Skip to main content
All Posts By

Shane Coughlan

Shane Coughlan is an expert in communication, security and business development. His professional accomplishments include spearheading the licensing team that elevated Open Invention Network into the largest patent non-aggression community in history, establishing the leading professional network of Open Source legal experts and aligning stakeholders to launch both the first law journal and the first law book dedicated to Open Source. Shane has extensive knowledge of Open Source governance, internal process development, supply chain management and community building. His experience includes engagement with the enterprise, embedded, mobile and automotive industries.

OpenChain Newsletter #17

By Monthly Newsletter

Newsletter – Issue 17 – September 2018

Introduction

The OpenChain Project has active bi-weekly calls and a great mailing list that provide the “nuts and bolts” of our community activity. These are joined by various releases of documents and announcements of OpenChain-related events throughout each month. In September the big news was the appointment of our first Community Representative to our Steering Committee and a terrific, exceptional series of educational case studies in English and Japanese from our Japan Work Group.

Community

We are delighted to announce that Indira Bhatt acted as our OpenChain Community Representative during our inaugural Steering Committee meeting. Indira is a Manager in KPMG’s San Francisco Advisory practice with nearly 10 years of experience in the area of Free and Open Source Software (FOSS) due diligence. She has extensive experience in setting up FOSS compliance teams including leading, training and mentoring junior and senior analysts. Indira has helped various organizations successfully contribute code to the open source community and establish FOSS review boards by either defining or refining existing governance and usage and approval policies and procedures.
https://www.openchainproject.org/news/2018/09/11/openchain-announces-our-first-community-representative-on-the-steering-committee

Indira will represent the community in our second Steering Committee scheduled for late October before rotating the role with another community member.

Contributions

This month is all about case studies. This time around we focused on how companies instituted educational programs. All of the case studies came from our excellent and highly productive Japan Work Group. Big thanks are due to Fukuchi San from Sony for coordinating all the moving pieces.

Panasonic Case Study:
https://www.openchainproject.org/news/2018/09/12/announcing-our-panasonic-educational-case-study

Toshiba Case Study:
https://www.openchainproject.org/news/2018/09/18/announcing-our-toshiba-educational-case-study

Sony Case Study:
https://www.openchainproject.org/news/2018/09/21/announcing-our-sony-educational-case-study

Toyota Case Study:
https://www.openchainproject.org/news/2018/09/25/announcing-our-toyota-educational-case-study

Fujitsu Case Study:
https://www.openchainproject.org/news/2018/09/27/announcing-our-fujitsu-educational-case-study

Events

The OpenChain Project benefited from outreach talks being reserved in the international schedule by our chair of the Specification Work Team and one of our most active partners in the UK.

First up, Mark Gisi presented the latest news from our project at the recent SPDX General Meeting. One of the most interesting highlights was the reveal of SParts – a supply chain ledger leveraging blockchain technology – can solve accountability and access questions. This merges SPDX and Hyperledger to provide a supply chain solution that can be immediately useful for companies managing open source compliance.
https://www.openchainproject.org/news/2018/09/04/openchain-spdx-general-meeting

A little bit down the road, Andrew Katz from Moorcrofts has booked a space at FINOS Open Source Strategy Forum in London on the 14th and 15th of November. This conference for financial technology professionals is designed to accelerate open source engagement at their firms. This marks our first step into the FinTech community:
https://www.openchainproject.org/news/2018/09/05/openchain-finos-open-source-strategy-forum-in-london

Summary

October will see a strong emphasis on outreach, both at Open Source Summit Europe and via other events and webinars. At the same time the project is benefiting from an expanding commercial ecosystem, purely market driven, that indicates further substantial growth in the adoption of best practices for open source compliance programs is just around the corner.

