Skip to main content
Category

Monthly Newsletter

OpenChain Newsletter #26

By Monthly Newsletter, News

Newsletter – Issue 26 – June 2019

The OpenChain Project has active bi-weekly calls and a central mailing list that provide the “nuts and bolts” of our community activity. These are joined by various releases of documents and announcements of OpenChain-related events throughout each month. We collect key developments in this newsletter once a month.

This month we begin with another media article. Mark Gisi, Chair of the OpenChain Specification Work Team, was interviewed by CIOReview in their latest special edition, this time with a focus on open source code. You can read the interview online today and it will be available in print for July. This is a recommended read and a great starting point for people and organizations new to the OpenChain industry standard.

As they said: “A new standard gaining traction is the Linux Foundation’s OpenChain certification for Open Source license compliance and usage. This certification ensures that one can trust the open source from which software solutions are built.  Influenced by customers seeking greater assurance for their supply chain’s increasing use of open source software, Wind River, a leading IoT Linux platform and solutions supplier, maintains OpenChain conformance for all its product lines.”

OpenChain @ Specification 2.0

OpenChain Specification 2.0 in Simplified Chinese

The OpenChain Specification 2.0 is now in Simplified Chinese thanks to the hard work of our volunteer community. Special thanks are due to Jerry Tan, Zhang Weilin, Po-Chun Wang, Lucien Lin and Florence Ko.

“The OpenChain Project is global and we are working hard to make our resources available in many languages,” says Shane Coughlan, OpenChain General Manager. “China, as a key market, is a priority for us. The availability of our latest specification in Simplified Chinese is the first step towards making self-certification simple and quick for companies in the region. It joins our Traditional Chinese translation as an example of our commitment to building effective bridges.”

OpenChain Case Study: Toyota

The OpenChain Project is delighted to announced the immediate availability of a case study with Toyota explaining how Kaizen and Open Source spur innovation across the global supply chain. This case study is an exceptionally important milestone for our project, marking the beginning of a series of case studies explaining the “path to conformance” in OpenChain, and providing real-world snapshots of the journeys being undertaken by market leaders. We have worked together with Endo San from the Toyota IP team in crafting this case study and are indebted to his team for clear, concise insights into the decision-making process of one of the world’s largest car companies as it relates to open source technology.

Read the Case Study

Download the Case Study as a PDF

OpenChain Supplier Education Leaflet

The OpenChain Project announced the release of the Open Source Software License Compliance General Public Guide. This document is an outcome of the OpenChain Japan Work Group, one of the most active and vibrant parts of our project. The leaflet is intended to be a short, simple and clear guide for distribution to suppliers of all sizes. Our intention is to provide a solid foundation for understanding open source license compliance in an accessible manner.

This document is made available in English and Japanese. We hope to add further translations in the future. As with all OpenChain Project reference material, the guide is made available under CC-0 licensing (effectively public domain, and it may be used, studied, shared and improved in any way you want.

Get the Guide

Contribute to the Guide

OpenChain @ Conformance

OpenChain Congratulates Wind River on being the first OpenChain Specification 2.0 Conformant Company

“We have been fortunate to work closely with Wind River from the genesis of this project through to our current status as a growing industry standard,” says Shane Coughlan, OpenChain General Manager. “Mark, our primary contact, has been a highly effective chair of our specification work team and our wider relationship with Wind River has seen a keen focus on ensuring a real world solution for real world challenges. Welcoming Wind River as the first OpenChain 2.0 Conformant organization is a natural and exciting expansion of our collaboration.”

OpenChain Welcomes Cognizant to the Community of Conformance

“It is tremendously exciting to welcome another open source user company into the heart of the OpenChain Project,” says Shane Coughlan, OpenChain General Manager. “Our mission is to support such companies both in pursuing internal excellent and in streamlining open source license compliance across their supply chain. The team at Cognizant is a pleasure to work with and I firmly believe we will accomplish great things in the coming months and years.”

OpenChain Welcomes Infosys to the Community of Conformance

“Infosys have always approached Open Source Software usage and compliance in a manner that takes the course of careful due diligence, and benchmarking our processes & procedures with globally acceptable industry standards,” says Shuvajit Mitra, Legal Affairs Counsel, Infosys. “To do this, we engaged with the Open Chain Project to assess our compliance practices in consonance with Open Chain Specification 2.0. To be in conformance with Open Chain Project, Infosys has implemented processes, practices and awareness to meet all requirements on OSS licensing and its implications while using and distributing OSS components bundled with Infosys software products, platforms and solutions which are the best in breed and which can be transparently demonstrated. Infosys thanks the Open Chain leadership in guiding Infosys through this process of assessment and authentication to achieve good governance as a best practice of software development.”

Be Part of This:

OpenChain @ Partners

OpenChain Welcomes New Partners Globally

The OpenChain Project is delighted to welcome FOSSID (Sweden), Maggie Wang (China), CMS (Germany), JBB (Germany), Array Law (Italy) and BKL (Korea) to the OpenChain Partner Program. Our geographic coverage provides the option for access to support for OpenChain user companies on three continents.

You can learn more about the OpenChain Partner Program on our dedicated page: https://www.openchainproject.org/partners

You can learn more about each individual new partner on their dedicated announcement pages:

OpenChain @ Events

OpenChain Announces Workshops at Open Source Summit Japan / North America / Europe

The OpenChain Project has announced workshops at three major Linux Foundation events through second-half 2019:

Each of these events will consist of a Governing Board meeting, a Steering Committee meeting, and an open discussion adjacent to the main conference. All parties are welcome to attend the Steering Committee meeting and the open discussion. See the links above for more details about each specific event.

OpenChain at Other Events

License and Trademarks

Copyright 2019 The Linux Foundation. This newsletter is licensed under the Creative Commons Attribution-NoDerivs 2.0 Generic (CC BY-ND 2.0). Please feel free to share it onwards! OpenChain is a trademark of The Linux Foundation. It may be used according to The Linux Foundation Trademark Policy and the OpenChain Terms of Use. All other trademarks belong to their respective owners.

OpenChain Newsletter #25

By Monthly Newsletter, News

Newsletter – Issue 25 – May 2019

The OpenChain Project has active bi-weekly calls and a central mailing list that provide the “nuts and bolts” of our community activity. These are joined by various releases of documents and announcements of OpenChain-related events throughout each month. We collect key developments in this newsletter once a month.

Introduction

Reminder: Companies Can Upgrade OpenChain Conformance to 2.0

Companies currently OpenChain 1.1 or 1.2 Conformant can easily check and upgrade their conformance status to 2.0 using our free online questionnaire. Upgrading is purely optional for existing conformant organizations. However, it is a smooth transition from OpenChain 1.2 and can be a great way to send a positive message to your suppliers and customers.

Access the Online Self-Certification Questionnaire

OpenChain @ Specification 2.0

OpenChain Specification 2.0 in German

The OpenChain Project is delighted to announce that the latest version of our specification for quality open source compliance programs is available in German. This document can be used by any organization to review and improve their internal processes.

