only minor clarification changes over version 2.0  while we wait for ISO adoption (currently in progress). We discussed a half dozen items posted on the specification issue list at the Open Source Summit, North American F2F OpenChain meeting.

Get this guide and many more documents in the OpenChain Reference Library.

After discussing the various open issues we decided to make only one minor change:

Because the terms “Software Staff” and “Program Participants” where used interchangeable in the spec, it was decided to replace each use of “Software Staff” with “Program Participants” which is more consistent with ISO terminology. 

Coming Next

We will continue to accept feedback for ISO version 2.1 up through October 31st 2019. We will have one more F2F meeting at the Open Source Summit, Europe in October. We will finalize the ISO 2.1 version in November 2019. We will then embark on the next major revision of the specification starting December 1st 2019.

Your Feedback is Welcome Via

OpenChain Newsletter #28

By Monthly Newsletter, News

Newsletter – Issue 28 – August 2019


Arm and Western Digital Corporation, Platinum Members of the OpenChain Project and key participants in the global supply chain, today announce conformance with the OpenChain Specification. Qualcomm Technologies, Inc., Platinum Member and founding contributor of the OpenChain Project, today announces expanded conformance to the latest version of the OpenChain Specification.

OpenChain @ Partners

The OpenChain Project is delighted to announce that PwC Germany is the latest OpenChain Partner organization. The OpenChain Project has a diverse, global partner network that is expanding rapidly across multiple continents. This supports our mission to ensure every organization of every size can adopt our industry standard.

OpenChain @ Case Studies

The OpenChain Project is delighted to announce the immediate availability of our latest case study. This case study explains how third party certification works in the context of the OpenChain Project. This optional process, involving an audit of conformance by a third party, can be used by companies that want to obtain a formal certificate of conformance to our industry standard.

OpenChain @ In The News

On August 29th 2019 the OpenChain Project was featured in a blog post by Mark Gisi about how OpenChain certification aids open-source transparency for identifying security vulnerabilities.

OpenChain @ Events

OpenChain @ TechExeter Conference on 11th Sept 2019
Paul McAdam, Director at Source Code Control, will be hosting a workshop exploring the Equifax scandal. This hack resulted in costing more than $4bn yet was started by a failure to manage a single Open Source component.

OpenChain Talk Announced for Open Source Summit Europe – 29th October
Fukuchi San from Sony will be sharing ‘Experiences Building a Local Open Source Community via the OpenChain Project’ on Tuesday, October 29 @ 11:30 during Open Source Summit Europe.

OpenChain Actively Promoted @ COSCUP Taiwan Thanks to MOXA – 17-18 August
SZ Lin and his colleagues at MOXA will actively promoting the OpenChain Project via their sponsorship and their physical presence at the Taiwanese COSCUP Conference on the 17th and 18th of August.

OpenChain @ TechMatrix Open Source Seminar Tokyo – 4th September
OpenChain will be featured at the forthcoming TechMatrix Seminar on open source compliance to be held in Tokyo on the 4th of September. This event will include case studies from Olympus, FOSSID and TechMatrix.

Open Source Compliance Workshop Taipei 2019
On Friday the 27th of September the OpenChain Project, Open Culture Foundation and OSLN.tw will host an open source compliance workshop in the heart of Taipei. This event will focus on practical business solutions to open source compliance management. All parties are welcome to attend.

OpenChain @ Work Groups

The outcomes of the 10th meeting of the OpenChain Japan Work Group on the 16th of July are now available. We had 84 participants from 44 companies present, including our special guest SZ Lin from MOXA, Taiwan.

The OpenChain Project regular First Monday call video minutes are now available:

The OpenChain Japan Work Group has announced the August Meeting Schedule. Four Sub-Groups will convene to discuss milestones. Outcomes will be presented at the 11th OpenChain Japan Work Group event on September 19th at the Olympus offices. These meetings will be held in Japanese and everyone is welcome to join.

The OpenChain Korea Work Group has announced details of their forthcoming third meeting on Wednesday the 4th of September 2019. It will take place from 3pm in the B1 meeting room on the 19th floor of SK T Tower. This meeting will be held in Korean. All parties from open source user companies are welcome to attend.

