Today at the launch event for openEuler 24.03 LTS it was announced that openEuler has adopted OpenChain ISO/IEC 18974, the international standard for open source security assurance. This announcement from the OpenAtom Foundation and the openEuler community builds on previous collaboration with the OpenChain Project and peers in the technology industry to promote effective, efficient supply chain management. The OpenChain Project, part of The Linux Foundation ecosystem, builds ISO standards, creates reference material for their adoption, and facilitates a diverse global community of organizations collaborating to improve open source process management.
“It’s a proud moment to announce the release of openEuler 24.03 LTS. This journey has been all about building a secure, compliant, and sustainable operating system community,” says Xiong Wei, Executive Director of openEuler. “Achieving ISO 18974 self-certification from OpenChain Project is a testament to our unwavering commitment to security and excellence. This certification recognizes our top-tier standards in development processes, software supply chain, risk assessment, management, and developer security capabilities. This milestone is not just a badge; it’s a reflection of the hard work, dedication, and collaboration within our community. I want to extend my heartfelt thanks to everyone involved in this journey. Your efforts have made this achievement possible.”
“openEuler’s adoption of OpenChain ISO/IEC 18974 is a significant milestone for the professionalization of open source software,” says Shane Coughlan, OpenChain General Manager. “The OpenChain standards are designed to support process management across organizations or communities of any scale, and the growing community of conformance around ISO 5230 for license compliance and ISO 18974 for security assurance validates that model. We are delighted to work closely with our partners in openEuler in building a more professional, sustainable and accountable supply chain.”
OpenAtom and openEuler have also released a case study explaining the benefit and impact of OpenChain ISO/IEC 18974 adoption.
About the openEuler Project
openEuler is an open source, free Linux distribution platform. The platform provides an open community for global developers to build an open, diversified, and architecture-inclusive software ecosystem.
About the OpenAtom Foundation
The OpenAtom Foundation is a non-profit organization dedicated to promoting the development of the global open source community. It was founded in Beijing in June 2020.
The OpenAtom Foundation is committed to being a developer-oriented open source project incubation platform as well as a technology public welfare service organization. It follows the principles of co-construction, co-governance, and sharing, systematically builds an open and collaborative framework, establishes an international open source community, facilitates industry collaboration, and empowers various industries.
About the OpenChain Project
The OpenChain Project has an extensive global community of over 1,000 companies collaborating to make the supply chain quicker, more effective and more efficient. It maintains OpenChain ISO/IEC 5230, the international standard for open source license compliance programs and OpenChain ISO/IEC 18974, the industry standard for open source security assurance programs
About The Linux Foundation
The Linux Foundation is the world’s leading home for collaboration on open source software, hardware, standards, and data. Linux Foundation projects are critical to the world’s infrastructure, including Linux, Kubernetes, Node.js, ONAP, PyTorch, RISC-V, SPDX, OpenChain, and more. The Linux Foundation focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.