“The OpenChain Project is expanding globally through adoption of our specification, our reference materials and use of our free self-certification process,” says Shane Coughlan, OpenChain General Manager. “The OpenChain Specification is at the heart of what we do. This document outlines the key requirements of a quality open source compliance program and can be used by any organization in any market as a “health check” and basis for refinement. The availability of our latest specification in German is another milestone in the maturity of the project.”

This translation is the result of collaboration from Catharina Maracke, Stefan Thanheiser, Stefanie Pors, Anke Thanheiser, Jan Thielscher, Miriam Ballhausen and Daniel Wulle. Big thanks are due to Catharina Maracke for coordinating the process.

Get the Specification in German

Reminder: OpenChain Conformance Badges are just a few questions away

One of the most common questions asked around the OpenChain Project is “how do I get an OpenChain badge for my conformance program and the products that go through it?”

We keep this simple. Any company in any market sector can use our free OpenChain Project self-certification questionnaire. This questionnaire has also proven useful for internal, private “health checks” to assess the current status of open source compliance programs. We are delighted to support both use cases.

Access Our Free Online Self-Certification Questionnaire

https://certification.openchainproject.org/signup.html?locale=en

OpenChain @ Conformance

OpenChain Welcomes Hella Aglaia to the Community of Conformance

The OpenChain Project is delighted to welcome Hella Aglaia to our community of conformance.

“OpenChain is becoming increasingly popular in the automotive industry,” says Shane Coughlan, OpenChain General Manager. “We have member companies like Toyota, Hitachi and Bosch directly supporting the growth of OpenChain adoption, and we have extensive engagement throughout our community from companies like Panasonic, Denso Ten and Scania. We are extremely happy to welcome HELLA Aglaia to our community of conformance and – more generally – to the wider OpenChain eco-system of collaboration.”

In their own words, HELLA Aglaia Mobile Vision GmbH is a full subsidiary of HELLA GmbH & Co. KGaA and one of the leading global developers of intelligent visual sensor systems.

We specialize in customized embedded software solutions for driver assistance systems with multi-functional cameras. Our portfolio also includes the development of software for energy management systems as well as testing solutions for environment sensor systems (camera/radar) and associated products and services. Another field of expertise covers the development and distribution of people-counting devices based on integrated image processing. Our products are suitable for the integration in public transport vehicles as well as for stationary use (e.g. retail locations, airports, stations).

HELLA Aglaia was founded in 1998 and headquartered in Berlin.

Learn More About Hella Aglaia

OpenChain @ Partners

OpenChain Welcomes {metæffekt} as our Latest Partner

The OpenChain Project is delighted to welcome {metæffekt} as the latest OpenChain Partner. Our partner program helps any organization, anywhere adopt OpenChain easily. It operates adjacent to our free online self-certification to allow user companies to choose to get help with training, processes, legal matters or third-party certification. You can learn more about our partner program on this dedicated page.

“Welcoming metaeffekt fits neatly in this moment of evolution for our project,” says Shane Coughlan, OpenChain General Manager. “It simultaneously expands our geographical coverage in Germany and increases our breadth of expertise around tooling automation. These two topics are behind recent growth and activity in OpenChain. We expect to see increasing engagement in the German automotive sector beyond our recent addition of Hella Aglaia to the community of conformance. We also have growing interest in open source tooling for open source compliance, and a growing collaboration between Siemens, Bosch, Toshiba, Fujitsu, Hitachi and others in this area. I believe great things are to come from our expanded relationship with Karsten and the rest of his team at metaeffekt.”

About {metæffekt}

{metæffekt} is a consultancy company located in Heidelberg, Germany providing services in the context of Software Architecture and Continuous Software Development with a very strong, vendor-neutral devotion to automation. One core vision of {metæffekt} is to automate the creation of consistent, comprehensive, high-quality release documentation in compliance to legal boundary condition, regulatory requirements, contract/license terms, and individual company policies. {metæffekt} does not provide any legal advice but connects with partners in a strong network of other disciplines to cover all required aspects.
http://www.metaeffekt.com/

OpenChain @ Events

OpenChain Featured at CC Global Summit 2019

The OpenChain Project was featured by Haggen So at the Creative Commons Global Summit 2019. He used the project as an example of “Made with Creative Commons” to show how businesses are using open licensing to share information and improve their competitiveness.

The OpenChain Project uses CC-0 licensing for all its reference material. It uses the Creative Commons Attribution 4.0 International (CC-BY-4.0) license for our specification.

OpenChain at the Asian Legal Network, Shanghai

The OpenChain Project took center stage at the Asian Legal Network study dinner in Shanghai on the 17th of May. This event was focused on the Chinese financial sector with representatives from companies such as Union Pay and AliPay.

The Asian Legal Network events are kindly sponsored by Open Invention Network and provide an opportunity for stakeholders across Asia to network, share information and build new avenues of collaboration.

OpenChain joins Toyota, OIN and Unified Patents on an American Intellectual Property Law Association Webinar

The OpenChain Project is recording an American Intellectual Property Law Association webinar alongside Toyota, OIN and Unified Patents this evening in Tokyo. The core focus of the event will be on open source and defensive patent strategies, and OpenChain’s coverage of adjacent copyright concerns will provide broader context for viewers.

The webinar is provisionally scheduled to air in June as part of the AIPLA regular schedule.

Learn More About AIPLA Webinars

License and Trademarks

Copyright 2019 The Linux Foundation. This newsletter is licensed under the Creative Commons Attribution-NoDerivs 2.0 Generic (CC BY-ND 2.0). Please feel free to share it onwards! OpenChain is a trademark of The Linux Foundation. It may be used according to The Linux Foundation Trademark Policy and the OpenChain Terms of Use. All other trademarks belong to their respective owners.

OpenChain Newsletter #24

By Monthly Newsletter, News

Newsletter – Issue 24 – April 2019

The OpenChain Project has active bi-weekly calls and a central mailing list that provide the “nuts and bolts” of our community activity. These are joined by various releases of documents and announcements of OpenChain-related events throughout each month. We collect key developments in this newsletter once a month.

Introduction

OpenChain Supplier Education – Massive Step Forward in Japanese and soon in English

OpenChain has a very active Work Group in Japan. One of the sub-groups, focused on creating a supplier education leaflet, has released the finished document in Japanese. You can get it below.

The English version is coming in May. It will be distributed online and through events like Open Source Summit Japan.

As always, OpenChain is going deeper and deeper into the supply chain. Great thanks to Ueda San from Sony for leading this initiative.

Get the Japanese leaflet

OpenChain @ Specification 2.0

OpenChain Specification 2.0 – Final Call for Comments

The OpenChain Specification version 2.0 is nearly ready as we enter the last 5 days of the 14 day freeze period. This period provides everyone the chance to review the final draft – where we can accept minor changes (e.g., typos, minor wording adjustments, formatting, …). Any material changes/suggestions would be queued for consideration in the next version.

