Skip to main content
THE LINUX FOUNDATION PROJECTS
Category

Featured

Welcoming the OpenChain AI System Bill of Materials Compliance Guide

By Featured, News

The OpenChain AI Work Group has been considering how to manage AI compliance in the supply chain since January 2024. During this time the community has collaboratively produced a guide to identify key process points for a quality AI compliance program. After completing a drafting process, a review process and a public comment period, that guide is now freely available to all in its release version.

Download a Printable Version

Review the Editing Version on GitHub (MarkDown format)

Get Involved:

Everyone is welcome to be part of this activity! OpenChain has free, open access to all its work groups and study groups. Just turn up, and listen in, and contribute comments, ideas and suggestions.

✉️ We have a dedicated mailing list for the AI Work Group: https://lists.openchainproject.org/g/ai

Attend Future Meetings:

You can find and get the dial-in details for all future meetings from our participate page here: https://www.openchainproject.org/participate

JUN Legal GmbH is the Latest OpenChain Partner

By Featured, News


JUN Legal GmbH is the latest official OpenChain Partner, expanding coverage and diversity of options in the German market.

“Open source is a strategic topic for the European Union,” says Florian Hackel, specialized lawyer for IT law. “Projects like OpenChain, and the ISO process standards they maintain, offer a path to sustainable, reliable and trustworthy management. We are delighted to be able to support our clients and the broader community in the continued professionalization of open source.”

“Germany is a key market for the OpenChain Project,” says Shane Coughlan, OpenChain General Manager. “I am delighted to see our options for the community expanding, and our avenues for advocacy and support doing the same. I look forward to future collaboration with JUN and their team.”

About JUN Legal GmbH
JUN Legal is a medium-sized German law firm specializing in IT law, AI and open source compliance. Our team currently includes 27 attorneys with FOSS experience, eight of whom are Certified Specialist Lawyers for IT Law. For more than a decade, we have supported major corporate clients in ensuring license-compliant integration of open source software components and in developing strategic policies for the use of open source and its diverse licensing models. Our experience also includes delivering expert lectures, publishing on open source legal topics, and representing clients in selected court proceedings.

Learn more: https://jun.legal/en/

 

Seven Services Announces an OpenChain ISO/IEC 5230 Conformant Program

By Featured, News

Seven Services is the latest company to announce an OpenChain ISO/IEC 5230 conformant program. Based in Saudi Arabia, they are the first organization to enter the OpenChain Community of Conformance from that region.

Seven Services is a multi-industry company, delivering advanced services and solutions tailored to meet the evolving demands of multiple industries. With a strong commitment to innovation, reliability, and excellence, we specialize in providing comprehensive solutions across key sectors, including:

  • Information Technology
  • Security
  • Oil & Gas
  • Industrial Support
  • Facility Management
  • General Trading
  • Logistics

Committed to innovation and customer success, Seven Services empowers businesses with secure, efficient, and scalable solutions.

You Will Find Their Listing In The Community of Conformance Here:

Learn More About The Organization:

Welcoming the OpenChain Ambassador Program

By Featured, News

OpenChain Ambassadors are official advocates within the OpenChain Project helping build a more trusted supply chain. They are a point of contact for new participants, and can help connect the community with knowledge and solutions. They provide support, training, mentorship and guidance to help:

  • With OpenChain community through local meetups, events, and content
  • Foster strong community collaboration and relationships
  • Attract and welcome new community participants
  • Provide feedback to the OpenChain Governing Board about community programs and initiatives
  • Advocate OpenChain best practices and OpenChain initiatives around the world

We are delighted to welcome 21 initial ambassadors from around the world, and to provide an even greater community of support for everyone working on a more trusted supply chain.

To learn more about who is in the program, and how to contact them, via our official Ambassadors page.

OpenChain @ OSS Europe – An Epic Community Presence

By Featured, News

Get To Know Our Thought-Leaders:

The OpenChain Project will have a substantial presence at Open Source Summit Europe next week! Catch talks and panels from our Board Members and Work Group Chairs, and have a chance to ask questions or share ideas.

Learn More:

+ The Mini-Summit on the 28th of August will be Special:

The OpenChain Mini-Summit will feature a great many of our current board members and chairs in one place, ready to share their knowledge and experience with both beginners and experts in license, security and regulatory compliance.

