Shane Coughlan

Andrew Katz, Managing Partner at Moorcrofts and CEO of Orcro (both OpenChain partners), will lead an OpenUK webinar on the topic of OpenChain in M&A. This issue is increasingly important in our eco-system, reflecting that outside of product procurement, structured open source compliance approaches are in demand and offer significant benefits.

Learn More on the OpenUK site

• https://openuk.uk/event-calendar/ma-and-open-chain/

MAY 27, SAN FRANCISCO – Today the OpenChain Project is delighted to announce OPPO as our latest Platinum Member. As a Platinum Member of the project OPPO will provide strategic oversight on the governing board, the steering committee and the outreach committee. While OpenChain has had an active China Work Group since 2019, OPPO is the first work group participant to join the project governing board, and their contribution will be invaluable as OpenChain becomes an ISO standard.

“The OpenChain Project has been extremely fortunate in working with a wide range of Chinese companies during the last 18 months,” says Shane Coughlan, OpenChain General Manager. “Our deep relationship with OPPO is a direct consequence of this, and with their help we are looking forward to inspiring and leading a diverse range of Chinese innovators, international manufacturers and global supply chain companies towards adoption of our industry standard. In the next few months we will see some transformative activities around OpenChain and more generally open source compliance. OpenChain will become an ISO standard. SPDX will increasingly be deployed for Software Bill of Materials. Open Source Reference Tooling will emerge for multiple sectors. I am looking forward to working with the team at OPPO to help ensure that companies of every size and in every market can continually have access to the most efficient, effective and appropriate approaches to managing open source.” 

“OPPO is delighted to join the OpenChain Project and establish a deeper engagement with the global open source community as our business and research effort grow,” Andy Wu, Vice President and President of Software Engineering Business Unit, OPPO. “With the presence of our smartphone and services in more than 40 global markets and research institutes across the world, OPPO looks forward to working with developers and partners through open source development and OpenChain Project, with its efficient and comprehensive solutions, tremendously increased the efficiency of our collaborative innovation. OPPO values openness and collaboration greatly and will be an active member in OpenChain Project to contribute to its long-term success and adoption with fellow partners.”

About OPPO

OPPO is a leading global smart device brand. Since the launch of its first mobile phone – “Smiley Face” – in 2008, OPPO has been in relentless pursuit of the perfect synergy of aesthetic satisfaction and innovative technology. Today, OPPO provides a wide range of smart devices spearheaded by the Find X and Reno series. Beyond devices, OPPO provides its users with the ColorOS operating system and internet services like OPPO Cloud and OPPO+. OPPO operates in more than 40 countries and regions, with 6 Research Institutes and 4 R&D Centers worldwide, as well as an International Design Center in London. More than 40,000 of OPPO’s employees are dedicated to creating a better life for customers around the world.

About the OpenChain Project

The OpenChain Project builds trust in open source by making open source license compliance simpler and more consistent. The OpenChain Specification defines a core set of requirements every quality compliance program must satisfy. The OpenChain Curriculum provides the educational foundation for open source processes and solutions, whilst meeting a key requirement of the OpenChain Specification. OpenChain Conformance allows organizations to display their adherence to these requirements. The result is that open source license compliance becomes more predictable, understandable and efficient for participants of the software supply chain.

About The Linux Foundation

The Linux Foundation is the organization of choice for the world’s top developers and companies to build ecosystems that accelerate open technology development and industry adoption. Together with the worldwide open source community, it is solving the hardest technology problems by creating the largest shared technology investment in history. Founded in 2000, The Linux Foundation today provides tools, training and events to scale any open source project, which together deliver an economic impact not achievable by any one company. More information can be found at www.linuxfoundation.org.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage. 

Linux is a registered trademark of Linus Torvalds.

Media Contacts

Shane Coughlan
+818040358083
scoughlan@linuxfoundation.org

Sami Atabani, one of the founders of the OpenChain Project and our board member from Arm, will provide a webinar to the OpenUK Future Leaders’ Training series on OpenChain compliance. Catch him at 12pm UK Time (GMT+1) on May 22nd.

Learn More and Sign Up

• https://openuk.uk/event-calendar/intro-to-open-chain-compliance/

In the last few days Linux Foundation has publicly announced Joint Development Foundation (JDF) as an ISO/IEC JTC 1 PAS submitter and provided more information on how JDF will support OpenChain and other specifications to become ISO standards moving forward. This is an extremely important media inflection point for our community and for the broader global collaborations creating effective, adopted and mature de facto standards.

While the basic news is not new to the OpenChain community (you know we are using JDF to submit a ISO standard and you know that OpenChain is the first standard going this route), blog posts by The Linux Foundation and the media coverage is very useful for helping to explain our work to others. Some key excerpts below.

“This week, we are proud to announce that the Joint Development Foundation (JDF), which became part of the Linux Foundation family in 2019, has been accepted as an ISO/IEC JTC 1 PAS (“Publicly Available Specification”) Submitter. The OpenChain Specification is the first specification submitted for JTC 1 review and recognition as an international standard. The JDF was formed to simplify the process of creating new technical specification collaboration efforts.  Standards and specifications are vitally important for the creation or advancement of new technologies, ensuring that the resulting products are well defined, provide predictable performance and that different implementations can interoperate with one another.”

