Skip to main content
Category

Monthly Newsletter

OpenChain Newsletter #56

By Monthly Newsletter, News
logo

​ Newsletter – Issue 56 – July 2023

The OpenChain Newsletter provides a monthly summary of our work. It contains an overview of what we are doing to build trust around license compliance and security in the open source supply chain. We accept suggestions and ideas. Feel free to mail us at any time.

Headline News

Outreach

Shane Coughlan, OpenChain General Manager, was the guest presenter on a webinar for InnerSource Commons:

Webinars

The OpenChain webinar series continued with presentations about open source in automotive and on InnerSource:

Meetings

Our multiple work groups had regular meetings:

Check Out All Our Previous Newsletters:

OpenChain Newsletter #55

By Monthly Newsletter, News
logo

​ Newsletter – Issue 55 – June 2023

The OpenChain Newsletter provides a monthly summary of our work. It contains an overview of what we are doing to build trust around license compliance and security in the open source supply chain. We accept suggestions and ideas. Feel free to mail us at any time.

This edition of the newsletter was created and shared by Qiuyue Qi of OpenSCA, and we provide our thanks for the contribution!

Main News

Deloitte joined the OpenChain Project as an official partner.

xFusion has announced conformance with ISO/IEC 5230.

Activities

The OpenChain Project has joined an O-RAN next Generation Research Group meeting:

Find the recordings of our mini-summit at the Linux Foundation Open Source Summit North America here:

Materials

Check infos about OpenChain Conformance Badge and the new Online Conformance Checklists for All OpenChain Standards.

Webinars

There are three webinars this month: two regular ones talked respectively about trusted network initiative (#52) and OpenSCA (#53), and a special one focused on automotive.

Routine

Our multiple work groups had regular meetings:

Check our monthly meeting below:

Check Out All Our Previous Newsletters:

OpenChain Newsletter #54

By Monthly Newsletter, News
logo

​ Newsletter – Issue 54 – May 2023

The OpenChain Newsletter provides a monthly summary of our work. It contains an overview of what we are doing to build trust around license compliance and security in the open source supply chain. We accept suggestions and ideas. Feel free to mail us at any time.

This edition of the newsletter was created and shared by Qiuyue Qi of OpenSCA, and we provide our thanks for the contribution!

Main News

Let’s welcome CARIAD to the board and NORDEMANN as a new partner:

Activities

The OpenChain Project has joined NLnet Software Supply Chain Webinar Series, and also presented at GOTC and OSCAR in China.

Additionally, we held a mini-summit at the Linux Foundation Open Source Summit North America:

Case Study

There is a case study for people who are interested in AI topics:

Material

OpenChain ISO/IEC 5230 now has Wikipedia page in Spanish:

A CC0 version of REUSE.software Specification 3.0 is available:

We have updated OpenChain Conformance Badges, and added new mascots to the community.

For June, overview presentations have been released.

Routine

Education and legal work groups had regular meetings:

Check our monthly meeting below:

Others

The OpenChain Project has been featured at ‘Efficient IP management in a market increasingly using open source’ on IAM.

Check Out All Our Previous Newsletters:

OpenChain Newsletter #53

By Monthly Newsletter, News
logo

​ Newsletter – Issue 53 – April 2023

The OpenChain Newsletter provides a monthly summary of our work. It contains an overview of what we are doing to build trust around license compliance and security in the open source supply chain. We accept suggestions and ideas. Feel free to mail us at any time.

This edition of the newsletter was created and shared by Qiuyue Qi of OpenSCA, and we provide our thanks for the contribution!

Enlargement

Cloudera, Alibaba Cloud, China Mobile, SAIC Z-ONE and ByteDance have all announced conformance with ISO/IEC 5230.

LG Electronics also announced conformance with ISO/IEC DIS 18974, the forthcoming ISO standard for open source security assurance.

LG Electronics Announces OpenChain ISO/IEC DIS 18974 Conformant Program

Activities

The OpenChain Project has held the OSCAR Open Source Supply Chain Salon together with CAICT:

We have also delivered keynotes for Software Alliance Germany and at FOSS North 2023.

Survey

Our industry survey has been online for April.

Material

We have updated GPLv2 Compliance Flowcharts:

Webinar

We have held a webinar with an update on ClearlyDefined:

Routine Activities

Telco, education and legal work groups had regular meetings.