Get to know:
☑️ Ayumi Watanabe, Hitachi Solution
☑️ Helio Chissini de Castro, CARIAD
☑️ Jimmy Ahlberg, Ericsson
☑️ Jonathan Torres, META
☑️ Marcel Kurzmann, Bosch
☑️ Marc-Etienne Vargenau, Nokia
☑️ Masato Endo, Toyota
☑️ Norio Kobota, Sony
☑️ Sandra Hermoso Rodriguez, Arm
☑️ Taiki Kawamura, Honda

It’s Free To Register for the Mini-Summit:

Updates to OpenChain Self-Certification

By Featured, News

The OpenChain Project has always offered online self-certification support, and we are delighted to announce that this has been improved for our two ISO/IEC standards:

Any organization can self-certify to OpenChain ISO/IEC 5230 or OpenChain ISO/IEC 18974. It is as simple as answering “yes” to all the questions on the online form. If an organization cannot answer “yes” to all of the questions, it does not yet meet the requirements of the standard.

Please note that this is a self-certification, and an organization is solely responsible for the accuracy of the statements it makes about conformance.

CJ CGV Announces An ISO/IEC 5230 Conformant Program

By Featured, News

CJ CGV announces that it has become the first company in the Korean entertainment industry to obtain ‘ISO/IEC 5230:2020’ self-certification, the international standard for open source license compliance. This achievement signifies that CJ CGV’s systematic open source management system has earned global recognition for its effective operation.

The OpenChain Project, which maintains this standard, is an international collaboration initiated by the nonprofit Linux Foundation in the United States. The standard comprehensively evaluates the compliance capabilities of companies, including their open source software policies and processes, organizational expertise, and employee education. The international standard (ISO/IEC 5230:2020) defines key requirements for companies to use open source safely and efficiently, covering obligations for open source license compliance.

Recognizing the growing importance of open source in building next-generation systems, CJ CGV has strengthened its management capabilities. Since 2023, the company has established an open source management system, gradually meeting the core requirements of the international standard.

To achieve this, CJ CGV designated dedicated teams and personnel for open source verification and management, formed an ‘open source council’ including legal and security experts, and set up a system to identify and manage potential risks proactively. The company also introduced its internal open source management regulations, made open source verification mandatory during system development, and implemented an automated open source management system that verifies licenses and checks for security vulnerabilities.

On July 15, during the planning and development of its new next-generation system, CJ CGV rigorously examined the safety and security of all open source components. This effort supported one of the system’s primary goals—strengthening information protection capabilities—and provided critical technical infrastructure for “CineTalk,” CJ CGV’s movie community service.

Son Jong-soo, Head of Digital Innovation at CJ CGV, stated, “As digital transformation accelerates, strategic and secure utilization of open source has become essential in the entertainment industry. Achieving this international standard certification highlights CJ CGV’s technical management capabilities. We will continue to deliver trustworthy services and contribute to the growth of the open source ecosystem.”

About the OpenChain Project:

The OpenChain Project has an extensive global community of over 1,000 companies collaborating to make the supply chain quicker, more effective and more efficient. It maintains OpenChain ISO/IEC 5230, the international standard for open source license compliance programs and OpenChain ISO/IEC 18974, the industry standard for open source security assurance programs.

About The Linux Foundation:

The Linux Foundation is the world’s leading home for collaboration on open source software, hardware, standards, and data. Linux Foundation projects are critical to the world’s infrastructure, including Linux, Kubernetes, Node.js, ONAP, PyTorch, RISC-V, SPDX, OpenChain, and more. The Linux Foundation focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

Check Out The Publicly Announced Community of Conformance:

Element Announces OpenChain ISO/IEC 5230 Conformant Program

By Featured, News

About Element

Element is a decentralized and flexible communications platform, built on the Matrix open standard, that gives people and organizations the independence to communicate with confidence. Learn more: https://element.io

About the OpenChain Project:

The OpenChain Project has an extensive global community of over 1,000 companies collaborating to make the supply chain quicker, more effective and more efficient. It maintains OpenChain ISO/IEC 5230, the international standard for open source license compliance programs and OpenChain ISO/IEC 18974, the industry standard for open source security assurance programs.

About The Linux Foundation:

The Linux Foundation is the world’s leading home for collaboration on open source software, hardware, standards, and data. Linux Foundation projects are critical to the world’s infrastructure, including Linux, Kubernetes, Node.js, ONAP, PyTorch, RISC-V, SPDX, OpenChain, and more. The Linux Foundation focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

Check Out The Publicly Announced Community of Conformance:

Woven by Toyota Completes OpenChain ISO 5230 Re-Conformance

By Featured, News

Woven by Toyota, a company designed to drive the evolution of mobility to enhance safety, peace of mind, fulfillment and opportunity for all, has completed its periodic re-conformance to the OpenChain ISO/IEC 5230 specification. ISO/IEC 5230 is the international standard for open source license compliance process management, and has seen widespread adoption throughout the mobility industry.

All our publicly announced conformance programs: