Shane Coughlan is an expert in communication, security and business development. His professional accomplishments include spearheading the licensing team that elevated Open Invention Network into the largest patent non-aggression community in history, establishing the leading professional network of Open Source legal experts and aligning stakeholders to launch both the first law journal and the first law book dedicated to Open Source.
Shane has extensive knowledge of Open Source governance, internal process development, supply chain management and community building. His experience includes engagement with the enterprise, embedded, mobile and automotive industries.
The OpenChain Project is delighted to welcome NodeWeaver as our latest organization with an OpenChain conformant program.
NodeWeaver is a zero-management hyperconverged infrastructure – that integrates storage, networking and virtualization in a single system. It is built using the same principles of large scale systems used by Google and Amazon, making them available to small and medium enterprises.
“With more than 80% of our code being open source, Open Source license compliance is an essential aspect for us” says Carlo Daffara, NodeWeaver’s CEO. “OpenChain helped us in making the process streamlined, repeatable and consistent, and substantially lowered our compliance cost while increasing visibility into all aspect of our production process.”
“The European sphere is vitally important for open source software,” says Shane Coughlan, OpenChain Project Direction. “It is a market with frequent explicit requests for open source throughout procurement and it contains an extremely vital community of small to medium enterprises. We are delighted to welcome NodeWeaver to our list of OpenChain Conformant organizations. This is both because of their long-history in open source and their unique position to support and influence many more companies across the continent.”
The OpenChain Project is delighted to welcome AB EHR as an organization with an OpenChain Conformant program. Their participation is especially valued as it ties into collaboration with NHS England, NHS Digital and other key stakeholders involved with open source in the British National Health System.
“We have been supporting Code4Health for a number of years to manage their open source supply chain. The OpenChain Specification has enabled us to validate the processes meet industry best practice and that the solutions being promoted to NHS are best of breed and this can be transparently demonstrated.” Martin Callinan, Director Source Code Control Ltd.
AB EHR’s participation is also the subject of our first case study. You can learn more about it here and you can also download the full case study in PDF format here.
“This is another important step to bring yet further assurance to the health and care system by evidencing good governance and best practice in the development and use of opensource solutions,” says Peter Coates, Head of Ecosystem Development, and leader of NHS Digital’s support of Code4Health.
“Community is at the heart of OpenChain as a project,” says Shane Coughlan, OpenChain Project Director. “This goes beyond the narrow confines of one industry segment or one market approach. It is about every entity that makes, uses or supports open source software. We are delighted to demonstrate this broad applicability in close partnership with organizations like AB EHR and Source Code Control.”
The OpenChain community of conformant organizations is growing across a wide range of stakeholders from all corners of software creation and use. You can follow the progress of our conformance program here and you can participate in our community here. Everyone, from organizations of all types, is very welcome.
The OpenChain Project is delighted to announce the release of our first case study, a collaboration with NHS England, NHS Digital and AB EHR. This case study offers an insight into how and why the British National Health Service has decided to use the OpenChain Specification as a baseline for effective compliance across its digital projects.
Our first case study is centered around adoption by the service provider AB EHR for the code4health project. This marks the first step in a broader deployment plan across multiple projects and providers in the coming months and years.
During the Legal and Licensing Workshop in Barcelona on the 18th of April there was a workshop with a focus on useful templates for open source compliance activities. One of the templates most commonly requested is related to case studies. After discussion among two teams and a total of fourteen people we produced a simple template for one page case studies:
This template – as with all templates and curriculum material – is licensed under CC-0 for use without restriction.
OpenChain has been featured in the latest issue of the International Free and Open Source Software Law Review. This publication is the first law journal dedicated to open source and is now in its ninth year of ongoing release.
The article is entitled ‘The Bid by OpenChain to Transform The Supply Chain’ and the abstract is below. At the end of this post you will find a link to the full article.
“OpenChain aims to increase open source compliance in the supply chain. This issue, which many initially dismiss as a legal concern or as low priority, is inherently tied to ensuring that open source is as useful as possible with as little friction as possible. In a nutshell, because open source is about the use of third party code, compliance is the nexus of where equality of access, safety of use and reduction of risk can be found. OpenChain is built to increase trust between organizations to accomplish this.”
The OpenChain Project was featured in a workshop and a keynote speech at the recent Legal and Licensing Workshop in Barcelona. This event, hosted by the Legal Network, provides an annual forum for open source counsel and related experts to share knowledge and news.
This year the focus was on practical outcomes and the OpenChain workshop was no exception. The core goal was to provide a template for future case studies and to encourage our first submissions. Today you can see the template. The case studies will be along shortly.
In other news, during the event OpenChain received contributions of kanban templates, checklist templates and onboarding slides. Watch this space for social media releases in the near future.
The OpenChain Project in collaboration with Open Invention Network hosted a get-together in Korea. This was a small event centered around a meal in the city center. Our goal was to reach out to old friends at LG Electronics and to make new friends from LG Display. One of the primary outcomes was the decision to hold a full OpenChain workshop in the next three months. Haksung from the LG Electronics open source team kindly offered to assist with our planning regarding attendees and ideal timing.
The Software Compliance Academy (one of the OpenChain Pilot Partner Program participants) ran a workshop in Germany on the 9th of April to discuss compliance. Naturally OpenChain was featured high on the list regarding approaches to frame effective, efficient compliance management.
