Shane Coughlan is an expert in communication, security and business development. His professional accomplishments include spearheading the licensing team that elevated Open Invention Network into the largest patent non-aggression community in history, establishing the leading professional network of Open Source legal experts and aligning stakeholders to launch both the first law journal and the first law book dedicated to Open Source.
Shane has extensive knowledge of Open Source governance, internal process development, supply chain management and community building. His experience includes engagement with the enterprise, embedded, mobile and automotive industries.
The OpenChain Korea Work Group Meeting #8 featured an excellent schedule of presentations to end the year. You will find everything from SCA analysis to reviews of various aspects of Hyundai and Kakao’s work in the compliance space. A big thanks to Haksung and Soim for a lot of work organizing and editing everything, and a huge thanks to the presenters and community members who made this a wonderful event.
The fifth meeting of the OpenChain China Work Group took place on December 7th. Big thanks to Chloe at Huawei and Kris at OPPO for providing information and updates!
Key Items
OPENATOM, the new foundation for open source in China
The new copyleft variant of the Mulan license, joining the pre-existing permissive license.
In 2021 the OpenChain China Work Group will switch to using Mandarin in meetings. This is the ideal English-language meeting to get an introduction to the type of topics covered.
OpenChain 2.1 self-certification is available through our online web app from today, December 7th 2020. This is in advance of the release of ISO/IEC 5230:2020, currently scheduled for December 14th according to the ISO database.
Please note that OpenChain 2.1 is functionally identical to both OpenChain 2.0 and ISO/IEC PRF 5230 (proof of international standard, soon to be formally published as ISO/IEC 5230:2020). If you conform to one, you conform to the other.
Please note that our main outreach for OpenChain 2.1 and ISO/IEC 5230:2020 will occur after December 14th, the date of publication marked in the ISO database. If you are an early adopter and have suggestions for improvement or any errors to report in the specification document or self-certification questionnaire please report them to info@openchainproject.org.
OpenChain Education Work Group Meeting #4 focused on practicalities. The team is getting ready to produce a free online training course in collaboration with LF Training. It will be hosted on edX and the source will also be available as public domain (CC-0). Get involved via the mailing list to learn more and lend a hand.
This advent calendar has been created by our Japanese Work Group as part of their community outreach. We hope you enjoy their recap of compliance topics to end the year.
International Standardization of OpenChain specification
Hi, I’m Tadayuki Osaki, OSS compliance specialist working for Fujitsu Limited and involved in Open Source Software (OSS) license compliance.
In this article, I briefly introduce the international standardization of OpenChain specification.
From specification to standard
As introduced in Ayumi Watanabe’s first day article, OpenChain specification defines requirements for an organization to establish OSS compliance, and is coordinated by the OpenChain project under the Linux Foundation.
Under the Linux Foundation, there are projects to develop software (code) and to standardize specifications (specification/spec.), for a total of 187 projects as of December 2, 2020.
The figure above plots Linux Foundation projects into two categories: project configuration (Single / umbrella) and project subject (Software (code)/Specification).
The OpenChain project, with its logo at the bottom left of the diagram, is designed to create and standardize specifications, as are the OpenAPI initiative (API standardization) and the Open Container Initiative (Container formatting and runtime standardization).
What is International Standardization?
An international standard is a standard established by international standards organizations. Each member country of the WTO is required to conform its domestic standard to the international standard*, as required by WTO TBT Agreement. By international standardizing a specification, it can be developed and promoted to the domestic standard of each country. *only for international standards enacted by a specified international standards organizations, such as ISO, IEC, and ITU.
In the field of information technology (IT), ISO/IEC JTC1 (First Joint Technical Committee of ISO and IEC), an international standards organization independent from ISO and IEC, handles international standardization of the technical area.
OpenChain specification will be published as an international standard by the end of December, as stated in the second day article by Ayumi Watanabe, after going through the process of international standardization in ISO/IEC JTC1.
It should be noted that the content of documents relating to ISO procedures does not necessarily apply to the procedures of ISO/IEC JTC1, as the details of the procedures differ among international standardization bodies.
Flow of international standardization of OpenChain specification
The flow of the OpenChain specification up to its establishment as an international standard by ISO/IEC JTC1 is shown in the following diagram.
Specifically, the following two steps were taken.
Approved as the PAS submitter for ISO/IEC JTC1 by the Joint Development Foundation (JDF) under the Linux Foundation (May 2015).
As a result, the Linux Foundation is now able to apply to ISO/IEC JTC1 through its own JDF for open specifications (PAS; Publicly Available Specification).