Checking our monthly meeting below:

Others

The OpenChain Project has been featured at the 2nd China Automotive Cyber Security and Data Security Conference 2023 and the FSFE Legal and Licensing Workshop 2023

Insight on AI Hallucinations Around Open Source Licenses from our partner:

Check Out All Our Previous Newsletters:

OpenChain Newsletter #52

By Monthly Newsletter, News
logo

​ Newsletter – Issue 52 – March 2023

The OpenChain Newsletter provides a monthly summary of our work. It contains an overview of what we are doing to build trust around license compliance and security in the open source supply chain. We accept suggestions and ideas. Feel free to mail us at any time.

This edition of the newsletter was created and shared by Qiuyue Qi of OpenSCA, and we provide our thanks for the contribution!

Enlargement

Socionext & Suzhou Prism Colorful Information Technology Co., Ltd. have all announced conformance with ISO/IEC 5230.

CESI joined the OpenChain Project as the official partner.

Activities

The OpenChain Project has had open discussions with LG Electronics and SK Group, presented at LF APAC Leadership Summit and delivered a speech at OSPO Summit.

Materials

There are two vital updates to our essential materials to follow:

Moreover, we have prepared an introduction to our standard for open source security assurance, ISO/IEC DIS 18974, for those who are interested.

The record of LF Training Courses Translation Project is also now available.

Webinar

We have held two webinars, respectively talking about an overview of SPDX 3.0 (#50) and the recap of FOSDEM (#49)

Routine

March has also witnessed lots of work done with our work groups and monthly meetings across the globe.

Our legal work group has been officially announced.

Both telco and export control work groups initiated insightful discussions.

Details of work groups in Germany, Korea and the UK can be found in the following links:

Checking our monthly meeting below:

Others

OpenChain ISO/IEC 5230:2020 is featured in Journal Of Software Volume 33, Issue 3, 2023.

Check Out All Our Previous Newsletters:

OpenChain Newsletter #51

By Featured, Monthly Newsletter, News

Newsletter – Issue 51 – February 2023

The OpenChain Newsletter provides a monthly summary of our work. It contains an overview of what we are doing to build trust around license compliance and security in the open source supply chain. This is a community newsletter, so we accept suggestions and ideas, and you can contact us by mail at any time.

Cool Statistic To Start The Year

The OpenChain Project now has 10 official third-party certifiers for our license compliance and security assurance standards.

You can now get third-party certified with ISO/IEC 5230 or the OpenChain Security Assurance Specification 1.1 anywhere in the world… and you have plenty of choice about who to work with. Of course, you have options when adopting our standards. The most common thing is actually for companies to start with self-certification, so if you are new to this… Learn more here)

Nice Outreach News

OpenChain now has a Wikipedia page about ISO/IEC 5230. Huge thank you to Marc-Etienne Vargenau at Nokia for making this happen.

Huge Revamp Of OpenChain Material Underway

Our reference library of over 1,000 documents to help you learn about our standards, train people or suppliers around open source, get policy templates, self-certification checklists and more has been totally overhauled. It is now easier to find material, easier to share material and easy to translate material.

We have also dramatically improved our community calendar to make it much easier to find our events, webinars and more.

ISO/IEC 5230:2020 Conformance

Yes Security and Panx Project announced adoption of our ISO/IEC standard for open source license compliance via the OpenChain website. Both companies self-certified. Yes Security is the first company from Brazil to announce conformance via our website. Well done!

Partner News

It was an exciting month for us on the partner side of things. First of all, we had OSPOCO and Taylor English Join The OpenChain Partner Program, and we had TIMETOACT GROUP Offer Open Source Certification Based On ISO/IEC 5230. However, the banner headline (as mentioned in the cool statistic section of this newsletter) is that we now have 10 official third-party certifiers around the world.

OpenChain Meetings And Events

Lots of recordings and minutes for those catching up this month.

Our global calls – where we edit the next generations of the license compliance and security assurance standards:

Other community meetings:

On the “external collaboration” side of things we had an OSS Compliance in 2022 / 2023 event co-organized with FOSSID. We were also featured with a speech and Q&A session at an OpenAnolis Standardization SIG Meeting in China at the invitation of Alibaba.