The current draft can be found here:

https://wiki.linuxfoundation.org/_media/openchain/openchainspec-2.0.draft.pdf

A marked up version can be found here:

https://wiki.linuxfoundation.org/_media/openchain/OpenChainSpec-2.0.draft.MarkUp.pdf

You can send feedback via:

·       the Mailing list: Openchain-specification@lists.linuxfoundation.org;

·       the issues wiki: https://github.com/OpenChain-Project/Specification/issues; or

·       replying to Mark Gisi directly if you wish to remain anonymous (mark.gisi@windiver.com)

Request for Comments: OpenChain Specification 2.0 in Japanese

Shoken Kim from OptiNet has begun translation work for the OpenChain Specification 2.0 in Japanese. This translation is nearly complete and simply requires review to ensure accuracy. If you can lend a hand that would be great. If we finish before April 28th it can be formally released alongside the English version of OpenChain Specification 2.0.

Review the Document

OpenChain Specification 2.0 Out Now

The OpenChain Project is delighted to announce that version 2.0 of our specification for open source compliance in the supply chain is now available. This is the culmination of many months of work by over a hundred contributors. Special thanks are due to Mark Gisi, chair of the Specification Work Team and Gary O’Neall, Lead Developer for the Online Self-Certification Questionnaire. They went above and beyond to provide a document and an online service that incorporate a year of evolution guided by practical real world deployment.

We are especially glad to announce that the English version of the OpenChain Specification is accompanied by the Traditional Chinese translation. This marks the first time we have had a simultaneous release of the Specification in two languages. Thanks are due to S.Z. Lin and Lucien C.H. Lin for this outstanding accomplishment.

We will shortly announce official translations in Simplified Chinese and Japanese. Watch this space!

Self-Certify or do a private “Health Check”

Read the Specification in English

Read the Specification in Traditional Chinese

Get Help

Read the FAQ

OpenChain @ Partners

OpenChain Announces Partner in India

The OpenChain Project is delighted to announce our first law firm partner in India. From today you will be able to obtain legal advice about OpenChain Conformance and other OpenChain matters from Mishi Choudhary & Associates LLP. We look forward to building a long-term relationship with Mishi Choudhary and her team.

Learn More About Mishi Choudhary & Associates LLP

OpenChain Announces Partner in Italy

The OpenChain Project is delighted to announce our first law firm partner in Italy. From today you will be able to obtain legal advice about OpenChain Conformance and other OpenChain matters from Studio Legale. We look forward to building a long-term relationship with Marco Ciurcina and his team.

Learn More About Studio Legale

OpenChain @ Reference Material

Request for Comment: OpenChain One Slide Overview

The OpenChain Project is continually updating material to introduce individuals and companies to our industry standard, our reference material, and our various free support services such as online self-certification. Our most recent addition is a one slide overview of the OpenChain Project. We are accepting comments and suggestions for this slide via our bi-weekly calls and our mailing list. You can also comment on GitHub.

Review the Slides:

OpenChain Overview Slides Updated

Great Open Source Compliance for Everyone’ provides an overview of the OpenChain Project and our standard for open source compliance in the supply chain. Version 7 has updated visuals around the key process points for great compliance. You can download the PPTX version to get speaker notes and do your own presentations.

OpenChain: Great Open Source Compliance for Everyone (Version 7) from Shane Coughlan

OpenChain @ Events

OpenChain @ Scania

Shane Coughlan represented the OpenChain Project in a meeting held at Scania in Sweden on the 9th of April. This meeting included various parties engaging with open source throughout the VW Group and provided an informal forum for digging into the latest developments in automotive open source compliance.

Our work with Scania has provided a useful two-way flow of information throughout the last twelve months. One highlight was Scania’s announcement of OpenChain Conformance late last year, We look forward to building on our relationship with Scania and with the broader VW Group.

OpenChain and Automotive @ Legal Workshop in Barcelona

‘Automotive Processes and Open Source’ is an OpenChain Project workshop hosted by Endo San of Toyota at the FSFE Legal and Licensing Workshop in Barcelona on the 10th of April 2019. It brings together a diverse group of representatives from automotive companies such as Scania and Bosch to discuss common challenges.

Get the Overview Slides

Workshop: Automotive Processes and Open Source from Shane Coughlan

OpenChain + TODO @ Legal Workshop in Barcelona

‘OpenChain + TODO @ Legal Workshop in Barcelona’ is an OpenChain Project workshop hosted by Shane Coughlan at the FSFE Legal and Licensing Workshop in Barcelona on the morning of 11th April 2019. It will cover how open source program offices can address supply chain challenges.

OpenChain @ IP Conference in Russia – 11-12 April 2019

Denis Dorotenko at Yandex will be delivering a speech at the 3rd International Conference «PROTECTION OF INTELLECTUAL PROPERTY RIGHTS» in St Petersburg. This speech will be the first time the OpenChain Project is highlighted in Russia. We look forward to building new relationships and collaboration in this tremendous, vibrant technology market.

Learn More About The Event

OpenChain @ Grey Matter ISV Partner Day 2019

Martin Callinan from Source Code Control represented the OpenChain Project at the recent Grey Matter ISV Partner Day 2019 in the UK. He was joined on stage by Ed Thompson from Microsoft to discuss ‘OpenChain: Why is Microsoft a Platinum Sponsor?’

As always, we appreciate the dedication of our members, our partners and our community in spreading the word about why open source compliance in the supply chain is so important and how OpenChain accomplishes this for companies of all sizes.

OpenChain @ Japan OSS Promotion Forum 2019

Masahiro Date from Linux Foundation delivered a speech at the Japan OSS Promotion Forum 2019 on the 17th of April that covered OpenChain’s place in enterprise open source usage. This speech is a great example of OpenChain being shared with an increasingly diverse audience.

A History of Enterprises with OSS from Shane Coughlan

Learn More

OpenChain @ Localization

OpenChain @ Japan Work Group #9

The OpenChain Japan Work Group held its ninth “all member” meeting at DensoTen on the 18th of April. The event opened with a short presentation from Shane Coughlan covering some of the largest developments around the OpenChain global community. The slides have been made publicly available.

This meeting covered a wide range of topics related to open source compliance. One highlight were the reports from the seven sub-groups of the Japanese community, covering a diverse range of topics from education to Bill of Materials to automation. As always, conversation was informal and open, allowing all participants to add their view during and after each presentation, and to network freely during the coffee breaks.

Join the Community

License and Trademarks

Copyright 2019 The Linux Foundation. This newsletter is licensed under the Creative Commons Attribution-NoDerivs 2.0 Generic (CC BY-ND 2.0). Please feel free to share it onwards! OpenChain is a trademark of The Linux Foundation. It may be used according to The Linux Foundation Trademark Policy and the OpenChain Terms of Use. All other trademarks belong to their respective owners.

