Skip to main content
All Posts By

Shane Coughlan

Shane Coughlan is an expert in communication, security and business development. His professional accomplishments include spearheading the licensing team that elevated Open Invention Network into the largest patent non-aggression community in history, establishing the leading professional network of Open Source legal experts and aligning stakeholders to launch both the first law journal and the first law book dedicated to Open Source. Shane has extensive knowledge of Open Source governance, internal process development, supply chain management and community building. His experience includes engagement with the enterprise, embedded, mobile and automotive industries.

OpenChain Reference Tooling Work Group @ FOSDEM – February 2020

By News

The OpenChain Reference Tooling Work Group held a series of meetings adjacent to the FOSDEM conference in Brussels. Here are the outcomes and minutes as provided by Oliver Fendt.

Big Picture

It would be good to have information about “who is using which open source tool to do OSS compliance work” to create an overview that might help during internal discussions about appropriate tooling. We did not find an exact solution for this but there was consensus to work on enhancing a planned TODO Group survey with concrete questions about OSS based compliance tool usage. The survey is scheduled to be launched in June 2020.

It would help if we could create a detailed description of the functional building blocks (e.g. license & copyright scanner) available and which tool(s) implement the desired functionality or part thereof. A similar concept is also an outcome of the “requirements” session, see below.

Glue Code

To produce practical glue code a concrete use case is necessary. If you have a concrete use case and the tools intended to address this use case it is easy to identify the glue code required for implementation. This also provides the possibility to address whether the APIs of the tools support the implementation of the use case. When a tool does not support the needed API it is then practical and possible to file a targeted issue for that specific tool.

We intend to create a place where one can share information about different integration scenarios or proof of concepts different person are currently working on, in order to avoid duplicated efforts and to be able to connect to others addressing the same concerns. Two examples: Martin is willing to share the information about his company’s Yocto proof-of-concept and Arun will share information about work in his company.

 *   Oliver Fendt has taken an action item to create a place (directory) in our Github repo that this and other information can be shared and coordinated.

There is also the possibility that existing tools have integration scenarios with on their roadmap and that for these scenarios glue code is unnecessary. Coordination is key.

Requirements

There was consensus that documentation is needed to describe the progress from user stories (what do I want/need to do) to capabilities of the functional building blocks that make up the big picture (e.g. License & copyright scanner). It is important to provide concrete instances of tools which implement the necessary capabilities. This will also be a good base to identify needed glue code and/or APIs to be implemented in the concrete tools.

 *   Oliver Fendt has taken an action item to create an issue about this in our Github repo @ https://github.com/Open-Source-Compliance/Sharing-creates-value/issues/74

Finally

If you want to contribute to realize our targeted results you are highly welcome. Jump in and comment on the issues we will create based on these outcomes.

Let’s work together to make this happen

Get these guides and many more documents in the OpenChain Reference Library.

OpenChain and Coronavirus

By News

A message from Shane Coughlan, OpenChain General Manager

Dear Everyone
First of all, I would like to offer my personal best wishes and thoughts to everyone who is impacted. The safety of yourself, your family, your friends and your colleagues is the most important thing.
Every decision in the OpenChain Project will be taken from this perspective. We expect events in Asia and abroad to be altered or cancelled due to the outbreak.
More specifically:

  1. On February 6th I will attend the first OpenChain Germany meeting. However, if the virus appears in South West Japan I will cancel my attendance. I do not want to risk carrying the virus to Europe.
  2. On February 18 the 13th OpenChain Japan meeting happens in Tokyo. The Japan Work Group will monitor the situation and decide if we need to change our plans. Updates to follow.
  3. On March 3rd the third OpenChain China meeting happens in Beijing. We will monitor the situation and decide if we cancel within the next two weeks. Updates to follow.
  4. Our events in Taiwan are being decided by our local organizers, SZ and Lucien. Updates to follow.
  5. Our events in Korea are undecided. I will talk with our local community. Updates to follow.
  6. Our co-hosting of the first Asian Legal Network Conference will continue, but the event has moved from Q1 to Fall. Updates to follow.