Webinars

This month we had two webinars. One covered new security tools and one unpacked fascinating data points around GPLv2 licensing. Did you know there have been 40 versions of the GPLv2 published on its official websites and there have been 12 different versions found in the Linux Kernel? Definitely a webinar to watch if you are interested in the licensing side of things.

Want to join our calls? Watch our webinars? Just check out our global calendar.

Training Material In The Supply Chain

Last month we mentioned that Continental Corporation made LFC193 a required course for their software developers from late Q3 2022. Since then we had two other soft announcements from community members about their adoption.

Coming Soon

For those wanting a sample of what’s on the community calendar for March…

Finally… If You Want To Talk About OpenChain…

Our new community education slides are now available. You will find a full overview of the project here and speaker notes to help you talk about what we do.

Check Out All Our Previous Newsletters:
https://www.openchainproject.org/newsletter

Quick Links

Legal: All trademarks belong to their respective owners. This newsletter is licensed under Creative Commons Attribution-NoDerivatives 4.0 International (CC BY-ND 4.0).

OpenChain Newsletter #50

By Featured, Monthly Newsletter, News

Newsletter – Issue 50 – January 2023

After focusing on rolling news in 2022, the OpenChain Newsletter is back to provide a monthly summary of our work. You can expect an overview of what the OpenChain Project is doing to build trust around license compliance and security in the open source supply chain. You will also find other news directly related to our field. We accept suggestions and ideas. Just mail us at any time.

Cool Statistic To Start The Year

20% of German companies with over 2,000 employees have already implemented OpenChain ISO/IEC 5230:2020, the International Standard for open source license compliance.
Source: Bitkom Open Source Monitor 2021

Key Project Governance News

In Q4 2022 the OpenChain Project elected a new Governing Board Chair (Jimmy Ahlberg of Ericsson) as well as new co-chairs of the Specification Work Group (Helio Chissini de Castro, CARIAD + Chris Wood, Lockheed Martin) and a new chair of the Education Work Group (Nathan Kumagai, Qualcomm). This is all part of an initiative to ensure that the project has sustainable, clear and fair processes for leadership transition to ensure long-term sustainability.

Google Announces ISO/IEC 5230:2020 Conformant Program

We ended Q4 2022 with some exciting news. Google, an OpenChain Governing Board member and early adopter of the first generation OpenChain standard for open source license compliance, announced formal adoption of ISO/IEC 5230, the International Standard for open source license compliance.

Meanwhile, Around Security…

We have submitted the OpenChain Security Assurance Specification to the ISO/IEC JTC-1 PAS Transposition Process. We expect it to graduate as an ISO/IEC standard around mid-2023.

Security Assurance Specification Conformance

BlackBerry became the first multinational to go whole entity conformant with the OpenChain Security Assurance Specification. They also set a milestone as the first entity to achieve conformance with both OpenChain ISO5230:2020 and the OpenChain Security Assurance Specification 1.1.

That said, the very first company to announce adoption of the OpenChain Security Assurance Specification was Interneuron in the UK. This builds on their previous adoption of OpenChain ISO/IEC 5230:2020, and underlines their continued mission to seek excellence in open source software governance for the British National Health Service.

Security Assurance Specification Gains Additional Support

At the end of December 2022 we saw some significant announcements regarding support for the OpenChain Security Assurance Specification:

This support continued to grow in January 2023 with an announcement from Bitsea about their new services for customers around adoption.

OpenChain Meetings, Webinars And Events

Our monthly meetings kicked off with next generation specification reviews for North America / Europe and North American / Asia. We are seeing some solid discussion around the open issues on both the license compliance and security specifications. It is recommended to take part in these meetings if you have ideas, suggestions or comments about where you want our standards to go next.

We also held a Telco Special Interest Group meeting on the 12th of January and an Education Work Group meeting on the 19th of January. Telco are working on a meta specification about Software Bill of Materials. The Education Work Group is focused on renewal of core material to help people onboard with our standards. Everyone is welcome to join the calls and help out.

Want to join our calls? Just check out our global calendar.

The global calendar is also a great way to keep track of our webinars. We started the year with a great one: OpenChain Webinar #47 covered OSSelot: The Open Source Curation Database. OSSelot is a new project incubated by OSADL in Germany and promises to be an important part of automation tooling support moving forward.