The OpenChain Japan Work Group has announced the latest participation metrics. The recent meeting #10 hosted by Fujitsu had 84 individuals from 44 companies in attendance, marking our largest main event yet. Meanwhile, the OpenChain Japan mailing list continues to grow, with 159 participants from 68 companies subscribed. All parties are welcome to join the OpenChain Japan Work Group mailing lists and meetings. 

The OpenChain Project will host a workshop on the 20th of August adjacent to the Linux Foundation Legal Summit and Open Source Summit North America. 

The OpenChain China Work Group confirmed their first meeting. It will be held on 25th of September @ Huawei in Shenzhen

Mishi Choudhary & Associates, the India law firm partner of OpenChain Project, is hosting the first OpenChain India Working Group Meet-Up in Bengaluru on September 7, 2019.

On the 13th of August the OpenChain Tooling Work Group held their first meeting.

The OpenChain Korea Work Group has announced details of their forthcoming third meeting on 4th of September 2019. It will take place from 3pm at Korea Telecom in Seoul.

OpenChain @ Materials and Case Studies

Great Open Source Compliance For Everyone – Version 11 are introduction slides for the OpenChain Project with extensive speaker notes. They are intended to both provide context for the OpenChain industry standard and to enable anyone to help share the purpose, value and outcomes of the project and community.

OpenChain Case Study: Third Party Certification

By News

The OpenChain Project is delighted to announce the immediate availability of our latest case study. This case study explains how third party certification works in the context of the OpenChain Project. This optional process, involving an audit of conformance by a third party, can be used by companies that want to obtain a formal certificate of conformance to our industry standard.

Read the Case Study Online

Download the Case Study as a PDF

OpenChain Tooling Work Group Meeting #1 – Outcomes, August 13th 2019

By News

The minutes are below. The slides discussed during the meeting are presented here as well for reference.

Meeting Minutes of Kickoff meeting open source tooling for open source compliance work group
Date / Time 13th of August 0900-10:00 am and 06:00-07:00 pm
Agenda:
1. introduction and expectations                   All
2. Vision                                                        All
3. Introduction of the existing work               Oliver
4. Next steps                                                All
5. Fixed meeting dates/times                        Oliver

2. Expectations regarding the work results (condensed list):
*         Working together in an open, transparent, honest way
*         Friendly collaboration without hidden agenda

Oliver presented his long term vision of an integrated toolchain covering the “supporting processes – like OSS – contribution process, ECC classification, security vulnerability management, OSS-selection process, OSS-compliance process”. He asked about opinions on that view. Participants expressed that the long term vision makes sense.

The big picture of an integrated OSS Compliance toolchain was presented and explained. Based on this  the work areas were named
*            Identify the functional blocks required
*            Identify the workflows
*            Identify the required data and data flows
*            Implement provide the needed APIs (as contributions)
*            Provide the glue Code
*            Provide easy to deploy building blocks
*            Documentation
*            Spread the word

All participants agreed on a regular meeting interval of
Date: 1st and 3rd Wednesday of the month
Time: 0900-10:00 am and 06:00-07:00 pm German time
Oliver will send the invitations

PwC Germany is the Latest OpenChain Partner

By News

The OpenChain Project is delighted to announce that PwC Germany is the latest OpenChain Partner organization. The OpenChain Project has a diverse, global partner network that is expanding rapidly across multiple continents. This supports our mission to ensure every organization of every size can adopt our industry standard.

While many companies want to use our free reference material and self-certification service, other companies want to collaborate with law firms, consultancies and certification authorities. We are fortunate to work with some of the very best.

How It Works

OpenChain Partners are law firms, consultancies and certification authorities with experience in open source and engagement with the OpenChain Project community.

Users can approach any of the partners listed on our website with an expectation of excellent service provision. We seek partners with a focus on excellence and a positive, thoughtful approach focused on building long-term relationships.

Learn More

You can learn more by contacting Shane Coughlan, OpenChain General Manager, at coughlan@linux.com.

OpenChain India Work Group – First Meeting Sept 7th @ Begaluru

By News

Mishi Choudhary & Associates, the India law firm partner of OpenChain Project, is hosting the first OpenChain India Working Group Meet-Up in Bengaluru on September 7, 2019. Tech-companies building or using products on open source and entities interested in learning more about open source compliance are expected to participate in the meeting. The event will also include a session on data protection and India’s anticipated data protection legislation.

