Skip to main content
search
All Posts By

Shane Coughlan

Shane Coughlan is an expert in communication, security and business development. His professional accomplishments include spearheading the licensing team that elevated Open Invention Network into the largest patent non-aggression community in history, establishing the leading professional network of Open Source legal experts and aligning stakeholders to launch both the first law journal and the first law book dedicated to Open Source. Shane has extensive knowledge of Open Source governance, internal process development, supply chain management and community building. His experience includes engagement with the enterprise, embedded, mobile and automotive industries.

Apr 12
Love0

SAIC Z-ONE has adopted the ISO/IEC 5230 standard

By Featured, News

As a subsidiary of SAIC Group, SAIC Z-ONE Technology Co., Ltd always adheres to the research and development of smart car technology, provides customers with trustworthy and competitive solutions, products and services with an open and flexible cooperation model, and provides full life-cycle operation and maintenance upgrade services to empower customers to quickly build smart cars with differentiation capability, full-scene and ultimate experience.

SAIC is the leading automotive company in China in terms of scale, and as of 2022, SAIC has been the No. 1 in China in vehicle sales for 17 consecutive years.

Achieving ISO/IEC 5230 certification will help ensure that SAIC Z-ONE has a high-quality open source compliance program and requirements in place to effectively and efficiently use open source software in its supply chain and to align with high-quality global open source license compliance management practices.

“The announcement by SAIC Z-ONE provides an exceptional example of the evolving automotive industry,” says Shane Coughlan, OpenChain General Manager. “Cars are key outcomes of the software supply chain, and global leaders like SAIC have a clear, strategic vision for the future. Their engagement and their experience will help drive an improved ecosystem for the benefit of customers around the world.”

Apr 04
Love0

OpenChain Mini-Summit at OSS North America – 2023-05-09 @ 14:30 PDT

By News

The OpenChain Project will host an afternoon mini-summit with a focus on:

  • How OpenChain process standards support business optimization and sustainability. 
  • Open source tooling for open source compliance
  • Open source tooling for security assurance
  • Software Bill of Materials

Expect a packed session with plenty of networking opportunities. This event will help OSPO, IP, product development and management teams deal with trust management in the open source supply chain.

Agenda

  • 14:30 – Introduction: The OpenChain License Compliance and Security Assurance Standards in 2023
  • 14:50 – Keynote: Moving Down The Pyramid – SBOMs in 2023; Speaker TBD
  • 15:10 – Break
  • 15:20 – Keynote: Moving Down The Pyramid – “State of the Tooling” in Open Source Automation; Helio Chissini de Castro, CARIAD
  • 15:40 – Special Keynote: FOSSLight – Next Generation Open Source Automation for Compliance and Security; Kyoungae Kim and Soim Kim, LG Electronics
  • 16:00 – Break
  • 16:10 – Roundtable Session – Process Standards
  • 16:25 – Roundtable Session – SBOMs
  • 16:45 – Roundtable Session – Automation
  • 17:00 – Close

How to Register: Pre-registration is required. To register for the OpenChain Project Mini Summit, add it to your Open Source Summit North America registration.

Learn More

Apr 04
Love0

OpenChain @ OSCAR Open Source Supply Chain Salon (OSCAR开源供应链沙龙) – 2023-04-03

By News

CAICT and OpenChain held an OSCAR Open Source Supply Chain Salon on the 3rd of April 2023 with ISO/IEC 5230 third-party conformance announcements from:

  • Alibaba Cloud Computing Ltd.
  • China Mobile (Suzhou) Software Technology Co., Ltd.
  • Cloudera
Congratulations China Mobile, Alibaba Cloud and Cloudera!

Speakers covered topics around process management and other critical business affairs. You can learn more in Chinese below. Representatives from CAICT are also available to provide more information on request.

Main Event News

追本逐源丨OSCAR开源供应链沙龙圆满举办
近年来,在企业数字化转型进程逐步深入的过程中,开源保持高速增长态势,开源软件被各行业企业广泛使用和推广。国家层面,我国相关主管部门陆续出台开源相关政策,积极推动开源以开放、透明、协作的方式加速国家数字化转型步伐。行业层面,随着越来越多的企业加入到开源社区中,在享受开源软件带来的“红利”的同时,开源软件供应链风险治理的重要性也在不断的增强。
https://mp.weixin.qq.com/s/gOHer7ASzAdwniE5zVoNQA

Secondary Reporting:

信通院与OpenChain联合发布“2023年上半年可信开源供应链-OpenChain成果”
为进一步探讨开源供应链安全合规发展方向,4月3日下午,由中国信息通信研究院云计算与大数据研究所、OpenChain联合主办的“OSCAR开源供应链沙龙”活动在北京举办。
https://m.sohu.com/a/662781051_100302690/?trans=010005_pcwzywxewmsm

Apr 03
Love0

OpenChain Industry Survey 2023

By Featured, News

The OpenChain Industry Survey 2023 is now online.