Regardless of where you are, please take care. I am hearing reports of shortages of face masks and other materials in more locations. If you are in one of these locations please contact me at scoughlan@linuxfoundation.org. I will send supplies.
Let’s take care of each other.
Regards
Shane

Inno3 is the Latest OpenChain Conformant Organization

By News

SAN FRANCISCO, JANUARY 29, 2020 – Today the OpenChain Project welcomes Inno3 as our latest conformant organization. Inno3 is an open, independent innovation consultancy specializing in Open Data and Open Source. They have been a leading service provider in France since 2001.

The OpenChain standard defines inflection points in business workflows where a compliance process, policy or training should exist to minimize the potential for errors and maximize the efficiency of bringing solutions to market. The companies involved in the OpenChain community number in the hundreds. The OpenChain standard is being prepared for submission to ISO and evolution from de facto into a formal standard in 2020.

“In today’s compliance landscape, OpenChain is a key standard, that stands on the shoulders of other open standards like SPDX,” says Camille Moulin, Senior Consultant at Inno3. “It sets a proven framework that we use both internally and with our clients, providing at the same time strong focus points and enough flexibility to adapt to each specific business context. It’s a transparent, global open project, thriving with local communities, and we’re very enthusiastic about relaying this dynamic in France.”

“Inno3 is a company with a long history of effective engagement with open source,” says Shane Coughlan, OpenChain General Manager. “Their announcement of OpenChain Conformance today underlines not only their commitment to excellence with regards their product-offerings and customers, but also marks a milestone of increased OpenChain presence and influence in France. I am looking forward to collaborating with Camille and his team on next steps.”

About Inno3

Inno³ is an expert independent consulting firm specializing in Open Innovation, Open Data and Open Source fields. From code auditing to the evaluation (appraisal) of valuation policies, our competencies extend from intellectual property management to the transformation of organisation and the creation of dynamic ecosystems.

About the OpenChain Project

The OpenChain Project builds trust in open source by making open source license compliance simpler and more consistent. The OpenChain Specification defines a core set of requirements every quality compliance program must satisfy. The OpenChain Curriculum provides the educational foundation for open source processes and solutions, whilst meeting a key requirement of the OpenChain Specification. OpenChain Conformance allows organizations to display their adherence to these requirements. The result is that open source license compliance becomes more predictable, understandable and efficient for participants of the software supply chain.

About the Linux Foundation

The Linux Foundation is the organization of choice for the world’s top developers and companies to build ecosystems that accelerate open technology development and industry adoption. Together with the worldwide open source community, it is solving the hardest technology problems by creating the largest shared technology investment in history. Founded in 2000, The Linux Foundation today provides tools, training and events to scale any open source project, which together deliver an economic impact not achievable by any one company. More information can be found at www.linuxfoundation.org.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage.

Linux is a registered trademark of Linus Torvalds.

Media Contacts

Shane Coughlan
+818040358083
scoughlan@linuxfoundation.org

Roxane Maurel
+331 83 64 09 89
rmaurel@inno3.fr
https://inno3.fr

OpenChain @ United Nations Technology Innovation Labs OS and IP Advisory Group

By Featured

Shane Coughlan, the OpenChain General Manager, has been named a participant in the United Nations Technology Innovation Labs OS and IP Advisory Group. While he is formally contributing as an individual, a key aspect of his engagement will be focused on ensuring that the OpenChain standard for open source compliance is fully understood, and that our broader community interests are effectively communicated.

For reference, the proposed UNTIL licensing frameworks/models for identified use cases are to:

  1. Enable technology solutions sharing and transfer to and among Member States
  2. Enable sharing technology solutions with the wider UNTIL ecosystems and the general public
  3. Enable cooperation between the UN and relevant partners in utilizing UNTIL technology (possibly through service level agreement-based fee structures paid by users of the technology solution)
  4. Enable the promotion of proprietary technology solutions that are incubated in the labs through UNTIL assistance towards start-ups and commercial organizations
  5. Enable engagement with the Academia and the research world

The group meets by telephone and at physical venues on a quarterly basis.