OpenChain Newsletter #23

By Monthly Newsletter, News

Newsletter – Issue 23 – March 2019

The OpenChain Project has active bi-weekly calls and a central mailing list that provide the “nuts and bolts” of our community activity. These are joined by various releases of documents and announcements of OpenChain-related events throughout each month. We collect key developments in this newsletter once a month.

Introduction

Collaboration is Key for Open Source Compliance at NHS

One of the powerful things about open source is the way it allows various organizations and stakeholders come together to achieve common objectives. Open source projects play a critical role by providing a common platform that can integrate with new and existing systems. This is even more apparent when discussing open source compliance and aligning the various stakeholders in an open source supply chain.

A great example of this is a recent NHS case study published on openchainproject.org. NHS England is the public health services provider in England that treats more than 1.4 million patients every 24 hours. The organization needed a way to manage and leverage their open source assets across the organization without vendor lock in. Our partners at Source Code Control proposed the OpenChain Specification and brought us in to work with the Apperta Foundation, Code4Health initiative, OpenEyes, and AB EHR Digital for a training and pilot program.

The result enabled the project participants to meet open source industry best practices. It also helped NHS take the first step in a broader deployment plan across multiple projects and providers in the coming months and years. Thank you to all of our partners and we look forward to future collaboration in healthcare, automotive, and many more industries as they increasingly adopt open source. Read the NHS case study.

OpenChain @ Outreach

Open Source is Eating the Startup Ecosystem: A Guide for Assessing the Value Creation of Startups

In the last few years we have witnessed the unprecedented growth of open source in all industries—from the increased adoption of open source software in products and services, to the extensive growth in open source contributions and the releasing of proprietary technologies under an open source license. It has been an incredible experience to be a part of.

As many have stated, Open Source is the New Normal, Open Source is Eating the World, Open Source is Eating Software, etc. all of which are true statements. To that extent, I’d like to add one more maxim: Open Source is Eating the Startup Ecosystem. It is almost impossible to find a technology startup today that does not rely in one shape or form on open source software to boot up its operation and develop its product offering. As a result, we are operating in a space where open source due diligence is now a mandatory exercise in every M&A transaction. These exercises evaluate the open source practices of an organization and scope out all open source software used in product(s)/service(s) and how it interacts with proprietary components—all of which is necessary to assess the value creation of the company in relation to open source software.

Being intimately involved in this space has allowed me observe, learn, and apply many open source best practices. I decided to chronicle these learnings in an ebook as contribution to the OpenChain projectAssessment of Open Source Practices as part of Due Diligence in Merger and Acquisition Transactions. This ebook addresses the basic question of: How does one evaluate open source practices in a given organization that is an acquisition target? We address this question by offering a path to evaluate these practices along with appropriate checklists for reference. Essentially, it explains how the aquirerer and the target company can prepare for this due diligence, offers an explanation of the audit process, and provides general recommended practices for ensuring open source compliance.

If is important to note that not every organization will see a need to implement every practice we recommend. Some organizations will find alternative practices or implementation approaches to achieve the same results. Appropriately, an organization will adapt its open source approach based upon the nature and amount of the open source it uses, the licenses that apply to open source it uses, the kinds of products it distributes or services it offers, and the design of the products or services themselves

If you are involved in assessing the open source and compliance practices of organizations, or involved in an M&A transaction focusing on open source due diligence, or simply want to have a deeper level of understanding of defining, implementing, and improving open source compliance programs within your organizations—this ebook is a must read. Download the Brief.

OpenChain @ Announcements

OpenChain Project Adds Fujitsu as Platinum Member

Leading Japanese information and communication technology company to support industry’s only open source compliance standard for collaboration across supply chains

SAN FRANCISCO & HALF MOON BAY, Calif. – OPEN SOURCE LEADERSHIP SUMMIT –  March 13, 2019 — The OpenChain Project, which builds trust in open source by making open source license compliance simpler and more consistent, announced today at Linux Foundation’s Open Source Leadership Summit (OSLS), that Fujitsu has joined as a Platinum member.

Fujitsu joins other recent Platinum member additions including Bosch, Microsoft, Uber, Google and Facebook. OpenChain provides a specification as well as overarching processes, policies and training that companies need to be successful in managing open source license compliance so that it becomes more efficient, understandable and predictable for participants of the software supply chain.

As code flows between companies that consume billions of lines of open source software through their supply chains to build new products and services, a key challenge is ensuring the relevant license requirements are met in a timely and effective manner. The OpenChain Project provides a consistent way to address that and other challenges. Conformance with the OpenChain Specificationshows that an organization follows the key requirements of a quality open source compliance program, and builds trust between organizations in the supply chain. It makes procurement easier for purchasers and preferred status easier for suppliers.

“Fujitsu has been a long supporter of open source communities and the Linux Foundation;  we believe open source compliance is crucial factor for open source collaborations,” said Kaneshige Kenji Vice President, and Head of the Linux Development Division, Platform Software Business unit of Fujitsu. “We’re excited to join the OpenChain project to foster trust in open source supply chain and encourage greater compliance for open source software rapidly increasing in our society.”

“We are delighted to have Fujitsu join the OpenChain Project as a platinum member,” said Shane Coughlan,  General Manager, OpenChain. “Their expertise and support will be crucial as we continue to build our industry standard for open source compliance in the supply chain. I am particularly excited to gain access to the substantial knowledge Fujitsu possesses in areas like IoT and cloud technology.”

As a Platinum member, a representative from Fujitsu will join the OpenChain Governing Board. Other Platinum members of the OpenChain project include Adobe, Arm Holdings, Bosch, Cisco, Comcast, Facebook, Google, Harman International, Hitachi, Microsoft, Qualcomm, Siemens, Sony, Toshiba, Toyota, Uber, and Western Digital.

Additional Resources

About the OpenChain Project

The OpenChain Project builds trust in open source by making open source license compliance simpler and more consistent. The OpenChain Specification defines a core set of requirements every quality compliance program must satisfy. The OpenChain Curriculum provides the educational foundation for open source processes and solutions, whilst meeting a key requirement of the OpenChain Specification. OpenChain Conformance allows organizations to display their adherence to these requirements. The result is that open source license compliance becomes more predictable, understandable and efficient for participants of the software supply chain.

About The Linux Foundation

Founded in 2000, the Linux Foundation is supported by more than 1,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more.  The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit us atlinuxfoundation.org.

###

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

Contact

Jill Lovato

The Linux Foundation

jlovato@linuxfoundation.org

OpenChain @ Reference Material

Updated Intro Slides – OpenChain – Great Open Source Compliance For Everyone

The latest version of the OpenChain Project introduction slides are available. These slides can help bring anyone interested in our standard and supporting material up-to-speed. Full speaker notes included on the downloadable version.

Get the Slides

Reference Open Source Policy Template in Japanese

The OpenChain Project is delighted to announce that our reference open source policy template is now available in Japanese. This document helps the open source program office or legal team (or individual responsible) in any company to formulate great open source policies to suit their needs.

This document, as with all reference documentation published by the OpenChain Project, is available under CC-0 licensing terms. This means it is effectively public domain and you can use it for any purpose.