Read More

• https://www.linuxfoundation.org/blog/2020/05/joint-development-foundation-recognized-as-an-iso-iec-jtc-1-pas-submitter-and-submits-openchain-for-international-review/

Read More in Japanese

• https://www.linuxfoundation.jp/blog/2020/05/joint-development-foundation-recognized-as-an-iso-iec-jtc-1-pas-submitter-and-submits-openchain-for-international-review/

We have seen some great media coverage. One of the best articles can be found in Linux Insider. A key quotation below:

“JDF projects now have a clear path from open source project or specification to an internationally recognized standard. The OpenChain specification is JDF’s first standard to be submitted. The OpenChain standard is a specification that identifies the key requirements of an open source compliance program. It is designed to build trust between companies in the supply chain while reducing internal resource costs. The outcome is increased trust and consistency in open source software across the supply chain. International standardization will help to guide the evolution of the OpenChain Specification from de facto to de jure standard, a process that will assist procurement, sales and other departments to engage with OpenChain-related activities, according to [Seth Newberry, executive director of the JDF].”

Read the Full Article

• https://linuxinsider.com/story/linux-foundation-joins-ranks-of-international-standards-submitters-86672.html

Finally, if you are wondering why OpenChain is talking about this PR now, about seven days from release, the answer is pretty simple. I (Shane Coughlan, General Manager) wanted to check out the media coverage and select the most concise, clearly messaged article to share. I believe this blog post and mailing list post, and the links it references, provide an excellent on-boarding point for a wider audience. People in procurement. People in sales. People in marketing. Please do share this message.

I am happy to take questions at any time at scoughlan@linuxfoundation.org or via a scheduled call using the link below.

• https://calendly.com/shanecoughlan

The OpenChain Project has launched a series of bi-weekly free webinars that provide access to people and knowledge that we would otherwise obtain at events. We hold our fourth meeting on Monday the 18h of May at 5pm Pacific with two guest speakers.

This time we are unpacking the newly released SPDX 2.2. SPDX, as a leading industry standard for Software Bill of Materials, plays a pivotal role in the implementation of practical manual and automated compliance programs.

Kate Stewart, Sr. Director of Strategic Programs at the Linux Foundation, will explain how SPDX 2.2 works and what it means for the community. Kate has been a key driver of this standard over the last 10 years and can answer all your questions about what the current standard means, what projects support it, and the current state of the tooling landscape.

Yoshiyuki Ito, Principal Expert at RENESAS Electronics, will provide an overview of SPDX Lite. This is a “Profile” for the SPDX 2.2 standard that helps companies deploy the Software Bill of Materials to match certain workflows, particularly with respect to suppliers to large companies using existing processes. Ito San and others in the OpenChain Japan Work Group created SDPX Lite to help ensure that the standard could seek adoption in as many production environments as possible with minimal friction.

Each talk will run for 10~15 minutes and there will be plenty of time for questions, comments and suggestions. As with all OpenChain Project activities, our goal is to facilitate knowledge-sharing between peers.

Everyone is invited to join this free webinar via zoom. It will also be recorded and made available later on our website.

Join Our Zoom Meeting

• https://zoom.us/j/9990120120

Password *

• 123456

One Tap Telephone (no screensharing)

• +358 9 4245 1488,,9990120120# Finland
• +33 7 5678 4048,,9990120120# France
• +49 69 7104 9922,,9990120120# Germany
• +852 5808 6088,,9990120120# Hong Kong
• +39 069 480 6488,,9990120120# Italy
• +353 6 163 9031,,9990120120# Ireland
• +81 524 564 439,,9990120120# Japan
• +82 2 6105 4111,,9990120120# Korea
• +34 917 873 431,,9990120120# Spain
• +46 850 539 728,,9990120120# Sweden
• +41 43 210 71 08,,9990120120# Switzerland
• +44 330 088 5830,,9990120120# UK
• +16699006833,,9990120120# US (San Jose)
• +12532158782,,9990120120# US

Find your local number: https://zoom.us/u/abeUqy3kYQ
Not all countries have available numbers.

After dialing the local number enter 9990120120#

The OpenChain Reference Tooling Work Group held its 15th meeting on the 13th of May. This meeting covered general updates in the tooling space and a deep dive into TERN for container compliance.

Catch up on minutes from all previous meetings

• https://github.com/Open-Source-Compliance/Sharing-creates-value/tree/master/Tooling-Landscape/Meeting-Material

OpenChain Webinar 3 was held on the First Monday of May 2020 and featured talks on contribution policies, M&A and due diligence.

View the Webinar

The speakers have made their slides available to the community. Please find the slides below in the order which they were presented.

Contribution Policies (Tobie @ UnlockOpen)

M&A (Leon and Tony at GTC Law)

Due Diligence (Andrew @ Orcro)