More information in German:
“Die Verwendung von Free and Open Source Software wirft eine Reihe von rechtlichen Fragestellungen auf. Welche Vorteile bietet das Open Source Lizenzmodell? Und welche Lizenzpflichten sind dabei zu beachten? Einen vertieften Einblick in die unterschiedlichen Open Source Lizenzen und insbesondere die jeweils zu beachtenden Lizenzpflichten sowie damit einhergehende Kompatibilitätsfragen gibt das gemeinsam mit Vogel Business Media ausgerichtete FOSS Compliance Seminar in Würzburg am 9. April 2018.”
The OpenChain Project was featured at the first Asian Legal Network meeting of 2018 in Tokyo on the 6th of April. This event provided an opportunity to unpack the latest news around compliance with an audience from over 10 companies. The event was sponsored by Open Invention Network and marked another chapter in the on-going collaboration between various international non-profit organizations and projects to support the growth and sustainability of open source.
This month is all about the OpenChain Specification. We are approaching a new release and are seizing the opportunity for reaffirming the core text and goals of the project. At the same time we are seeing new interest and engagement from both technology stakeholders and those from further afield. Speaking of further afield, we just released some milestone curriculum material in Simplified Chinese under CC-0 licensing (effectively public domain). See below.
OpenChain Specification
The OpenChain Project has developed a specification that defines a core set of requirements that a quality FOSS compliance program is expected to satisfy. Although it represents a minimum set of “must have” requirements, a significant degree of flexibility is given on how an organization might implement them. OpenChain Conformance helps to reduce concerns about open source compliance in organizations of all types and sizes.
We update the specification periodically based on feedback from our community. At the moment we are in the home stretch before releasing version 1.2 in April. This release does not change the requirements of the specification but introduces improvements to language and definitions to make OpenChain Conformance and translations easier. We are seeking public comments as we wrap things up.
We welcome any and all feedback from all parties. The easiest way to provide such feedback and to get involved in the conversation is to mail our Specification list: Openchain-specification@lists.linuxfoundation.org
There are several large entities currently undergoing OpenChain Conformance. We are working closely with these new and old community partners to assist and to learn. OpenChain Conformance is often a two-way process, involving listening to great feedback that helps us improve the OpenChain Specification or the OpenChain Conformance process itself.
One of the first announcements coming up, and our first case study, is being arranged with Code4Health, a project of the English National Health Service and National Health Service Digital. We expect to formally release the case study and announce their conformance by the end of this month. Meanwhile, Code4Health – the first program inside the NHS to conform – is already Tweeting:
OpenChain @ Events
We have completed some interesting event outreach during the early part of March. One of the most notable was a workshop held in partnership with the Open Culture Foundation (Taiwan) on the 5th of March, an event that fits neatly into our Asian outreach priorities. A few points became clear:
Most attendees had a direct interest in using some or all of the OpenChain curriculum to support their compliance efforts.
All attendees expressed interest having open source compliance collaboration between companies to encourage deeper open source use in companies.
Most attendees faced various challenges in explaining this to the administrative side of their businesses.
One area of useful feedback was that some attendees asked for future events to be held in Hsichu or Neihu so that their colleagues can join. Some may be able to offer a meeting room at their offices. Our colleagues at the Open Culture Foundation are exploring the opportunities and may hold another workshop in April or May.
OpenChain Project held a governing board meeting, a face-t0-face and a standing room-only talk at the Linux Foundation’s Open Source Leadership Summit in Sonoma. This event was a great chance to reconnect with many of our core constituents and to personally engage with some potential new contributors.
For those of you who are new to the project, our governing board consists of representatives from our 14 Platinum Members, and it meets once every quarter to discuss strategy. Their input ties directly into the activities of our Specification, Conformance, Curriculum and Onboarding work teams, each of which was represented or discussed during our open session. The OpenChain talk was delivered by Shane Coughlan, OpenChain Project Director, to the general Leadership Summit audience. It was interesting to note the level of engagement and questions fielded by the audience. It highlights both the amount of interest there is around improving compliance and areas where we can usefully focus on developing new onboarding or reference material.
The OpenChain Project has some forthcoming events that may be of interest to our readers:
The OpenChain Curriculum slides are now available in Simplified Chinese. This is a significant milestone in sharing useful open source compliance information with a key target demographic. Great thanks are due to Hung Chang and Navia Shen for initiating the OpenChain Simplified Chinese translator team, to Lucien Lin for creating this translation, and to Florence Ko for review.
The next month will be all about case studies, reference material and expanding the community of conformance. Not to mention the formal release of the OpenChain Specification 1.2. Stay tuned and feel free to join any of our work teams at any time. You insights always help make us better.
License and Trademarks
Copyright 2018 The Linux Foundation. This newsletter is licensed under the Creative Commons Attribution-NoDerivs 2.0 Generic (CC BY-ND 2.0). Please feel free to share it onwards! OpenChain is a trademark of The Linux Foundation. It may be used according to The Linux Foundation Trademark Policy and the OpenChain Terms of Use. All other trademarks belong to their respective owners.
The OpenChain Project in collaboration with Open Invention Network hosted a get-together in Korea. This was a small event centered around a meal in the city center. Our goal was to reach out to old friends at LG Electronics and to make new friends from LG Display. One of the primary outcomes was the decision to hold a full OpenChain workshop in the next three months. Haksung from the LG Electronics open source team kindly offered to assist with our planning regarding attendees and ideal timing.