License and Trademarks

Copyright 2018 The Linux Foundation. This newsletter is licensed under the Creative Commons Attribution-NoDerivs 2.0 Generic (CC BY-ND 2.0). Please feel free to share it onwards! OpenChain is a trademark of The Linux Foundation. It may be used according to The Linux Foundation Trademark Policy and the OpenChain Terms of Use. All other trademarks belong to their respective owners.

Announcing Our Toyota Educational Case Study

By News

The OpenChain Project is delighted to announce our fourth educational case study. This contribution comes from Toyota and is available in both English and Japanese.

“Our goal with these case studies is to help companies of all sizes understand approaches to open source education approaches,” says Shane Coughlan, OpenChain General Manager. “In a massive company like Toyota there are scale challenges that are as applicable to large multinationals in other sectors as they are to the automotive segment.”

This case study is made available under the CC-BY-ND 4.0 license.

Learn More:

Announcing Our Sony Educational Case Study

By News

The OpenChain Project is delighted to announce our third educational case study. This contribution comes from Sony and is available in both English and Japanese.

“Our Japan Work Group is going from strength to strength” says Shane Coughlan, OpenChain General Manager. “Sony has been a pivotal leader in both building out the community and driving productive discussion. This case study, as with our recent releases from Panasonic and Toshiba, provides a useful reference in both English and Japanese.”

This case study is made available under the CC-BY-ND 4.0 license.

Learn More:

Announcing Our Toshiba Educational Case Study

By News

The OpenChain Project is delighted to announce our second educational case study. This contribution comes from Toshiba and is available in both English and Japanese.

“The OpenChain Japan Work Group has inspired numerous contributions,” says Shane Coughlan, OpenChain General Manager. “Toshiba has been deeply involved in this process and in providing guidance to help guide their peers. The new educational case study builds on this and provides a useful reference in both English and Japanese.”

This case study is made available under the CC-BY-ND 4.0 license.

Learn More:

Announcing Our Panasonic Educational Case Study

By News

The OpenChain Project is delighted to announce the first in a new series of open source educational case studies. Panasonic takes center stage today with an overview of their activities in both English and Japanese.

“The OpenChain Japan Work Group has proven to be a fruitful venue to share knowledge among numerous open source stakeholders,” says Shane Coughlan, OpenChain General Manager. “Chief among this sharing has been a sequence of case studies from participants explaining how they address various compliance challenges. Today we kick off the release of a new set of such studies, this time focused on education around open source.”

This case study is made available under the CC-BY-ND 4.0 license.

Learn More:

OpenChain Announces Our First Community Representative on the Steering Committee

By News

The OpenChain Project is delighted to announce that Indira Bhatt will act as the OpenChain Community Representative during our inaugural Steering Committee meeting at 8:30am Pacific on the 13th of September.

Indira is a Manager in KPMG’s San Francisco Advisory practice with nearly 10 years of experience in the area of Free and Open Source Software (FOSS) due diligence. She has extensive experience in setting up FOSS compliance teams including leading, training and mentoring junior and senior analysts. Indira has helped various organizations successfully contribute code to the open source community and establish FOSS review boards by either defining or refining existing governance and usage and approval policies and procedures. Prior to this, Indira was a windows mobile developer for various startups in the Bay Area.

“There is nothing more important than community when building international collaboration,” says Shane Coughlan, OpenChain General Manager. “Our first Steering Committee meeting marks both a sign of maturity in the project and a new avenue for ensuring community perspectives are considered in each critical decision around our standard. We envision rotating the community seats with each quarterly meeting, and starting today with Indira we are making this process a reality.”

You can connect with Indira via LinkedIn at https://www.linkedin.com/in/indirabhatt/

OpenChain @ FINOS Open Source Strategy Forum in London

By News

Andrew Katz from Moorcrofts LLP – an OpenChain Partner Company – has been confirmed as a speaker at the Open Source Strategy Forum. The Open Source Strategy Forum, presented by FINOS, is a two-day conference for financial technology professionals looking to accelerate open source engagement at their firms. It will take place on the 14th and 15th November 2018 in London.

