Revenera has announced the creation of an OpenChain ISO/IEC DIS 18974 conformant program for managing open source security assurance. This builds on previous adoption of OpenChain ISO/IEC 5230, the International Standard for open source license compliance, and underlines their on-going commitment to open source process management.
“Revenera’s adoption of the OpenChain international standard for open source security assurance, following our adoption of the standard for open source license compliance, demonstrates our dedication to being a leader in using safe, secure open source software. Revenera is one of only a handful of organizations that are OpenChain ISO/IEC DIS 18974 conformant; we are honored to be on the forefront and hope that other organizations will also pursue this standard to help secure their software supply chain,” said Alex Rybak, Senior Director of Product Management at Revenera. “As someone responsible for Revenera’s open source program office (OSPO), having both OpenChain certifications helps us define, administer, and continuously improve our program to conform to evolving industry best practices.”
“The OpenChain process management standards are designed to help businesses use open source more effectively and efficiently,” says Shane Coughlan, OpenChain General Manager. “Revenera has proven to be an enthusiastic participant in the OpenChain community of conformance, and also an active contributor to knowledge-sharing in our field. The future of collaborative technology like open source depends on this type of positive, sustainable engagement, and I look forward to our continued partnership as the supply chain evolves.”
Resources
Follow Revenera
About Revenera
Revenera helps product executives build better products, accelerate time to value and monetize what matters. Revenera’s leading solutions help software and technology companies drive top line revenue with modern software monetization, understand usage and compliance with software usage analytics, empower the use of open source with software composition analysis and deliver an excellent user experience—for embedded, on-premises, cloud and SaaS products. To learn more, visit www.revenera.com.
For More Information, Contact:Bret Clement
revenerapr@clementpeterson.com
The funeral of Ueda San of Sony took place yesterday. Many of us have known him for many years. Some of us have known him for a little while. Others, perhaps, have only recently heard of him.
One important thing to know about Ueda San is that he built the open source community in Japan alongside others such as Hashimoto San, Eto San, Shibata San and the rest of the “old guard.”
Building the open source community in Japan was not easy. Previously, companies operated in silos, and it was a radical idea to throw open the doors and allow engineers to mix and mingle. There was risk, there was fear, and there was the stubborn tide of habit.
It takes an iron will to change an entire industry. Ueda San was extremely kind and gentle, but he would not yield on the importance of open collaboration. He knew the value it gave to people, to business and to society. Ueda San really believed in community and collaboration. He was tireless in promoting it, and he insisted that more and more people should be educated in its value.
Ueda San was a key part of forming the OpenChain Japan community. He was also a key driver behind our early outcomes, including the exceptional Supplier Education Leaflet. His tireless encouragement of younger generations is an example we can all learn from.
It is because of Ueda San and his contemporaries that the OpenChain Japan Work Group exists. Instead of closing doors, our board members decided to create an environment of complete openness. We built this community to network people, to share knowledge, and to fundamentally improve how companies use open source.
This is the difference between long term and short term thinking. By creating communities that freely welcome people, they can learn your values. They mirror your values. They multiply your effort. Then, together, you change far more than you could ever accomplish alone.
And now? Now we have an environment in Japan where more and more companies are adopting standard processes around open source. We have more engineers and managers meeting, talking and learning. We are all in a better position to do more things.
It is our responsibility to take that potential and apply it. It is also our responsibility to remember that the freedoms and advantages we enjoy come from the hard work of others. Without Ueda San spending thousands of hours advocating, perhaps there would be a much smaller community in Japan.
Ueda San was a dreamer who actually created new realities. He was an artist, and he saw the world as far more than numbers. Indeed, Ueda San spent countless hours capturing the beauty of nature as a photographer. When I think of him, I think of how these values drove him, and changed us all for the better.
This is the final photograph Ueda San posted on Facebook before he died. A dragonfly. What a perfect metaphor for life and for friendship. A moment of beauty. A moment that passes. All we can do is appreciate it, and treasure the memories left behind.
You can scold me later, when I join you.
— Shane Coughlan, OpenChain General Manager
The OpenChain Project was featured at FOSS North 2023 in Sweden earlier this year. The organizers have just published the speeches, and you can see the full talk delivered by Shane Coughlan, OpenChain General Manager, below.
Stefan Haßdenteufel and Susanne Witte recently wrote an article in Computer & Recht (computer and law) about the value of the OpenChain standard for open source license compliance. They conclude that “working together with a OpenChain Specification certified distributor helps preventing legit claims from the copyright holders in case of a negligent infringement of the OSS license and, thus, the copyright law. This is especially the case if the distributor is certified by a recognized third-party certifier.”
Check out social media and links to the article below
The OpenChain Taiwan Work Group held a community meeting recently in Taipei with support from the Open Culture Foundation and Bureau Veritas. Check out the keynote slides below and get more details about how to engage with the community.
Join The Taiwan Work Group Mailing List
This is the kick-off call to explain what processes the OpenChain Project uses to develop new specifications. This call then proceeds to review the current ideas being fielded for a contribution process specification and discusses next steps.
Here is the overview of how we create specifications:
https://www.openchainproject.org/resources/faq#specification-development-questions
Here is the initial thread discussing the idea of a contribution process specification:
https://github.com/OpenChain-Project/Contribution-Process-Specification/issues/1
Here is a link to the first topics for discussion:
https://github.com/OpenChain-Project/Contribution-Process-Specification/issues/2
Here is a link to all open issues with items to review:
https://github.com/OpenChain-Project/Contribution-Process-Specification/issues
OpenTEKr has become an official partner of The Linux Foundation’s OpenChain Project. The ‘Enterprise Open Source Governance Specialist’ certification training courses launched by the OpenTEKr will incorporate OpenChain standards into its material to provide additional benefit to all users moving forward.
“OpenTEKr has been looking forward to cooperating with the OpenChain Project,” said Dean, founder of OpenTEKr, “By incorporating OpenChain standards into the curriculum system of our Enterprise Open Source Governance Specialist training courses, on the one hand, it strengthens the professionalism and systematization of our course system, improves the quality of courses, and on the other hand, it can also let more people know and understand OpenChain standards, and promote better and safer use of open source by enterprises.” ”
“We are delighted that OpenTEKr has become an official partner in the OpenChain project.” Said by Shane Coughlan, General Manager of OpenChain Project, “OpenTEKr has been actively involved in building a healthy and sustainable open source ecosystem in China, not only providing enterprise software solutions with open source technologies, but also providing OSS education and OSS governance consulting services for enterprise users. I believe that through the cooperation with OpenTEkr, OpenChain standards and specifications will help more China enterprises use open source more effectively and with greater sustainability.”
With OpenChain’s international reach and OpenTEKr’s OSS training practice in China, there is a clear understanding of how to help China enterprises use and govern open source through effective standards. Specifically, the OpenChain standards help enhance the innovation ability and increase the competitive advantage available to companies using open source. Through open source governance education provided by OpenTEKr, enterprises can know how to comply with OSS regulations, avoid risks, establish open source governance procedure, improve Open Source supply chain safety system, build proper open source strategies, and promote open innovation and social collaboration of enterprises.
As an old Chinese adage says, “It is better to teach people to fish than to give people a fish.” In the future, by this official partnership with OpenChian project, OpenTEkr will actively commit itself to building a sustainable open source ecosystem.