Continuing our program of external collaboration, the OpenChain Project was also part of an external webinar about Applying OpenChain and SBOMs for InnerSource.

Our Training Material Continues To Support The Market

In 2021 and 2022 the OpenChain Education Work Group released online courses in collaboration with LF Training. During January we received some updates providing context for market impact.

Introduction to Open Source License Compliance Management (LFC193) has had 1,209 enrollments and 398 digital completion badges issued with a satisfaction rating of 4.65 out of 5. Implementing Open Source License Compliance Management (LFC194) has had 579 enrollments and 38 digital completion badges issued with a satisfaction rating of 4.55 out of 5. LFC194 has only been out a few months, so we look forward to continued adoption growth in 2023.

It is also noteworthy that Continental Corporation made LFC193 a required course for their software developers from late Q3 2022. This is a concrete example of a company leveraging free resources provided by OpenChain Project and The Linux Foundation to support their open source governance processes.

Check Out All Our Previous Newsletters:
https://www.openchainproject.org/newsletter

Quick Links

Legal: All trademarks belong to their respective owners. This newsletter is licensed under Creative Commons Attribution-NoDerivatives 4.0 International (CC BY-ND 4.0).

OpenChain Newsletter #49

By Monthly Newsletter, News

Newsletter – Issue 49 – May 2021

Our newsletter contains some of the highlights from the last month of activity in the project. Plenty more happened. Check out the full stream here:
https://www.openchainproject.org/news

OpenChain @ Q1 Survey Results

Find the fascinating results of our Q1 community survey here:

OpenChain Q1 Survey – Results and Notes

OpenChain @ Interview with Masato Endo, OpenChain Project Japan

Interview with Masato Endo, OpenChain Project Japan

OpenChain @ Slack

OpenChain is on Slack:https://www.openchainproject.org/featured/2021/04/06/openchain-is-on-slack/embed#?secret=LkSo1RDlEa

OpenChain @ Gear

OpenChain ISO/IEC 5230 Gear is available due to popular demand:

OpenChain @ Webinar #23

You can watch OpenChain Webinar #23 on OpenChain ISO 5230 in Venture Capital:

Check Out All Our Previous Newsletters

OpenChain Newsletter #48

By Monthly Newsletter, News

Newsletter – Issue 48 – April 2021

Our newsletter contains some of the highlights from the last month of activity in the project. Plenty more happened. Check out the full stream here:
https://www.openchainproject.org/news

OpenChain @ The Japanese Ministry of Trade (METI) on Open Source 

The Japanese Ministry of Trade (METI) has released a series of case studies on open source, feating OpenChain prominently:
https://www.openchainproject.org/news/2021/04/21/the-japanese-ministry-of-trade-meti-on-open-source-openchain-features-prominently/embed#?secret=Dik5X4pCK0

OpenChain @ Conformance

OpenChain @ Slack

OpenChain is on Slack:
https://www.openchainproject.org/featured/2021/04/06/openchain-is-on-slack/embed#?secret=LkSo1RDlEa

OpenChain @ Webinars #21 & 22

You can watch OpenChain Webinars #21 & 22 on OpenChain as an Inclusive Community & Linux License Clean-Up Disorder Dispelled + ISO 5230 in the Context of Security:

Check Out All Our Previous Newsletters

OpenChain Newsletter #47

By Monthly Newsletter, News

Newsletter – Issue 47 – March 2021

Our newsletter contains some of the highlights from the last month of activity in the project. Plenty more happened. Check out the full stream here:
https://www.openchainproject.org/news

OpenChain @ Q1 Mini Summit

You can watch the Q1 Mini Summit here:

OpenChain Q1 Mini-Summit – Full Recording

OpenChain @ Conformance

Nanjing Fujitsu Nanda Software Technology Co., Ltd. has announced conformance with OpenChain 2.1 (ISO/IEC 5230):

OpenChain @ Training in Italian

OpenChain Reference Training For ISO 5230 is now available in Italian:

OpenChain @ Webinars #19 & 20

You can watch OpenChain Webinars #19 & 20 on OpenChain ISO 5230 in the Supply Chain & Automation, IP Protection, & Legal Solvers:

Check Out All Our Previous Newsletters