The program will feature three tracks, each guiding attendees from fundamental concepts to in-depth, practical knowledge in one of three areas: business value & strategy, policy & process, and tools & technology. Attendees will leave with the information and skills necessary to move their firms toward open source readiness.

“The OpenChain Project has seen tremendous interest from users of open source software and providers of services adjacent to this market-space,” says Shane Coughlan, OpenChain General Manager. “Moorcroft’s outreach in the United Kingdom has been critical in both raising interest and ensuring understanding in the European market. The speech at Open Source Strategy Forum will open a new front in our outreach and positively impact our growth as we head towards 2019.”

Learn More

OpenChain Conformance – Enhanced Offline Support Now In Beta

By News

I updated the conformance questionnaire git repository with the scripts to test the data and create PDF documents on every update to the repository once the Travis-CI is approved for Github access (see my previous email).

The output can be viewed at https://openchain-project.github.io/conformance-questionnaire/questionnaire.pdf

If there are multiple language translations, the URL for the PDF will have the language designation appended to the end of “questionnaire”. This may be a good way to verify the translations of the JSON input files.

I also added your Context section.

Feel free to share this information with the larger group after you’ve had a chance to review and enable the Travis-CI.

B2M Solutions joins the OpenChain Community of Conformance

By News

Today the OpenChain Project welcomes B2M Solutions to our Community of Conformance. The conformance process was lead by the OpenChain Partner Moorcrofts LLP in conjunction with its sister company Orcro Ltd.

Formed in 2002, B2M Solutions is a global software company dramatically improving how enterprise mobility is operated and managed. Partners include the likes of BT, Zebra Technologies and most recently Panasonic.

OpenChain, a project of the Linux Foundation, brings established governance principles to the software supply chain. It adopts best-practice from other compliance areas and maps them to software procurement, giving businesses a clear path to minimizing infringement risk in procuring, developing and deploying software. The result is that open source license compliance becomes more predictable, understandable and efficient for participants of the software supply chain.

Julie Purves, B2M Solutions CEO said: “Although smaller than many of the other companies who have achieved this milestone of compliance, we are considered to be technology leaders in our field, and it’s important to be able to reassure our clients that we are not only proactive in reacting to industry developments but also, where appropriate, leading those developments. Our partners include a number of global companies who are embracing OpenChain. Although none of our partners have compelled us to become OpenChain compliant, we believe that pre-emptively obtaining this important status means we are better able to demonstrate we are responsive to the needs of global brands and their end-customers. It also demonstrates our technology leadership by highlighting our desire to lead not only with the latest in cloud-based analytics solutions, but also with compliance to standards critical for our customers.”

Julie continues: “The services provided by Andrew Katz and his team at Moorcrofts and Orcro were outstanding. They not only provided the technical legal advice for us to be able to reach the OpenChain conformance standard, ensuring our component database contained the relevant open source licences, they also worked with our team to establish an appropriate open source policy, tailored to B2M’s specific business needs, and provided the compliance training to our developers.”

“The OpenChain Project is delighted to welcome B2M Solutions to our community of conformance,” says Shane Coughlan, OpenChain General Manager. “This is a milestone in building out our community in the mobile sphere and in deepening our presence in Europe. OpenChain Conformance is a mark of quality and efficiency in the adoption, use and distribution of open source code. We are looking forward to sharing this benefit throughout the B2M eco-system and to building a productive long-term relationship with their great team.”