Get the Open Source Policy Template

Announcing OpenChain Specification 1.2 in Simplified Chinese

The OpenChain Project is delighted to announce the immediate availability of the OpenChain Specification 1.2 in Simplified Chinese. This translation is the work of dedicated volunteers, on this occasion lead by  Tan Zhongyi (Jerry) from Baidu along with his colleague Zhang Weiling along with Li Jingze (Jane) from Tilburg University. Our endless thanks!

With this release the OpenChain Project can offer access to the latest version of our specification to companies across the greater China region. We launched this document at the Asian Legal Network on March 22nd, which also marked the beginning of our OpenChain China Work Group. The future is bright.

Get the OpenChain Specification 1.2 in Simplified Chinese

Get other OpenChain translations

OpenChain @ Localization

Sony, Program Offices and OpenChain – from Asian Legal Network Shenzhen

‘The Tools of Governance – Program Offices and Collaboration between Companies’ is a talk delivered by Fukuchi San and Kobota San from Sony at the March 22nd Asian Legal Network event in Shenzhen, China. This talk explains how Sony engages with and supports a vibrant collaborative community in Japan through the OpenChain Project.

Get the Slides

Summary

Outreach in Korea and improved reference material to help explain options around process content set the tone for an outward-facing, pro-active year that will see OpenChain dramatically expanding its engagement with companies around the world.

License and Trademarks

Copyright 2019 The Linux Foundation. This newsletter is licensed under the Creative Commons Attribution-NoDerivs 2.0 Generic (CC BY-ND 2.0). Please feel free to share it onwards! OpenChain is a trademark of The Linux Foundation. It may be used according to The Linux Foundation Trademark Policy and the OpenChain Terms of Use. All other trademarks belong to their respective owners.

OpenChain Newsletter #22

By Monthly Newsletter, News

Newsletter – Issue 22 – February 2019

The OpenChain Project has active bi-weekly calls and a central mailing list that provide the “nuts and bolts” of our community activity. These are joined by various releases of documents and announcements of OpenChain-related events throughout each month. We collect key developments in this newsletter once a month.

Introduction

Building trust in open source: a look inside the OpenChain Project

Open source software provides businesses with a number of benefits including cost, flexibility and freedom. This freely distributed software can also be easily altered by any business that is familiar with its source code.

Read more in TechRadar.

OpenChain @ Announcements

Microsoft joins OpenChain platform

As part of its continued efforts to support open source software, Microsoft has announced that it has joined the OpenChain Project as its latest platinum member.

The company joins the likes of Uber, Google and Facebook, who joined OpenChain last month as well as GitHub which the software giant acquired last year.

Read more in TechRadar.

Microsoft joins OpenChain open-source compliance group

OpenChain is the most important open-source project you’ve never heard of before. This Linux Foundation consortium provides an industry standard for open-source supply chain license compliance. And now, Microsoft has joined the the OpenChain Project.

Read more at ZDNet.

Microsoft joins the OpenChain Project to push open-source software licensing standards

Microsoft Corp. wants to support more standardization of open-source software licensing, so today it’s putting its weight behind the OpenChain Project as its latest platinum member.

Microsoft joins other platinum members that include Google LLC, Arm Holdings Ltd. and Facebook Inc., as well as GitHub Inc., which Microsoft acquired last year.

The OpenChain Project was set up to bring more clarity to the world of open-source software licenses. Open-source software has revolutionized the way in which companies build the technology they need to run their businesses, but licensing issues remain a big headache for their legal teams. In a constant state of panic over potential litigation issues, businesses need assurances that the open source they use is in compliance with whatever rules govern its use.

Read more in Silicon Angle.

Microsoft joins open-source foundation that is trying to simplify the software supply chain

The OpenChain Project, which is attempting to bring a little more clarity to the turbulent world of modern open-source licensing, is the latest beneficiary of Microsoft’s open-source redemption tour.

Read more in GeekWire.

Microsoft Joins OpenChain Project to Help Standardize Open Source Licensing

Microsoft has announced it is joining the OpenChain Project in another move that furthers the company’s embracing of the open source community. In a post this week, Microsoft says it is joining the OpenChain Project goal to standardize open source licensing.

Read more in WinBuzzer.

OpenChain Project Announces Bosch as Platinum Member

SAN FRANCISCO –  February 28, 2019 — The OpenChain Project, which builds trust in open source by making open source license compliance simpler and more consistent, announced today that Bosch has joined as a platinum member. Membership momentum continues to grow for the project, as Microsoft joined just a few weeks ago as well as other large companies including Uber, Google and Facebook in December. OpenChain provides a specification as well as overarching processes, policies and training that companies need to be successful in managing open source license compliance so that it becomes more efficient, understandable and predictable for participants of the software supply chain.

As code flows between companies that consume billions of lines of open source software through their supply chains to build new products and services, a key challenge is ensuring the relevant license requirements are met in a timely and effective manner. The OpenChain Project provides a consistent way to address that and other challenges. Conformance with the OpenChain Specification shows that an organization follows the key requirements of a quality open source compliance program, and builds trust between organizations in the supply chain. It makes procurement easier for purchasers and preferred status easier for suppliers.

Over the last 15 years, Bosch has embraced open source software starting with consuming open source tooling in automotive using the Eclipse IDE, embedding Linux into Bosch products, and co-innovation of software in public funded projects. Bosch is now leading more than a dozen open source projects and actively driving its open platform strategy for the Bosch IoT Suite at Eclipse IoT with over 1.5 million contributed lines of code. Therefore, it has a special interest in increasing the number of collaborating companies using mature open source management processes. Bosch believes OpenChain is a great platform to share good practices and improve the open source management systems and processes, so other companies can join open source communities.

The OpenChain Specification is the only standard for open source compliance in the supply chain and has major interest from automotive companies. Toyota is currently a platinum member and Scania recently became OpenChain conformant. Also, companies like Panasonic and Renesas are active in the community work groups.

“An open source management system standard will be key for successful collaboration on open source management infrastructure and services,” said Hans Malte Kern, Head of the Center of Competence Open Source, Bosch. “We’re excited to join the OpenChain project, as it reflects the importance of compliant open source usage, distribution, and contribution. Instead of negotiating the open source requirements with all our partners and suppliers, Bosch will leverage OpenChain as an open standard that provides common approaches and understanding for open source collaborations – not only in the automotive industry but also the connected world of IoT. We are convinced the OpenChain standard will replace bilateral negotiations, educations, and open source risk mitigation discussions.”

“It is terrific to have Bosch join other automotive companies such as Toyota as a platinum Member,” said Shane Coughlan, OpenChain General Manager. “Bosch is no stranger to the OpenChain Project and has a long history of contributing  to open source compliance activities. We are thrilled to have them participate in the Governing Board, Steering and Outreach Committees, as well as the work team calls and meetings to help drive this community forward.”