Learn More about the UNTIL OS and IP Advisory Group

OpenChain and the Coronavirus Situation

By Featured

The recent outbreak of a serious new Coronavirus in Asia has created a serious health challenge across multiple countries. Our thoughts are with everyone in areas impacted by illness, by travel restrictions, or with family in these areas. There is nothing more important than health and safety and we are sorry that so many currently face challenges in precisely these areas.

It is too early to say what the impact of this virus will be throughout Q1 and into Q2. It is possible that some of our events such as the third OpenChain China Work Group meeting – currently scheduled for 3rd of March @ Xiaomi in Beijing – will need to be postponed. Right now we plan to go ahead with the meeting. We will keep you informed of changes.

Stay safe everyone.

OpenChain Newsletter #33

By Monthly Newsletter, News

Newsletter – Issue 33 – January 2020

A message from Shane Coughlan, OpenChain General Manager:

During the outbreak of COVID-19 we have faced unprecedented challenges in the global supply chain. While these challenges are expected to carry through into Q2 our community is making every effort to ensure our strategy is executed effectively. Great thanks are due to everyone making this happen. Stay safe all.


OpenChain @ In The News

A recent interview about OpenChain from FOSSID has been translated into Japanese. This is a great onboarding point for Japanese-speaking individuals and companies interested in learning more about our work. You can check it out here:

OpenChain @ Interviews

In January we also continued our interview series. We are delighted to announce the release of interviews with Samantha from Cisco, Chloe from Huawai and Indira Bhatt from Facebook.

Read Samantha’s interview here:
https://www.openchainproject.org/news/2020/01/05/the-openchain-interviews-samantha-from-cisco

Read Chloe’s interview here:
https://www.openchainproject.org/featured/2020/01/15/the-openchain-interviews-chloe-from-huawei

And you can read Indira’s interview here:
https://www.openchainproject.org/openchain-interview-9

OpenChain @ Conformance

Inno3 is the Latest OpenChain Conformant Organization. Find out more:

OpenChain @ Partners

The OpenChain Project is delighted to welcome Lyra Infosystems as an official partner. Find out more about Lyra:

On January 23, 2020 the OpenChain Project also welcomed GTC Law Group PC & Affiliates as an official partner. Find out more about GTC:

OpenChain @ Work Groups

We had a community Pproposal on ‘Collaboration between ACT and OpenChain Reference Tooling WG.’ Fukuchi San from Sony shared a slide deck covering this topic, and if you are interested in open source tooling for open source compliance it is well worth a read:

Events continued globally. The OpenChain Project Japan workgroup held the 12th meeting at NEC on December 19th. Find out more:

The second meeting of the OpenChain India Work Group took place on the 21st of December and was hosted by Lyra Infosystems. Find out more:

OpenChain @ Around the World

OpenChain Around the World – India Snapshot
It is always great to see OpenChain Project appearing around the global commercial sphere. Here, for example, is the Lyra Infosystems Pvt Ltd website, highlighting their conformance with OpenChain 1.0 and 2.0. Way to go!

OpenChain Around the World – Seminar Snapshot
OpenChain was featured in the  seminar from DLA Piper, GTC Law Group and Synopsys entitled ‘The 2019 Open Source Year in Review.’ The seminar was held on the 24th of January. Find out more:

OpenChain @ Events

The OpenChain Project was featured by HH Partners, an official OpenChain Partner, at the Mindtrek Conference in Finland from the 28th to 30th January. Find out more:

OpenChain was at CES 2020 and – beyond hosting a booth with volunteers – we took the opportunity to host a physical meeting of the OpenChain Automotive Work Group. This was a great opportunity to meet some of the people behind the global growth of our industry standard, and to share knowledge about how open source governance works in the automotive space. Find out more:

Community Proposal: Collaboration between ACT and OpenChain Reference Tooling WG

By News

Fukuchi San from Sony recently shared a slide deck entitled ‘Collaboration between ACT and OpenChain Reference Tooling WG – a Proposal.’ Please find it below for reference. If you are interested in open source tooling for open source compliance and the OpenChain Reference Tooling Work Group please join our mailing list. Everyone is welcome:

Lyra Infosystems is the Latest OpenChain Partner

By Featured

SAN FRANCISCO, January 23, 2020 – The OpenChain Project is delighted to welcome Lyra Infosystems as our latest official partner. Lyra Infosystems offer services around Software Composition Analysis, Open Source Security, OS Compliance, OS Audits, Open Source Vulnerability Assessment, Open Source Support and more. Beyond offering a wide range of services related to the effective, efficient use of open source technology, Lyra Infosystems is also an active participant in the broader OpenChain community, collaborating alongside user companies to build great reference material and to support the principle of making open source compliance obtainable by companies everywhere.

Lyra Infosystems is the first Indian company to achieve Open Chain 1.0 conformant status with extensive experience of helping companies globally adopt and manage Open Source software. Lyra Infosystems is also certified for Open Chain 2.0 conformance.

The OpenChain standard defines inflection points in business workflows where a compliance process, policy or training should exist to minimize the potential for errors and maximize the efficiency of bringing solutions to market. The companies involved in the OpenChain community number in the hundreds. The OpenChain standard is being prepared for submission to ISO and evolution from de facto into a formal standard in 2020.

“Lyra Infosytems is an Open Source promoter, user, provider and services organization with more than 250+ customers across geographies, domains, industries and technology verticals,”says Naba Magrabi, Open Source Senior Consultant for Lyra Infosystems. “We are excited and delighted to be part of OpenChain Ecosystem to offer OpenChain conformance services, Open Source Policy, Process, Compliance consultation, Legal Remediation and Audit services to organizations around the globe.”

“The OpenChain community is extremely diverse and our engagement with Lyra Infosystems is an excellent example of this,” says Shane Coughlan, OpenChain General Manager. “As both an open source user and a vendor providing open source services, Lyra bridges the two primary business use-cases for our technology approach. I am delighted to build on our fantastic collaboration around OpenChain conformance and to formally provide another commercial support option for user companies in India and beyond.”

About Lyra Infosystems

Lyra Infosystems is an Enterprise Technology & IT Consulting Company headquartered in Bangalore with offices in Delhi, Mumbai and Singapore .Lyra Infosystems brings a decade of experience in the field of supporting their customers to design ,build and maintain infrastructure based on Open Source Software. In addition , Lyra also focuses in helping businesses in technology areas like Software Composition Analysis, Open Source Security , Open Source Compliance, Open Source Audits , Legal Remediation , DevOps/DevSecOps, Remote Support, Open Source Monitoring , Privilege Identity & Access Management, Collaboration suite and Open Source ERP/CRM .Lyra boasts of more than 284+ customers with a mix of enterprise, startups and small medium businesses

About the OpenChain Project

The OpenChain Project builds trust in open source by making open source license compliance simpler and more consistent. The OpenChain Specification defines a core set of requirements every quality compliance program must satisfy. The OpenChain Curriculum provides the educational foundation for open source processes and solutions, whilst meeting a key requirement of the OpenChain Specification. OpenChain Conformance allows organizations to display their adherence to these requirements. The result is that open source license compliance becomes more predictable, understandable and efficient for participants of the software supply chain.

About the Linux Foundation

The Linux Foundation is the organization of choice for the world’s top developers and companies to build ecosystems that accelerate open technology development and industry adoption. Together with the worldwide open source community, it is solving the hardest technology problems by creating the largest shared technology investment in history. Founded in 2000, The Linux Foundation today provides tools, training and events to scale any open source project, which together deliver an economic impact not achievable by any one company. More information can be found at www.linuxfoundation.org.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage

Linux is a registered trademark of Linus Torvalds.

Media Contacts

Shane Coughlan
+818040358083
scoughlan@linuxfoundation.org