September 21st 2023 at 09:00-12:00 Spanish Time (CEST)
You are invited to join the OpenChain Mini-Summit adjacent to Open Source Summit Europe.
Our focus will be on:
Discussing the new ISO standard for security
Automation for open source compliance and security
This is an hybrid physical and virtual event. It is free of charge for all participants.
Due to in-person space being limited, we invite everyone to register for the virtual event, and to email scoughlan@linuxfoundation.org if they want a seat at the physical event.
We previously planned to hold this Mini-Summit on Monday the 18th of September, but we have moved it to Thursday the 21st of September to avoid overlap with the SPDX Mini-Summit covering SPDX 3.0.
Collabora, a leading open source software consultancy, has become the latest organization to announce an OpenChain ISO/IEC 5230 conformant program.
“One of the key benefits of ISO standards created by the OpenChain Project is to signal the adoption and use of the processes necessary for quality compliance or security programs related to open source,” says Shane Coughlan, OpenChain General Manager. “The announcement by Collabora of an ISO/IEC 5230 conformant program is an example of their commitment to excellence around open source license compliance management. We are delighted to welcome them to our community of conformance, and we look forward to fostering a productive long-term collaboration around our shared industry.”
“Being a ISO9001:2015 and ISO27001:2017 certified organization, we are delighted to join the OpenChain Project’s extensive global community,” says Eleni Katsoula, Engineering Operations Manager at Collabora. Along with so many of Collabora’s esteemed customers being Platinum members of the OpenChain community, we look forward to promoting the project’s focus on commercial and non-commercial open source process management.”
About Collabora
Collabora is a global consultancy specializing in delivering the benefits of Open Source software to the commercial world. Whether it’s the Linux kernel, graphics, multimedia or machine learning, Collabora’s expertise spans across all key areas of Open Source software development. By harnessing the potential of community-driven projects, and re-using existing components, Collabora helps its clients focus on creating product differentiation, enabling them to develop the best solutions. From tailoring the latest Open Source technologies to your projects, to integrating Open Source methodologies into your organization, Collabora can help you navigate the ever-evolving world of Open Source. Learn more at collabora.com.
This webinar was lead by Clare Dillon, the Executive Director of InnerSource Commons, and it highlighted the activities and value behind the InnerSource movement. InnerSource is the use of open source best practices for software development within the confines of an organization. Understanding this has become a key part of business strategy for forward-looking organizations.
Two Resource Flagged By Our Speaker
FINOS InnerSource Special Interest Group project on InnerSource licenses – an overview: https://youtu.be/bQz12Rwzzbk
LINE Corporation is pleased to announce that it has achieved OpenChain ISO/IEC 5230 self-certification, the international standard for open source license compliance. The OpenChain Project is one of the initiatives led by Linux Foundation, a leading non-profit organization focused on fostering innovation through open source and developing best practices and standards for open source software, hardware, standards, and data.
By attaining ISO/IEC 5230 self-certification, LINE has been globally recognized as having a highly trustworthy and systematic management system for utilizing open source. Thousands of LINE developers around the world, including in South Korea, Japan, Taiwan, Thailand, and Vietnam, utilize and develop open source systems based on international standards, and LINE’s open source team strictly complies with those core obligations in open source management.
LINE also has a history of releasing its internal technologies as open source software, including Armeria, the asynchronous framework that is a core technology of the LINE messenger. In addition, LINE has been a Silver Sponsor of the Apache Software Foundation, an American nonprofit organization that supports open source, since 2022, and since 2021, LINE has hosted the LINE Open Source Sprint, an internal event where LINE developers can participate in open source projects over the course of a month. By doing activities like these, LINE not only supports the growth of individual developers, but also strives to create an open source culture that embraces collaboration with the global open source ecosystem.
“LINE has a long history of success pioneering cutting-edge technological trends in all sorts of fields, including messengers, AI, blockchain, and fintech,” said Snow Kwon, CTO of LINE Plus. “As part of this process, we strictly maintain the highest standards of open source compliance. This OpenChain certification is recognition of our longstanding capacity in this area, and a sign of our commitment to open source moving forward.”