As a platinum member, a representative from Bosch will join the OpenChain Governing Board. Other platinum members of the OpenChain project include Adobe, ARM Holdings, Cisco, Comcast, Facebook, Google, Harman International, Hitachi, Microsoft, Qualcomm, Siemens, Sony, Toshiba, Toyota, Uber and Western Digital.

OpenChain @ Reference Material

The recently released OpenChain M&A Checklist has inspired discussion and further contribution to the project. Ibrahim Haddad has just announced a new draft M&A White Paper discussing open source processes in detail. At this time we are seeking review and comments ahead of a projected March release.

Review the Draft Text

OpenChain Specification 2.0 – Comment Now

It is official – we are now seeking broader public comments for version 2.0 of the Specification. This is one of the last major steps in the spec development cycle which is described here:
https://wiki.linuxfoundation.org/openchain/openchain-specification-wiki-page?&#specification_developmentrelease_process

We will continue to collection feedback from the OpenChain community through the public comments stage as well which concludes on March 22nd.

The current draft is available at:
https://wiki.linuxfoundation.org/_media/openchain/openchainspec-2.0.draft.pdf

Past readers of the spec might find the marked up version useful: https://wiki.linuxfoundation.org/_media/openchain/OpenChainSpec-2.0.draft.MarkUp.pdf

You can send feedback via:
the Mailing list: Openchain-specification@lists.linuxfoundation.org
the issues wiki: https://github.com/OpenChain-Project/Specification/issues;
or·
replying to Mark Gisi directly if you wish to remain anonymous (mark.gisi@windiver.com)

Updated Intro Slides – OpenChain – Great Open Source Compliance For Everyone

The latest version of the OpenChain Project introduction slides are available. These slides can help bring anyone interested in our standard and supporting material up-to-speed. Full speaker notes included on the downloadable version:
https://www.slideshare.net/ShaneCoughlan3/great-open-source-compliance-for-everyone-version-5

OpenChain @ Localization

OpenChain Japan Planning Subgroup報告 (2018年12月~2019年2月活動分)

‘OpenChain Japan Planning Subgroup報告 (2018年12月~2019年2月活動分)’ is a presentation outlining the activities of the OpenChain Japan Work Group with respect to dedicated sub-groups. This is a record showing how a purely volunteer group has built a strong community focused on real solutions for real businesses.

View the Slides

OpenChain Japan Planning Subgroup報告(2018年12月~2019年2月活動分)from Shane Coughlan

Summary

Outreach in Korea and improved reference material to help explain options around process content set the tone for an outward-facing, pro-active year that will see OpenChain dramatically expanding its engagement with companies around the world.

License and Trademarks

Copyright 2019 The Linux Foundation. This newsletter is licensed under the Creative Commons Attribution-NoDerivs 2.0 Generic (CC BY-ND 2.0). Please feel free to share it onwards! OpenChain is a trademark of The Linux Foundation. It may be used according to The Linux Foundation Trademark Policy and the OpenChain Terms of Use. All other trademarks belong to their respective owners.

OpenChain Newsletter #21

By Monthly Newsletter, News

Newsletter – Issue 21 – January 2019

The OpenChain Project has active bi-weekly calls and a central mailing list that provide the “nuts and bolts” of our community activity. These are joined by various releases of documents and announcements of OpenChain-related events throughout each month. We collect key developments in this newsletter once a month.

Introduction

The OpenChain Project started the year with a strong series of meetings, reference materials launches, and significant localization announcements. In other words, we have begun the year in a very practical manner designed to help explain, support and expand the OpenChain community ahead of our next generation Specification and entry into the formal standardization process, both expected in April.

OpenChain @ Events

The OpenChain Project opened the year with a presentation to the American Bar Association Committee on Open Source Software by David Marr, Vice President, Legal Counsel, Qualcomm Technologies:
https://www.openchainproject.org/news/2019/01/08/aba-committee-on-open-source-software-openchain-2

It was followed by our first workshop in Korea on the 23rd of January, a significant milestone that also saw the formation of the first OpenChain Work Group in the country:
https://www.openchainproject.org/news/2019/01/24/openchain-workshop-in-korea-january-23rd-2019

We held a brief survey at the event which showed:

  • 64% of respondents strongly agree with the goals of the OpenChain Project, 32% agree with the goals.
  • 71% of respondents think OpenChain will be a great help to their companies, 29% think it will be helpful.
  • 80% of respondents plan to continue attending future meetings, 20% believe such meetings are vital and will host them.

This event was immediately followed by a volunteer table at the first open source event of the year in Japan, OSC Osaka. Great thanks are due to Dote San for helping to spread the word:
https://www.openchainproject.org/news/2019/01/29/openchain-osc-osaka-26th-january-2019

On the 29th of January the OpenChain Japan Work Group met to discuss License Information Exchange, a discussion that featured demonstrations of existing systems used by Hitachi and Fujitsu, and discourse focused on ensuring ease of future adoption by other companies:
https://www.openchainproject.org/news/2019/01/29/openchain-japan-work-group-sub-group-in-spdx-meeting

Future events announced include:

OpenChain @ Reference Material

OpenChain released an open source policy template to address multiple requests from entities of all sizes around the world. This template was created by our British partners Moocrofts and Orcro, and represent knowledge learned from practical deployment:
https://www.openchainproject.org/news/2019/01/17/openchain-open-source-policy-template-now-available

Thanks to assistance from our friends at KPMG the OpenChain Project was able to release an M&A Checklist covering open source and our industry standard. This short, targeted document is designed to help companies address the identification of key requirements of quality open source compliance programs in their acquisition targets:
https://www.openchainproject.org/news/2019/01/16/openchain-ma-checklist-version-1-out-now

The OpenChain Japan Work Group continued their prolific release of information with a graphic to explain a reference guideline for exchanging license information in the supply chain:
https://www.openchainproject.org/news/2019/01/09/knowledge-sharing-reference-guideline-for-exchanging-license-information-in-the-supply-chain
and a guide to using SPDX and FOSSology:
https://www.openchainproject.org/news/2019/01/09/knowledge-sharing-how-to-use-spdx-and-fossology-from-the-openchain-japan-work-group

The OpenChain Japan Work Group also released a series of “raw” case studies to describe open source compliance training programs. This are immediately available in English and Japanese and will – at a later date – be professionally formatted as part of a larger case-study program:
https://www.openchainproject.org/news/2019/01/30/raw-case-studies-open-source-compliance-training-program

OpenChain @ Promotional Material

The OpenChain overview slides were given another periodic refresh to help companies and individuals explain OpenChain to third-parties:
https://www.openchainproject.org/news/2019/01/24/openchain-super-short-overview-slide-decks-now-available

OpenChain @ Localization

OpenChain continued its program of internationalization driven by our community of volunteers by announcing the release of the OpenChain Specification 1.2 in Italian thanks to Carlo Piana and Marco Ciurcina:
https://www.openchainproject.org/news/2019/01/29/openchain-specification-1-2-in-italian

This was followed almost immediately by announcement of the OpenChain Specification 1.2 in Korean, and the adjacent release of the OpenChain Reference Training Slides for Specification 1.2 in Korea thanks to the excellent work of Haksung Jang at LG Electronics and Jongbaek Park at BKL:

Summary

Outreach in Korea and improved reference material to help explain options around process content set the tone for an outward-facing, pro-active year that will see OpenChain dramatically expanding its engagement with companies around the world.