Our annual OpenChain Industry Survey covers a big topic: the global status of corporate engagement and management of open source. It focuses on a ‘strategy’ perspective rather than a ‘development’ perspective. Our goal is to help inform corporate project, product and supply chain decisions in the year ahead.

Fill Out Our Survey (5 Minutes)

We are collecting responses throughout April.

Your help in creating a snapshot of the current market is deeply appreciated. This will allow us to understand where to direct community resources and energy throughout 2023. We will post the results in May.

The English version of the OpenChain Industry Survey 2023 is based off the Japanese original. Kudos to everyone in the OpenChain Japan Work Group, especially Owada San and Fukuchi San!

Mar 31
Love0

OpenChain Newsletter #52

By Monthly Newsletter, News
logo

​ Newsletter – Issue 52 – March 2023

The OpenChain Newsletter provides a monthly summary of our work. It contains an overview of what we are doing to build trust around license compliance and security in the open source supply chain. We accept suggestions and ideas. Feel free to mail us at any time.

This edition of the newsletter was created and shared by Qiuyue Qi of OpenSCA, and we provide our thanks for the contribution!

Enlargement

Socionext & Suzhou Prism Colorful Information Technology Co., Ltd. have all announced conformance with ISO/IEC 5230.

CESI joined the OpenChain Project as the official partner.

Activities

The OpenChain Project has had open discussions with LG Electronics and SK Group, presented at LF APAC Leadership Summit and delivered a speech at OSPO Summit.

Materials

There are two vital updates to our essential materials to follow:

Moreover, we have prepared an introduction to our standard for open source security assurance, ISO/IEC DIS 18974, for those who are interested.

The record of LF Training Courses Translation Project is also now available.

Webinar

We have held two webinars, respectively talking about an overview of SPDX 3.0 (#50) and the recap of FOSDEM (#49)

Routine

March has also witnessed lots of work done with our work groups and monthly meetings across the globe.

Our legal work group has been officially announced.

Both telco and export control work groups initiated insightful discussions.

Details of work groups in Germany, Korea and the UK can be found in the following links:

Checking our monthly meeting below:

Others

OpenChain ISO/IEC 5230:2020 is featured in Journal Of Software Volume 33, Issue 3, 2023.

Check Out All Our Previous Newsletters:

Mar 31
Love0

Announcing The OpenChain Legal Work Group

By News

The OpenChain Project is launching a Legal Work Group with a focus on a regular industry request: model provisions for agreements.

  • Companies have asked for templates with simple language to support the use of ISO/IEC 5230 or ISO/IEC DIS 18974 in procurement agreements or contracts.
  • The model provisions would explore options for requesting or explaining ISO/IEC 5230 or ISO/IEC DIS 18974.

This work group will provide a forum to do that with a particular focus on choice, translation and global applicability.

Please note: This is about creating reference material provided under CC0 licensing as part of our extensive reference library. Model provisions or clauses will not be included in future versions of the ISO/IEC standards. This is to ensure freedom of choice for companies in different markets and different geographies.

Join The Work Group (all welcome)

Mar 31
Love0

Webinar: An Overview of SPDX 3.0

By automation, community, licensing, News, security, standards, Webinar

This webinar features Alexios Zavras, Chief Open Source Compliance Officer at Intel Corporation and a long-term friend and collaborator around the OpenChain Project. This time the topic was SPDX 3.0, a significant generational update to SPDX, a sister standard to OpenChain ISO/IEC 5230 and OpenChain ISO/IEC DIS 18974.

SPDX is a Software Bill of Materials (SBOM) specification, so it operates one layer down from the fundamental processes outlined by OpenChain’s standards, and it provides an excellent way to meet our requirements for an SBOM to be used by companies. The second generation of SPDX has been an ISO/IEC standard for two years as ISO/IEC 5962. The third generation shows interesting promise as a way to manage license compliance, security and more.

Watch The Webinar

Check Out The Slides

Check Out The Rest Of Our Webinars

This is OpenChain Webinar #50, released on 2023-04-31.

Close Menu