About LINE Corporation
Based in Japan, LINE is dedicated to the mission of “Closing the Distance,” bringing together information, services and people. The LINE messaging app launched in June 2011 and since then has grown into a diverse, global ecosystem that includes AI technology, fintech and more. LINE joined the Z Holdings Group, one of the largest internet service groups in Japan, following the completion of a business integration in March 2021.
xFusion, a global leader in digital infrastructure and services, is the 100th organization to announce an OpenChain Conformant Program through our website. Certified by CAICT, an official OpenChain Partner based in China, the development underlines a strong commitment to excellence in process management.
“The OpenChain Project is delighted to welcome xFusion to our community of conformance,” says Shane Coughlan, OpenChain General Manager. “It cannot be overstated how important companies like xFusion are to the future of the open source supply chain, and their collaboration with CAICT alongside their future work in this market, provides significant encouragement for the larger community.”
About xFusion
xFusion Digital Technologies Co., Ltd. (hereinafter referred to as “xFusion”) is dedicated to providing global leading digital infrastructure and services. xFusion continuously creates value for customers and partners and accelerates the digital transformation of the industry. xFusion has 11 research institutes, 7 regional offices, and 5 major supply centers totally around the world (some still under preparation). Currently, xFusion is serving customers in 130 countries and regions, including 211 Fortune Global 500 companies and covering telecoms, finance, Internet, governments, and other industries.
Deloitte, a global leader in providing audit and assurance, tax and legal, consulting, financial advisory, and risk advisory services to companies, is the latest official OpenChain Partner.
“Open source license and security compliance has become an essential part of our clients’ supply chains. The OpenChain project has done an excellent job in providing best practices and governance guidelines that are reflected in ISO/IEC 5230 and ISO/IEC 18974,” says Sascha Pudenz, Senior Manager at Deloitte. “We are very pleased to become a contributing member of the OpenChain community and a third-party certifier. The opportunity to support the project and spread the principles throughout our internal and external network will also help drive maturity and awareness of the importance of these standards.” adds Robert Härtwig, Director at Deloitte.
“We are delighted to welcome Deloitte to our support ecosystem,” says Shane Coughlan, OpenChain General Manager. “The provision of services like third-party certification is a vital pillar of our standardization work, and helps to ensure open source process management is effective, coherent and builds trust in the supply chain. We look forward to working closely with their team in the months and years ahead to ensure the complexity of managing technology is reduced for companies of all sizes and in all markets.”
About Deloitte
Deloitte provides industry-leading audit and assurance, tax and legal, consulting, financial advisory, and risk advisory services to nearly 90% of the Fortune Global 500® and thousands of private companies. Our professionals deliver measurable and lasting results that help reinforce public trust in capital markets, enable clients to transform and thrive, and lead the way toward a stronger economy, a more equitable society and a sustainable world. Building on its 175-plus year history, Deloitte spans more than 150 countries and territories. Learn how Deloitte’s approximately 415,000 people worldwide make an impact that matters at www.deloitte.com.
Today the OpenChain Project announces new online conformance checklists for all of our current license compliance and security assurance standards. These checklists allow any organization to quickly and privately check if they meet the requirements of a standard. They are a free service provided to the global supply chain to support trust between organizations.
Each checklist has a series of “yes” or “no” statements. If you can answer “yes” to everything, you are self-certified. If you answer “no” to some items, you know where to invest further time to build a quality program. The checklists allow you to save your progress and take up to 30 days to complete all the items.
After completing a checklist, you decide if we list you on our website or not. Of course, we hope to display more and more examples of adoption over time.
Today the OpenChain Project releases a new way for organizations to show their use of our license compliance and security assurance standards. If you use ISO/IEC 5230, ISO/IEC DIS 18974, OpenChain License Compliance 2.1 or OpenChain Security Assurance 1.1 you can fill out a simple form and get an official conformance badge.
This form is safe, secure and private. You decide if we list you on our website or not. Of course, we hope to display more and more examples of adoption over time.
