The Linux Foundation Projects
Skip to main content
Category

Featured

Seven Services Announces an OpenChain ISO/IEC 5230 Conformant Program

By Featured, News

Seven Services is the latest company to announce an OpenChain ISO/IEC 5230 conformant program. Based in Saudi Arabia, they are the first organization to enter the OpenChain Community of Conformance from that region.

Seven Services is a multi-industry company, delivering advanced services and solutions tailored to meet the evolving demands of multiple industries. With a strong commitment to innovation, reliability, and excellence, we specialize in providing comprehensive solutions across key sectors, including:

  • Information Technology
  • Security
  • Oil & Gas
  • Industrial Support
  • Facility Management
  • General Trading
  • Logistics

Committed to innovation and customer success, Seven Services empowers businesses with secure, efficient, and scalable solutions.

You Will Find Their Listing In The Community of Conformance Here:

Learn More About The Organization:

Welcoming the OpenChain Ambassador Program

By Featured, News

OpenChain Ambassadors are official advocates within the OpenChain Project helping build a more trusted supply chain. They are a point of contact for new participants, and can help connect the community with knowledge and solutions. They provide support, training, mentorship and guidance to help:

  • With OpenChain community through local meetups, events, and content
  • Foster strong community collaboration and relationships
  • Attract and welcome new community participants
  • Provide feedback to the OpenChain Governing Board about community programs and initiatives
  • Advocate OpenChain best practices and OpenChain initiatives around the world

We are delighted to welcome 21 initial ambassadors from around the world, and to provide an even greater community of support for everyone working on a more trusted supply chain.

To learn more about who is in the program, and how to contact them, via our official Ambassadors page.

OpenChain @ OSS Europe – An Epic Community Presence

By Featured, News

Get To Know Our Thought-Leaders:

The OpenChain Project will have a substantial presence at Open Source Summit Europe next week! Catch talks and panels from our Board Members and Work Group Chairs, and have a chance to ask questions or share ideas.

Learn More:

+ The Mini-Summit on the 28th of August will be Special:

The OpenChain Mini-Summit will feature a great many of our current board members and chairs in one place, ready to share their knowledge and experience with both beginners and experts in license, security and regulatory compliance.

Get to know:
☑️ Ayumi Watanabe, Hitachi Solution
☑️ Helio Chissini de Castro, CARIAD
☑️ Jimmy Ahlberg, Ericsson
☑️ Jonathan Torres, META
☑️ Marcel Kurzmann, Bosch
☑️ Marc-Etienne Vargenau, Nokia
☑️ Masato Endo, Toyota
☑️ Norio Kobota, Sony
☑️ Sandra Hermoso Rodriguez, Arm
☑️ Taiki Kawamura, Honda

It’s Free To Register for the Mini-Summit:

Updates to OpenChain Self-Certification

By Featured, News

The OpenChain Project has always offered online self-certification support, and we are delighted to announce that this has been improved for our two ISO/IEC standards:

Any organization can self-certify to OpenChain ISO/IEC 5230 or OpenChain ISO/IEC 18974. It is as simple as answering “yes” to all the questions on the online form. If an organization cannot answer “yes” to all of the questions, it does not yet meet the requirements of the standard.

Please note that this is a self-certification, and an organization is solely responsible for the accuracy of the statements it makes about conformance.

CJ CGV Announces An ISO/IEC 5230 Conformant Program

By Featured, News

CJ CGV announces that it has become the first company in the Korean entertainment industry to obtain ‘ISO/IEC 5230:2020’ self-certification, the international standard for open source license compliance. This achievement signifies that CJ CGV’s systematic open source management system has earned global recognition for its effective operation.

The OpenChain Project, which maintains this standard, is an international collaboration initiated by the nonprofit Linux Foundation in the United States. The standard comprehensively evaluates the compliance capabilities of companies, including their open source software policies and processes, organizational expertise, and employee education. The international standard (ISO/IEC 5230:2020) defines key requirements for companies to use open source safely and efficiently, covering obligations for open source license compliance.

Recognizing the growing importance of open source in building next-generation systems, CJ CGV has strengthened its management capabilities. Since 2023, the company has established an open source management system, gradually meeting the core requirements of the international standard.

To achieve this, CJ CGV designated dedicated teams and personnel for open source verification and management, formed an ‘open source council’ including legal and security experts, and set up a system to identify and manage potential risks proactively. The company also introduced its internal open source management regulations, made open source verification mandatory during system development, and implemented an automated open source management system that verifies licenses and checks for security vulnerabilities.

On July 15, during the planning and development of its new next-generation system, CJ CGV rigorously examined the safety and security of all open source components. This effort supported one of the system’s primary goals—strengthening information protection capabilities—and provided critical technical infrastructure for “CineTalk,” CJ CGV’s movie community service.

