Shane Coughlan is an expert in communication, security and business development. His professional accomplishments include spearheading the licensing team that elevated Open Invention Network into the largest patent non-aggression community in history, establishing the leading professional network of Open Source legal experts and aligning stakeholders to launch both the first law journal and the first law book dedicated to Open Source.
Shane has extensive knowledge of Open Source governance, internal process development, supply chain management and community building. His experience includes engagement with the enterprise, embedded, mobile and automotive industries.
This webinar featured Stefano Maffulli, Executive Director of the Open Source Initiative (OSI), on the current status of the OSI Definition for Open Source AI. It covered their efforts to build community consensus around the topic, and included insights around both progress and challenges.
Watch the Webinar:
More About Our Webinars:
This event is part of the overarching OpenChain Project Webinar Series. Our series highlights knowledge from throughout the global OpenChain eco-system. Participants are discussing approaches, processes and activities from their experience, providing a free service to increase shared knowledge in the supply chain. Our goal, as always, is to increase trust and therefore efficiency. No registration or costs involved. This is user companies producing great informative content for their peers.
The OpenChain India Work Group held its first meeting in a while to discuss a soft “reboot” and what activities can be useful in the local market. Lead by Arun Azhakesan of Siemens Healthineers, our new chair of the India Work Group, the focus was on exploring practical outcomes for the Indian market and open source business process management.
Watch the Meeting:
Join Future Meetings:
The OpenChain India Work Group has a mailing list to coordinate discussion and arrange meetings. Everyone is welcome to join it.
This week we have the following international meetings:
Wednesday 7th August: – OpenChain Automation Work Group Meeting (European Morning) @ 08:00 UTC – OpenChain Education Work Group Monthly Meeting @ 16:00 UTC
Thursday 8th August: – OpenChain Webinar: Implementing OpenChain ISO/IEC 5230 at endjin + Further Research on OpenChain ISO/IEC 18974 @ 07:00 UTC
Get dial-in details and see all our international meetings here:
In this forthcoming OpenChain Webinar, recent computer science graduate Charlotte Gayton shares her journey of implementing the OpenChain standard during her Year in Industry (ISO/IEC 5230) and her dissertation project (ISO/IEC 18974).
She will discuss the challenges she faced and the solutions she developed to achieve compliance. The session will provide a unique perspective on navigating OpenChain from the viewpoint of someone early in their career.
The OpenChain Taiwan Work Group will hold a meet-up on Monday the 5th of August in collaboration with our colleagues at the Open Culture Foundation. Everyone is invited.
Time:
2:00-4:00 pm
Date:
Monday, 5 August, 2024
Venue:
Open Culture Foundation (googlemap link, We are in the Mutix Studio building, entrance on Civic Boulevard and next to Charming City Songshan Hotel)
Agenda:
Opening: Singing Li of Open Culture Foundation
Shane Coughlan of OpenChain Project talks about OpenChain trends in 2024 for 15-20 mins
SZ Lin share the latest news about SBOM for 10-15 mins
Free exchange with drinks and snacks for 40 mins.
Lightning talk sessions for participants to freely share their ideas/experiences, maximum 40 min.
Shane Coughlan, OpenChain General Manager, will deliver a talk entitle ‘The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Professionals in 2024’ on Day 1 of COSCUP 2024. This talk, part of the legal track managed by long-term collaborator Florence Ko, will help provide practical background on what the ISO standard for open source license compliance and security assurance means to professionals dealing with risk management.
Date:
2024 / 08 / 03
Time:
13:40 ~ 14:10
Session ID:
TR510 Open Licensing Kaleidoscope
Abstract:
This session will present an overview of how OpenChain ISO/IEC 5230:2020 for open source license compliance and OpenChain ISO/IEC 18974:2023 for open source security assurance will impact legal professionals in 2024. It will cover the key points regarding procurement negotiations, mergers and acquisitions, and supply chain management foreseen in the year ahead. This will be informed by recent developments around the CRA and in adjacent standards like SPDX ISO/IEC 5962. The session will also expand on existing and forthcoming reference material, community support and commercial providers available for when help is needed. We will end with an outline of what may come next for the market, highlighting a new OpenChain Study Group around AI Compliance. This session will invite questions from the audience to ensure everyone is up-to-date and ready for internal or client use-cases.
The OpenChain Automotive Work Group will hold a face-to-face workshop on the 10th of September in Stuttgart. Please register if you will be attending, and please help spread the word!
Like all OpenChain Automotive activities, this belongs to you. You can contribute to, leave notes on, or make suggestions about the agenda. You will find our work group overview and links to our mailing list here: https://openchain-project.github.io/Automotive-WG/
The OpenChain Newsletter provides a monthly summary of our work. It contains an overview of what we are doing to build trust around license compliance and security in the open source supply chain. We accept suggestions and ideas. Feel free to mail us at any time.
We are delighted to announce that the second edition of the OpenChain guide to ‘Managing Your Open Source Software Supply Chain’ is now available. This builds on the excellent contribution from the OpenChain Japan Work Group in 2019 in building the first edition, and takes into account market developments since that time.
Overview:
This document is designed to help companies in the supply chain understand and manage Open Source Software (open source). The OpenChain Project maintains the OpenChain ISO/IEC 5230:2020 for open source license compliance and OpenChain ISO/IEC 18974:2023 for open source security assurance. These standards can help companies manage open source. You can learn more about the OpenChain Project and its standards at www.openchainproject.org.
Open source has become essential to modern software development and is incorporated into almost every electronic product, from consumer to industrial devices, from cloud to embedded software. Open source is an indispensable part of helping companies to bring products or services to market.
Much open source is developed through the collaboration of expert developers from individuals and organizations throughout the world.
Open source can be used, modified, and distributed by anyone who complies with the associated license conditions. When open source is distributed within the supply chain, the distributor is required to comply with the terms and conditions of the license. There have been cases where suppliers were sued because they failed to satisfy their legal obligations. This document is designed to help introduce the best practices needed to prevent issues occurring and to solve them when they do occur. It leads to further resources available through the OpenChain Project and other Linux Foundation Projects.
Like all other software, security issues sometimes occur with open source. By understanding how open source is created, used, and maintained, it is possible to identify, prevent and address many of these issues before they become a concern. The key thing is for all relevant personnel to understand the basic principles of open source.
Please note that this document is designed to provide insight based on experience shared from our global community. It does not contain legal advice.