“The OpenChain Project builds trust in open source by making compliance simpler and more consistent. This working group meet will provide a powerful platform for learning and exchange of ideas on open source compliance to India’s vibrant open source community and participants of software supply chain,” said Mishi Choudhary, Managing Partner, Mishi Choudhary & Associates.

Date

  • 7th September, 2019 (Saturday)

Venue:

  • Pool Side Lounge, Hotel Royal Orchid,
  • 01 Golf Avenue, Adjoining KGA Golf course, HAL Airport Road, Kodihalli, Begaluru.
  • Tel : +91 80 4178 3000

Time

  • 10:00 am to 12:30 pm

Learn More

OpenChain: Open Source Compliance Workshop Taipei 2019 / 2019台北開源合規工作坊

By News

On Friday the 27th of September the OpenChain Project, Open Culture Foundation and OSLN.tw will host an open source compliance workshop in the heart of Taipei. This event will focus on practical business solutions to open source compliance management. All parties are welcome to attend.

Location地點

  • 屋脊 Wooji Event Space / 台北市松山區敦化北路145巷12號2樓
  • Wooji Event Space, 2F., No.12, Ln. 145, Dunhua N. Rd., Songshan Dist., Taipei City

Language 語言

This workshop will be held mainly in English.
這次的工作坊將以英文為主要語言來進行。

Agenda 議程

09:30-10:00 |     Check-In

10:00-10:30 |     御貓之術-開源管理的痛腳之處 / Herding Cats - Manage the FOSS on Licenses as Business Intelligence (Mandarin)
Lucien C.H. Lin (林誠夏)

10:30-11:00 |     Open Source Compliance State of the Union (English) 
Shane Coughlan

11:00-11:20 |     Break

11:20-11:50 |     Introduction of OpenChain Japan workgroup – an inter-organizational collaboration (English) 
Hiroyuki Fukuchi, Shinsuke Kato

11:50-12:20 |     3000多個成員加入支持OIN,搞什麼!! (Mandarin)
Kevin Huang (黃鴻文)

12:20-14:00 |     Lunch Break

14:00-14:30 |     History and Look back of OSS Compliance in Panasonic (English)
Shinsuke Kato

14:30-15:00 |     Introduction of OSS In-house Community of Sony (English)
Satoru Ueda

15:00-15:20 |     Break

15:20-15:50 |     Open Source Journey in Moxa - Build up Open Source Office in Hardware Manufacture Company (Mandarin)
SZ Lin (林上智)

15:50-16:50 |     Panel Discussion: Open Source Compliance in practice (English)
Shane Coughan (Host), Satoru Ueda, Shinsuke Kato, SZ Lin (林上智)

Learn More

Arm, WDC and Qualcomm Announce OpenChain Conformance Activities

By News

SAN FRANCISCO, Aug. 15, 2019 – Arm and Western Digital Corporation, Platinum Members of the OpenChain Project and key participants in the global supply chain, today announce conformance with the OpenChain Specification. Qualcomm Technologies, Inc., Platinum Member and founding contributor of the OpenChain Project, today announces expanded conformance to the latest version of the OpenChain Specification.

The OpenChain Project establishes trust in the open source from which software solutions are built. It accomplishes this by making open source license compliance simpler and more consistent. The OpenChain Specification defines inflection points in business workflows where a compliance process, policy or training should exist to minimize the potential for errors and maximize the efficiency of bringing solutions to market. The companies involved in the OpenChain community number in the hundreds. The OpenChain Specification is being prepared for submission to ISO and evolution from a growing de facto standard into a formal standard.

“At its core, Arm is an intellectual property company and our business is built on respecting IP rights,” says Carolyn Herzog, executive vice president and general counsel at Arm.  “Open source license compliance is a key component of that effort, and Arm’s conformance with the OpenChain Specification demonstrates its commitment to be a leader in this area.  Through that leadership, we hope to encourage others to explore this path as a mechanism for license compliance.”

“Qualcomm Technologies has been engaged with the OpenChain Project since its inception,” says Dave Marr, Chair of the OpenChain Governing Board and Vice President and Legal Counsel, Qualcomm Technologies, Inc. “Our goal has always been to ensure open source compliance is accessible to all sizes of organizations and to support an efficient, transparent supply chain. By becoming OpenChain Specification 2.0 Conformant, we are underlining our commitment to continual improvement as a company and our broader support of great open source compliance processes across the industry.” 