License and Trademarks

Copyright 2019 The Linux Foundation. This newsletter is licensed under the Creative Commons Attribution-NoDerivs 2.0 Generic (CC BY-ND 2.0). Please feel free to share it onwards! OpenChain is a trademark of The Linux Foundation. It may be used according to The Linux Foundation Trademark Policy and the OpenChain Terms of Use. All other trademarks belong to their respective owners.

OpenChain Newsletter #20

By Monthly Newsletter, News

Newsletter – Issue 20 – December 2018

The OpenChain Project has active bi-weekly calls and a central mailing list that provide the “nuts and bolts” of our community activity. These are joined by various releases of documents and announcements of OpenChain-related events throughout each month. We collect key developments in this newsletter once a month.

Introduction

OpenChain closed out the year with activity on all fronts. The most notable activities included multiple multinationals publicly supporting and adopting OpenChain, and the significant growth of reference material targeted towards solving known challenges around compliance in the supply chain.

OpenChain @ Members

We had a terrific month for new membership in the OpenChain Project. Facebook, Google and Uber joined as Platinum Members and put their collective weight behind the adoption and growth of our standard for effective open source compliance in the supply chain:
https://www.openchainproject.org/news/2018/12/06/2488

OpenChain @ Conformance

OpenChain welcomed Scania and Interneuron to the community of conformance. The former organization is a Swedish trucking company with a fantastic heritage as part of the VW Group. The latter is a community interest company in the UK connected with our adoption and growth in the British National Health System eco-system:
https://www.openchainproject.org/news/2018/12/06/openchain-welcomes-scania-to-our-community-of-conformance

These companies were joined by Hitachi, a pre-existing Platinum Member, and one of the largest entities in our history to declare conformance:
https://www.openchainproject.org/news/2018/12/11/hitachi-has-joined-the-openchain-community-of-conformance

OpenChain @ Partners

Adjacent to the Hitachi conformance the OpenChain Project announced TUV SUD as the first certification authority in the OpenChain Partner Program. TUV SUD provided the first third-party audit of OpenChain Conformance to Hitachi through their new TPS PPP 15001A certification based on the OpenChain Specification:
https://www.openchainproject.org/news/2018/12/11/tuv-sud-becomes-the-first-certification-authority-in-the-openchain-partner-program

OpenChain @ Events

The OpenChain Project had an extremely busy month for outreach. The OpenChain Japan Work Group held its 7th meeting at TUV SUD Japan on the 5th of December, one of the largest dedicated events for the project. Learn more:
https://www.openchainproject.org/news/2018/12/03/openchain-japan-work-group-7th-meeting-on-5th-december 

On the same day Malcolm Bain from our parter organization id Law Partners delivered a keynote at European Open Source and Free Software Law Event (EOLE) in Paris:
https://www.openchainproject.org/news/2018/12/11/openchain-eole-2018-5th-december

OpenChain was center stage at the Greymatter Cloud Enablement event on the 14th of December in the UK. As with many recent events our project was explained and promoted by one of our partners, Source Code Control in this case:
https://www.openchainproject.org/news/2018/12/04/save-the-date-openchain-greymatter-cloud-enablement-14th-dec

OpenChain also announced the first event of 2019, a volunteer desk at OSC Osaka in January, with our contributor Dote San taking lead:
https://www.openchainproject.org/news/2018/12/02/openchain-osc-osaka-2019

This was quickly followed by an announcement regarding an ABA Committee on Open Source Software on the 17th of January:
https://www.openchainproject.org/news/2018/12/19/aba-committee-on-open-source-software-openchain

OpenChain @ Material

The OpenChain Project released an update to our general introduction slides:
https://www.openchainproject.org/news/2018/12/13/openchain-introduction-slides-updated

The OpenChain Project has been working on improved material for new and existing participants in the project. We kicked off with a project to build a single, simpler unified FAQ for all aspects of the project. Participants were invited to contribute:
https://www.openchainproject.org/news/2018/12/04/request-for-comments-the-unified-openchain-faq

The OpenChain Japan Work Group contributed the first trench of reference business workflows for open source compliance in English and Japanese:
https://www.openchainproject.org/news/2018/12/11/rfc-reference-business-workflows-for-open-source-compliance

OpenChain @ Adoption Support

The OpenChain Project launched new and improved conformance logos. These logos can be used by conformant organizations to demonstrate the existence of their program and the products that flow through that program:
https://www.openchainproject.org/news/2018/12/06/openchain-project-launches-new-certification-logos

OpenChain @ Internationalization

The OpenChain Project continued to build out its internationalization support by launching our full Japan translation of the website. This is a precursor to our releases of Chinese and Korea versions of the website in 2019. Our goal is to make sure OpenChain is as inclusive and understandable as possible:
https://www.openchainproject.org/news/2018/12/06/openchain-website-in-japanese

OpenChain @ Survey

Finally, the OpenChain Project announced the publication of the first OpenChain Survey. The results covered engagement with the project, motives behind this, and areas where we can improve:
https://www.openchainproject.org/news/2018/12/18/openchain-q4-survey-the-results

Summary

OpenChain has seen an uptick in membership and conformance adjacent to significant volunteer educational and reference material production activities. As we conclude 2018 we look forward to positioning 2019 as a tipping point for even wider market engagement.

License and Trademarks

Copyright 2019 The Linux Foundation. This newsletter is licensed under the Creative Commons Attribution-NoDerivs 2.0 Generic (CC BY-ND 2.0). Please feel free to share it onwards! OpenChain is a trademark of The Linux Foundation. It may be used according to The Linux Foundation Trademark Policy and the OpenChain Terms of Use. All other trademarks belong to their respective owners.

OpenChain Newsletter #19

By Monthly Newsletter


Newsletter – Issue 19 – November 2018

The OpenChain Project has active bi-weekly calls and a central mailing list that provide the “nuts and bolts” of our community activity. These are joined by various releases of documents and announcements of OpenChain-related events throughout each month. We collect key developments in this newsletter once a month.

Introduction

November has continued an extremely high amount of activity around the OpenChain Project with respect to releases, events and localization. The most important development is that our review process for the OpenChain Specification 2.0 is fully active. This is an opportunity for all interested stakeholders to help shape the next generation of our standard.