JDF conducts procedures for international standardization of the OpenChain specification to ISO/IEC JTC1. PAS Application Procedures (PAS submission)
Conversion Procedure from PAS Application to International Standard Application (PAS transposition process)
Voting by national bodies (National Bodies) of JTC1 on the International Standard Draft (DIS) (2020/09: approved)
Published as an international standard (publish): 2020/12 planned
Way forward
The international standardization of the OpenChain specification is a big step toward the OpenChain Project’s goal of “Enabling a software supply chain where OSS is delivered with reliable and consistent compliance information”. In the future, the OpenChain Project will promote initiatives such as encouraging countries to establish domestic standards in response to the internationally standardized OpenChain specifications.
Tomorrow’s theme is…
Tomorrow is a message from Shane, General Manager of the OpenChain Project.
This advent calendar has been created by our Japanese Work Group as part of their community outreach. We hope you enjoy their recap of compliance topics to end the year.
(日本語は下にあります)
Introduction
Hello. If this is your first visit, nice to meet you. I think it is most likely your second time reading my article this December, right? As the second day of OpenChain Japan Advent Calendar, today I will write about the OpenChain Specification, which is the main theme of this year. I would like to skip my self introduction today because of my continuous posts, but if you are interested in that, please do read this.
Background (Issues in Software Supply Chains)
These days, OSS is essential for software development. It is even common to use hundreds to thousands of OSS components in one product or service. To develop software with advanced features by one single company has became very difficult, so a lot of companies have cooperated with each other and built software supply chains. In a software supply chain, once an inappropriate use of OSS or an insufficient delivery of OSS license information occurs, it affects the entire supply chain. It comes to be claimed by the copyright holder or it is prohibited to distribute products. In this situation, it is required to take control of problems at the upstream of the supply chain.
About OpenChain
To deal with those issues, the Open Chain Project has built an OSS compliance standard for every organization or company in supply chains to do things that they should do, build trust with each other, and deliver every necessary need (e.g. source code, license or documents). One of the most important activities of the OpenChain Project is development and promotion of Open Chain Specification. The OpenChain Specification defines inflection points in business workflows where a compliance process, policy or training should exist to minimize the potential for errors and maximize the efficiency of bringing solutions to market. It can be used as a requirement for organizations to do OSS license compliance properly.
About OpenChain Specification
As of December this year, the latest version of OpenChain Specification is version 2.1. It is available at version 2.1.
The updated history of OpenChain Specification is below:
version
update date
version 1.0
October 2016
version 1.1
April 2017
version 1.2
April 2018
version 2.0
April 2019
version 2.1(latest)
December 2020
The contents of the latest version of OpenChain Specification is below:
The key contents of Specification is written in chapter 3. From tomorrow, OpenChain Japan members will explain the contents of each requirement and related topics in turns.
The Next Topic is…
Osaki-san will explain the topics around OpenChain Specificatoin as an ISO Standard, the biggest news of this year. See you tomorrow!!!
はじめに
こんにちは。あるいは、はじめまして。たぶんかなりの確率で、二度目ですね。 OpenChain Japan Advent Calendar 2020の2日目は、今年のメインテーマであるOpenChain仕様についてお届けします。 本日は連投のため自己紹介はスキップしますが、もし読んでくださるのであれば、こちらをご参照くださいませ。
This advent calendar has been created by our Japanese Work Group as part of their community outreach. We hope you enjoy their recap of compliance topics to end the year.
(日本語は下にあります)
Introduction
Hello. If this is your first visit, nice to meet you. Thank you very much for your attention to this article. Welcome to OpenChain Japan WG Advent Calendar 2020!! We, OpenChain Japan WG, is a Japanese community whose activities involve Open Source Software(OSS) compliance. Last year we wrote various topics about our activities as a self introduction of OpenChain Japan WG. This year, as OpenChain Advent Calendar 2020, we will deliver to you a series of 25 articles focusing on the OpenChain Specification cerebrating that OpenChain Specification was officially registered as an International Organization for Standardization(ISO). And we will write every article both in Japanese and English and deliver them to everyone in the world. (It is also useful for your English/Japanese learning!) We would be very happy if you became a little interested in our activities and the importance of OSS compliance from reading our articles. I hope you like it!!
About me
I am Ayumi Watanabe of OpenChain Japan WG. I’m an OSS management consultant based in Tokyo, Japan. My favorite OSS license is Beerware License. I’m a member of Planning SWG, Promotion SWG and Tooling SWG in OpenChain Japan WG.