“We are excited at the evolution of the OpenChain Project over the last two years and particularly at its growing acceptance in the industry,” says Alan Tse, Associate General Counsel at Western Digital. “Working with other industry leaders to develop OpenChain has been an important initiative for Western Digital. It will be a key resource for compliance that also furthers the open source spirit of joint sharing and learning.  By conforming to the OpenChain Specification, we hope to lead by example, build momentum throughout our supply chain, and show our commitment to open source as a community and ecosystem.”

“Arm, Qualcomm and Western Digital have been pivotal in bringing the OpenChain Project to maturity,” says Shane Coughlan, OpenChain General Manager. “Our announcement today underlines both their continued commitment to our industry standard and a further illustration of its suitability for companies of different sizes in different markets. This is also excellently illustrated by the pioneering activity of Qualcomm in pursuing conformance with the latest version of the OpenChain Specification. We look forward to our next steps, including the evolution of our de facto standard into a formal ISO standard, and the continued growth of the OpenChain community of conformance.”

About Arm 

Arm technology is at the heart of a computing and connectivity revolution that is transforming the way people live and businesses operate. Our advanced, energy-efficient processor designs have enabled intelligent computing in more than 150 billion chips and our technologies now securely power products from the sensor to the smartphone and the supercomputer. In combination with our IoT device, connectivity and data management platform, we are also enabling customers with powerful and actionable business insights that are generating new value from their connected devices and data. Together with 1,000+ technology partners we are at the forefront of designing, securing and managing all areas of compute from the chip to the cloud.

About Qualcomm  

Qualcomm invents breakthrough technologies that transform how the world computes, connects and communicates. When we connected the phone to the Internet, the mobile revolution was born. Today, our inventions are the foundation for life-changing products, experiences, and industries. As we lead the world to 5G, we envision this next big change in cellular technology spurring a new era of intelligent, connected devices and enabling new opportunities in connected cars, remote delivery of health care services, and the IoT — including smart cities, smart homes, and wearables. Qualcomm Incorporated includes our licensing business, QTL, and the vast majority of our patent portfolio. Qualcomm Technologies, Inc., a wholly-owned subsidiary of Qualcomm Incorporated, operates, along with its subsidiaries, substantially all of our engineering, research and development functions, and substantially all of our products and services businesses, including the QCT semiconductor business. For more information, visit Qualcomm’s website, OnQ blog, Twitter and Facebook pages.

About Western Digital 

Western Digital® creates environments for data to thrive. As a leader in data infrastructure, the company is driving the innovation needed to help customers capture, preserve, access and transform an ever-increasing diversity of data. Everywhere data lives, from advanced data centers to mobile sensors to personal devices, our industry-leading solutions deliver the possibilities of data. Western Digital® data-centric solutions are comprised of the Western Digital, G-Technology™, SanDisk®, and WD® brands.

About the OpenChain Project

The OpenChain Project builds trust in open source by making open source license compliance simpler and more consistent. The OpenChain Specification defines a core set of requirements every quality compliance program must satisfy. The OpenChain Curriculum provides the educational foundation for open source processes and solutions, whilst meeting a key requirement of the OpenChain Specification. OpenChain Conformance allows organizations to display their adherence to these requirements. The result is that open source license compliance becomes more predictable, understandable and efficient for participants of the software supply chain.

About The Linux Foundation

The Linux Foundation is the organization of choice for the world’s top developers and companies to build ecosystems that accelerate open technology development and industry adoption. Together with the worldwide open source community, it is solving the hardest technology problems by creating the largest shared technology investment in history. Founded in 2000, The Linux Foundation today provides tools, training and events to scale any open source project, which together deliver an economic impact not achievable by any one company. More information can be found at www.linuxfoundation.org.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage

Linux is a registered trademark of Linus Torvalds.

Media Contact
Shane Coughlan
+818040358083
coughlan@linux.com

OpenChain Introduction Slides – Latest Version Now Available – Version 11

By News

Great Open Source Compliance For Everyone – Version 11 are introduction slides for the OpenChain Project with extensive speaker notes. They are intended to both provide context for the OpenChain industry standard and to enable anyone to help share the purpose, value and outcomes of the project and community.

For slides, guides, and more documents, visit the OpenChain Reference Library.