Featured

The OpenChain Project has always offered online self-certification support, and we are delighted to announce that this has been improved for our two ISO/IEC standards:

• Online Self-Certification for OpenChain ISO/IEC 5230 for open source license compliance
• Online Self-Certification for OpenChain ISO/IEC 18974 for open source security assurance

Any organization can self-certify to OpenChain ISO/IEC 5230 or OpenChain ISO/IEC 18974. It is as simple as answering “yes” to all the questions on the online form. If an organization cannot answer “yes” to all of the questions, it does not yet meet the requirements of the standard.

Please note that this is a self-certification, and an organization is solely responsible for the accuracy of the statements it makes about conformance.

CJ CGV announces that it has become the first company in the Korean entertainment industry to obtain ‘ISO/IEC 5230:2020’ self-certification, the international standard for open source license compliance. This achievement signifies that CJ CGV’s systematic open source management system has earned global recognition for its effective operation.

The OpenChain Project, which maintains this standard, is an international collaboration initiated by the nonprofit Linux Foundation in the United States. The standard comprehensively evaluates the compliance capabilities of companies, including their open source software policies and processes, organizational expertise, and employee education. The international standard (ISO/IEC 5230:2020) defines key requirements for companies to use open source safely and efficiently, covering obligations for open source license compliance.

Recognizing the growing importance of open source in building next-generation systems, CJ CGV has strengthened its management capabilities. Since 2023, the company has established an open source management system, gradually meeting the core requirements of the international standard.

To achieve this, CJ CGV designated dedicated teams and personnel for open source verification and management, formed an ‘open source council’ including legal and security experts, and set up a system to identify and manage potential risks proactively. The company also introduced its internal open source management regulations, made open source verification mandatory during system development, and implemented an automated open source management system that verifies licenses and checks for security vulnerabilities.

On July 15, during the planning and development of its new next-generation system, CJ CGV rigorously examined the safety and security of all open source components. This effort supported one of the system’s primary goals—strengthening information protection capabilities—and provided critical technical infrastructure for “CineTalk,” CJ CGV’s movie community service.

Son Jong-soo, Head of Digital Innovation at CJ CGV, stated, “As digital transformation accelerates, strategic and secure utilization of open source has become essential in the entertainment industry. Achieving this international standard certification highlights CJ CGV’s technical management capabilities. We will continue to deliver trustworthy services and contribute to the growth of the open source ecosystem.”

About Element

Element is a decentralized and flexible communications platform, built on the Matrix open standard, that gives people and organizations the independence to communicate with confidence. Learn more: https://element.io

About the OpenChain Project:

The OpenChain Project has an extensive global community of over 1,000 companies collaborating to make the supply chain quicker, more effective and more efficient. It maintains OpenChain ISO/IEC 5230, the international standard for open source license compliance programs and OpenChain ISO/IEC 18974, the industry standard for open source security assurance programs.

About The Linux Foundation:

The Linux Foundation is the world’s leading home for collaboration on open source software, hardware, standards, and data. Linux Foundation projects are critical to the world’s infrastructure, including Linux, Kubernetes, Node.js, ONAP, PyTorch, RISC-V, SPDX, OpenChain, and more. The Linux Foundation focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

Check Out The Publicly Announced Community of Conformance:

• https://openchainproject.org/community-of-conformance

Woven by Toyota, a company designed to drive the evolution of mobility to enhance safety, peace of mind, fulfillment and opportunity for all, has completed its periodic re-conformance to the OpenChain ISO/IEC 5230 specification. ISO/IEC 5230 is the international standard for open source license compliance process management, and has seen widespread adoption throughout the mobility industry.

All our publicly announced conformance programs:

• https://openchainproject.org/community-of-conformance

S-core, Self-Certified for OpenChain ISO/IEC 18974 International Standard

S-core, an open source specialist with extensive experience in open source-based infrastructure development, has adopted OpenChain ISO/IEC 18974, an international standard for open source security assurance. This achievement builds upon the company’s existing OpenChain ISO/IEC 5230 certification for license compliance and extends their commitment to robust security across the open source supply chain.

With this certification, S-core has been able to strengthen open source security management and establish a more systematic approach and management system.

Sunghan Suh, Head of the Open Source Business Division at S-core, stated,  said “ISO /IEC 18974 certification has established a systematic process and culture for open source management, enabling us to accelerate innovation and enhance quality and security.” With the OpenChain ISO/IEC 18974 certification, S-core has proven its leadership in open source utilization and consulting. We have been actively utilizing open source and contributing to the community for a long time, and we are leading the creation of value from open source by sharing and collaborating with various companies with our accumulated open source expertise.

About S-core:

S-core specializes in open source services with extensive experience across various technology fields. The company provides comprehensive solutions including open source adoption & migration, technical support and governance consulting, and governance consulting. Through these services, S-core enables customers to safely and efficiently utilize open source technologies within robust management frameworks.

About the OpenChain Project:

The OpenChain Project has an extensive global community of over 1,000 companies collaborating to make the supply chain quicker, more effective and more efficient. It maintains OpenChain ISO/IEC 5230, the international standard for open source license compliance programs and OpenChain ISO/IEC 18974, the industry standard for open source security assurance programs.

About The Linux Foundation:

The Linux Foundation is the world’s leading home for collaboration on open source software, hardware, standards, and data. Linux Foundation projects are critical to the world’s infrastructure, including Linux, Kubernetes, Node.js, ONAP, PyTorch, RISC-V, SPDX, OpenChain, and more. The Linux Foundation focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.