About OpenChain
Openchain is one of the official projects of the Linux Foundation. Its vision is “a supply chain where open source is delivered with trusted and consistent compliance information”. OpenChain maintains the International Standard for open source compliance. This allows companies of all sizes and in all sectors to adopt the key requirements of a quality open source compliance program. This is an open standard and all parties are welcomed to engage with our community, to share their knowledge, and to contribute to the future of our standard.
The core of OpenChain: 1. Specification, which defines a set of requirements every quality compliance program must satisfy 2. Conformance, which allows organizations to display and promote their adherence to these requirements 3. Curriculum, which provides the educational foundation for OSS processes and solutions, whilst meeting a key requirement of the specification
About Japan WG
In OpenChain Japan WG, we share our issues and solutions with each other, and discuss issues about OSS compliance in Japanese. We have variety of sub work groups in OpenChain Japan WG, e.g. Planning, Tooling, Promotion, FAQ, Leaflet, Education, License Info SWG. Every SWG are all very active. OpenChain Japan WG is one of the regional Work Groups of OpenChain. It started in 2017. Now over 200people from over 70 companies are our members. We always welcome your joining!
The Next Topic is…
In the next article, I will write about OpenChain Specification which is the main theme of this year. I believe it was 2020’s biggest news of OSS compliance that OpenChain Specification was officially registered as an ISO standard. See you tomorrow!!
はじめに
こんにちは。あるいは、はじめまして。 OpenChain Japan WGのアドベントカレンダー2020へようこそ! 私たちOpenChain Japan WGは、OSS(Open Source Software)のコンプライアンスに関する活動をしている日本のコミュニティです。 今年は、昨年に引き続き2年目のアドベントカレンダーです。昨年は、OpenChain Japan WGの自己紹介として、私たちの活動について色々書かせていただきましたが、今年はOpenChain仕様がISO国際標準に認定された記念として、OpenChain仕様にフォーカスした25日間をお届けしたいと思います。 また、日本から世界へ!をキーワードに、海外のエンジニアの皆さんにも読んでいただけるよう、今年は全日程、日本語と英語で記載します。(英語を勉強中の皆さんの練習にもお使いいただけます!) このアドベントカレンダーを通して、私たちの活動やOSSコンプライアンスの重要性に興味を持っていただき、参加したいなと思っていただけるようになれば幸いです。
自己紹介
OpenChain Japan WGの渡邊歩です。OSS活用に関するコンサルをしています。好きなライセンスは、Beerware Licenseです。 OpenChain Japan WGでは、Planning SWGとPromotion SWG、Tooling SWGで活動しています。
Our newsletter contains some of the highlights from the last month of activity in the project. Plenty more happened. Check out the full stream here: https://www.openchainproject.org/news
OpenChain @ Events
On November 26 the OpenChain Project presented at the LINE Developer Day 2020.
The International Standard for open source license compliance took center stage at the LINE Developer Day 2020 conference. Check out the recordings of our talk in English and Japanese below.
The OpenChain Project is delighted to welcome Lee Tsai & Partners to our partner program as the first law firm in Taiwan.
“The OpenChain Project is fortunate to have an active and growing community of user companies in Taiwan,” says Shane Coughlan, OpenChain General Manager. “Welcoming Lee Tsai & Partners to our official partner program is a natural extension of ensuring legal support for our community in this space. We are fortunate to have the opportunity to work with such experienced and influential individuals in this space, and we have every confidence that Lee Tsai & Partners is perfectly positioned to assist companies as the OpenChain Specification, DIS 5230, formally graduates as an ISO/IEC standard.”
“We have seen open source software become a critical part of technological innovation,” says Jaclyn Tsai, Co-Founder of Lee Tsai & Partners. “Whether an enterprise can effectively use open source software will become a crucial factor in keeping pace with current trends. The first step in ensuring proper use of open source software is assuring that appropriate controls are in place to ensure that license terms and obligations may be complied with. We are excited and pleased to be an official partner of OpenChain to help companies understand the requirements under the Internal Standard for Open Source Compliance and their legal obligations in using open-source software.”
About Lee Tsai & Partners
Dr. Chung-Teh Lee and Jaclyn Tsai, after working as judges and practicing for extensive periods, both had a vision of creating a law firm that is not only grounded on professionalism but also compassion. As such, the first office of the Lee Tsai Group was founded in Taipei in 1998 with the professional motto “Reason” and “Compassion” and a mission statement “to provide the highest quality of professional service to our clients through our comprehensive knowledge of their industries while dedicating ourselves not only to our clients but also to our community.”