Son Jong-soo, Head of Digital Innovation at CJ CGV, stated, “As digital transformation accelerates, strategic and secure utilization of open source has become essential in the entertainment industry. Achieving this international standard certification highlights CJ CGV’s technical management capabilities. We will continue to deliver trustworthy services and contribute to the growth of the open source ecosystem.”

About the OpenChain Project:

The OpenChain Project has an extensive global community of over 1,000 companies collaborating to make the supply chain quicker, more effective and more efficient. It maintains OpenChain ISO/IEC 5230, the international standard for open source license compliance programs and OpenChain ISO/IEC 18974, the industry standard for open source security assurance programs.

About The Linux Foundation:

The Linux Foundation is the world’s leading home for collaboration on open source software, hardware, standards, and data. Linux Foundation projects are critical to the world’s infrastructure, including Linux, Kubernetes, Node.js, ONAP, PyTorch, RISC-V, SPDX, OpenChain, and more. The Linux Foundation focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

Check Out The Publicly Announced Community of Conformance:

Element Announces OpenChain ISO/IEC 5230 Conformant Program

By Featured, News

About Element

Element is a decentralized and flexible communications platform, built on the Matrix open standard, that gives people and organizations the independence to communicate with confidence. Learn more: https://element.io

About the OpenChain Project:

The OpenChain Project has an extensive global community of over 1,000 companies collaborating to make the supply chain quicker, more effective and more efficient. It maintains OpenChain ISO/IEC 5230, the international standard for open source license compliance programs and OpenChain ISO/IEC 18974, the industry standard for open source security assurance programs.

About The Linux Foundation:

The Linux Foundation is the world’s leading home for collaboration on open source software, hardware, standards, and data. Linux Foundation projects are critical to the world’s infrastructure, including Linux, Kubernetes, Node.js, ONAP, PyTorch, RISC-V, SPDX, OpenChain, and more. The Linux Foundation focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

Check Out The Publicly Announced Community of Conformance:

Woven by Toyota Completes OpenChain ISO 5230 Re-Conformance

By Featured, News

Woven by Toyota, a company designed to drive the evolution of mobility to enhance safety, peace of mind, fulfillment and opportunity for all, has completed its periodic re-conformance to the OpenChain ISO/IEC 5230 specification. ISO/IEC 5230 is the international standard for open source license compliance process management, and has seen widespread adoption throughout the mobility industry.

All our publicly announced conformance programs:

Public Comment Period Announced: Artificial Intelligence System Bill of Materials – Compliance Management Guide for the Supply Chain

By Featured, News
The OpenChain AI Work Group has been considering how to manage AI compliance in the supply chain for over a year. During this time the community has collaboratively produced a draft guide to identify key process points for a quality AI compliance program:

Next Steps:

With approval from the OpenChain Governing Board, the draft ‘The Artificial Intelligence System Bill of Materials: Compliance Management Guide for the Supply Chain’ is now entering a Public Comment Period.

Participate:

This Public Comment period will follow the OpenChain Project process outlined on our website:

YOU CAN SUBMIT A COMMENT BY:

  1. Opening an issue on the OpenChain Project Reference Library GitHub Repository:
    https://github.com/OpenChain-Project/Reference-Material/issues
  2. Emailing the OpenChain AI Work Group mailing list:
    https://lists.openchainproject.org/g/ai
The Public Comment Period will run for six weeks.

THE DEADLINE FOR SUBMISSION OF PUBLIC COMMENTS IS 2025-08-18 AT 04:00 PDT / 11:00 UTC / 13:00 CEST / 20:00 JST.

Please note: THE DRAFT GUIDE IS NOT A PRODUCTION RELEASE OR OFFICIAL RELEASE DOCUMENT FROM THE OPENCHAIN PROJECT. AT THIS JUNCTURE, IT IS WORKING DOCUMENT DESIGNED TO ALLOW INTERESTED PARTIES TO SHARE IDEAS.

ECARX Announces An OpenChain ISO/IEC 5230 Conformant Program

By Featured, News

ECARX is a global automotive technology provider partnering with OEMs to accelerate the future of software-defined vehicles. As OEMs develop new vehicle platforms from the ground up, ECARX is developing a full-stack solutions to enhance the user experience, while reducing complexity and cost.

To date ECARX products have been integrated into more than 8.7 million cars worldwide. Founded in 2017, and listed on the Nasdaq in 2022, it has more than 1,800 team members across Europe, Asia and the Americas working towards one ambition: to redefine the driving experience by making it safer and more enjoyable for everyone.