Learn More:

For the full case study, interviews, photographs and more information, please contact: Marie Parkinson, OJI Marketing Ltd on: 07463994834 or marieparkinson@ojimarketing.co.uk

Additional Information:

  • Moorcrofts LLP is a boutique firm of solicitors, focusing on corporate and contract law, tech law, employment (including employee incentivisation) and commercial property – that’s all. We’re small, but intensely targeted to provide real expertise and in-depth experience in our chosen fields. That’s why we act for some of the biggest names around, and have an international clientele ranging from entrepreneurs to US stock-market listed companies. Our base in the Thames Valley gives our clients easy access to us, whether based in London, Oxford, Maidenhead or Reading, and we’re only 25 minutes from London Heathrow Airport. For additional information, visit: moorcrofts.com.
  • Orcro Ltd works hand-in-hand with Moorcrofts and its specialist technology lawyers, to provide project management and compliance expertise ensuring all clients receive a full end-to-end service. This means Moorcrofts and Orcro together not only provide the legal advice but also provide the practical services necessary to deliver complete compliance within a firm. The Orcro compliance team draw on skills in implementation, training, documentation, systems and assessment, either in-house, or by partnering with best-in-breed third party companies. Orcro compliance services include: GDPR/Privacy, Software Supply Chain/OpenChain and Anti-Money-Laundering. For additional information, visit: orcro.co.uk.
  • B2M Solutions is a global software company dramatically improving how enterprise mobility is operated and managed. The company’s flagship product, Elemez™, provides real-time actionable analytics and operational intelligence for enterprise mobile devices and applications. Unlike traditional enterprise mobile software management tools, Elemez proactively identifies, isolates and predicts issues to help enterprises prevent and avoid problems, improve enterprise mobility’s performance and lower the True Cost of Ownership™ of mobility. mprodigy® is B2M’s mobile enterprise management platform (MDM/EMM) and offers a proven, cost-effective management layer for line-of-business enterprise mobility.   Founded in 2002, B2M is a privately held company based in Abingdon, UK, with North American operations in Atlanta, Ga., U.S.A. For additional information, visit: b2msolutions.com.
  • OpenChain Project identifies key recommended processes for effective open source management in the supply chain. The project is the driving force behind the implementation of the OpenChain conformance standard, which is the world’s leading standard of its kind, bringing established governance principles to the open source software supply chain. It adopts best-practice from other compliance areas and maps them to software procurement, giving businesses a clear path to minimising infringement risk in procuring, developing and deploying software, with particular emphasis on use and re-use of free and open source software (“FOSS”) components. Crucially, for smaller organisations like B2M Solutions, the compliance programme does not have to be complex, but simply mirrors or adapts existing best practice. The result is that open source licence compliance becomes more predictable, understandable and efficient for participants of the software supply chain. For additional information, visit: openchainproject.org/
  • The Linux Foundation is dedicated to building sustainable ecosystems around open source projects to accelerate technology development and industry adoption. Founded in 2000, The Linux Foundation provides unparalleled support for open source communities through financial and intellectual resources, infrastructure, services, events, and training. Working together, The Linux Foundation and its projects form the most ambitious and successful investment in the creation of shared technology. For additional information, visit: linuxfoundation.org/

Mark Gisi from OpenChain @ SPDX General Meeting

By News

Mark Gisi, chair of the OpenChain Project Specification Work Team, will take center stage during the next SPDX General meeting on Thurs, Sept 6, 8am PDT / 10 am CDT / 11am EDT / 15:00. He will explain how SParts – a supply chain ledger leveraging blockchain technology – can solve accountability and access questions.

Abstract:

The union of SPDX data and a blockchain ledger is a match made in heaven. This union enables us to provide both *accountability* and *access* to SPDX data for manufactured products that are comprised on software components contributed by dozens of suppliers. We will present a use case of how we track SPDX data (along with source code and notices)  across the manufacturing supply chain of a device running the Zephyr operating system runtime.

Mark’s bio:

Mark Gisi, Directory of Intellectual Property and Open Source at Wind River Systems, has been managing Open Source policies and programs for the past 12 years. Mark contributes to the Linux Foundation’s SPDX project, OpenChain Project and the Hyperledger Project’s SParts (Software Parts) lab initiative. Mark holds a MS degree in Computer Science and a BS degree in Mathematics.