Drafting OpenChain Specification 2.0

The OpenChain Project is preparing the next generation of our standard. This standard outlines the key requirements of a quality open source compliance program. The 2.0 version of OpenChain will build our the language of our currently deployed version – 1.2 – to improve ease of adoption. None of the requirements will change and all entities conformant to 1.2 will be conformant to 2.0:
https://www.openchainproject.org/news/2018/11/19/contribute-to-openchain-2-0-the-new-standard-for-compliance

New Conformant Organization

The OpenChain Project was delighted to welcome The Center for Research and Development Hong Kong (CRD-HK) to our community of conformance. CRD-HK focuses on the selection of Exceptional Research Projects in collaboration with Fellow Scholars, Principal Investigators and Universities with a goal of making outcomes accessible to a wide audience under the principles of Open Data:
https://www.openchainproject.org/news/2018/11/06/welcoming-the-center-for-research-and-development-hong-kong-crd-hk

OpenChain Specification in New Languages

The OpenChain Specification version 1.2 has been translated into German. This is an official translation with peer review. It is ready to be used for local conformance activities. The team behind this translation includes Miriam Ballhausen, Stefan Thanheiser, Jan Thielscher and Daniel Wulle. The reviewer of the translation was Stefanie Pors. The maintainer of this translation is Catharina Maracke:
https://www.openchainproject.org/news/2018/11/07/openchain-specification-in-german

The OpenChain Specification version 1.2 has been translated into Hindi. This is an official translation with peer review. It is ready to be used for local conformance activities. The team behind this translation includes Shuvajit Mitra at Infosys with review from Chandana Rao at Cognizant and Renjish Kumar at Wipro:
https://www.openchainproject.org/news/2018/11/08/openchain-specification-in-hindi

New Milestones in Japan

The OpenChain Japan Work Group has been planning a series of milestones for 2018 and 2019 via three new subgroups. These milestones include the creation of extensive guidance material regarding OpenChain adoption, inter-company communication, and open source policies. As with all OpenChain Curriculum material these documents are made available under CC-0 licensing for use, remixing and sharing for any purpose:
https://www.openchainproject.org/news/2018/11/04/openchain-japan-work-group-milestones-for-the-future

New Material Proposals

Moorcrofts law firm in the UK, one of our partner organizations, has stepped up with a potential “universal policy template.” We are seeking comments and feedback:
https://www.openchainproject.org/news/2018/11/14/draft-proposal-one-open-source-policy-template-to-rule-them-all

Gustavo G. Mármol Alioto has shared proposed localization of the OpenChain Curriculum Reference Training Slides for Argentina. This material is intended to help those located in Argentina with an interest in OpenChain adoption. The proposal is to add an “interchangeable or removable slide” to the OpenChain Curriculum Reference Training Slides for the OpenChain Specification 1.2. It would be added adjacent to Slide 8 in “Chapter 1: What is Intellectual Property?”. This new slide would be accompanied by an additional chart that compares aspects of US and Argentina Copyright Law to facilitate understanding:
https://www.openchainproject.org/news/2018/11/07/rfc-openchain-curriculum-argentina

Updated Material

The OpenChain Overview Slides have been updated, providing our latest (and best) introduction to the project, to our industry standard and to our educational material. These slides are available in PDF, PPTX and ODP formats under the CC Attribution-NoDerivatives 4.0 International license (you can share these slides freely). The PPTX and ODP versions contains extensive speaker notes:
https://www.openchainproject.org/news/2018/11/04/openchain-overview-slides-updated

The OpenChain Project announced an updated version of the Open Source Compliance Training Slides in Korean. These cover all the core topics needed to educate personnel involved in quality open source compliance programs. These slides formally support the OpenChain Specification 1.1 but can be used for any version of the OpenChain Specification and any open source training program:
https://www.openchainproject.org/news/2018/11/28/updated-openchain-open-source-compliance-training-slides-in-korean 

The OpenChain Project has received a contribution of our reference training slides in MarkDown format from Taniguichi San of NEC. This experimental format works in Chrome browsers and is an example of OpenChain material being freely remixed:
https://www.openchainproject.org/news/2018/11/30/experience-the-openchain-reference-training-slides-online

Events

The OpenChain Japan Work Group held its sixth meeting on the 31st of December at the Toshiba / Lazona Kawasaki Building. This meeting featured 49 participants from 24 organizations, continuing our tradition of building out a broad and active local community. It was also the first meeting dedicated to the new subgroups and milestones for 2019:
https://www.openchainproject.org/news/2018/11/04/openchain-japan-work-group-sixth-meeting-31st-october

The OpenChain Project was represented at the Kansai Open Forum on the 10th of November by Tomo Dote of Micware. Dote San provided a keynote covering both OpenChain and our sister project SPDX, and he held a booth exhibit to showcase the practical adoption of both projects throughout the event:
https://www.openchainproject.org/news/2018/11/20/openchain-kansai-open-forum-10th-november

Software Compliance Academy, one of OpenChain’s pilot program partners, hosted an open source seminar on the 16th of November in Munich. This event included information on OpenChain and provided a suitable onboarding point for organizations interested in participation:
https://www.openchainproject.org/news/2018/11/04/openchain-software-compliance-academy-seminar-16th-november

The OpenChain Project was featured at the monthly meeting of the Intellectual Property Owners Association open source committee on the 19th of November. Shane Coughlan, OpenChain General Manager, provided a recap of the OpenChain Project goals and proceeded to outline recent and projected future developments:
https://www.openchainproject.org/news/2018/11/19/openchain-intellectual-property-owners-association

The OpenChain Japan Work Group held an ad hoc meeting at the Denso Ten Kobe offices on the 20th November. The purpose of this meeting was to discuss practical OpenChain adoption for suppliers:
https://www.openchainproject.org/news/2018/11/15/openchain-japan-work-group-ad-hoc-meeting-20th-november

The OpenChain Project was discussed at two events hosted by Grey Matter Ltd. in the UK. Martin Callinan from Source Code Control, an OpenChain Partner, presented our project and goals to diverse audiences. The first took place in Manchester on the 27th and the second in London on the 29th November:
https://www.openchainproject.org/news/2018/11/30/openchain-greymatter-real-world-devops

On the 29th of November Masato Endo from Toyota delivered a presentation to introduce the OpenChain Project to KAMA-JAMA-VDA-AAM members. This marks the beginning of a dialogue about how OpenChain can support the global automotive industry with managing open source compliance in the supply chain:
https://www.openchainproject.org/news/2018/11/30/openchain-the-nama-meeting

KPMG announced they will host an event on the 5th of December to explore Technology Mergers & Acquisitions involving open source for buy and sell side entities. This reflects the way that open source licensing and security issues could potentially impact overall deal success if not effectively addressed. The panel will features experts from KPMG, Flexera, Adobe, O’Melveny & Myer, Wind River and the Linux Foundation’s OpenChain Project in a lively discussion around OSS management programs, legal and security issues, common pitfalls and leading practices around OSS usage:
https://www.openchainproject.org/news/2018/11/14/openchain-ma-kpmg

The OpenChain Survey

The project launched an OpenChain usability survey for Q4. It was intended to provide a platform for everyone interested in open source compliance to let us know how we are doing / what can be improved in the future. The survey covered general interaction with the project, conformance and internationalization. It ran from the 6th to the 30th of November:
https://www.openchainproject.org/news/2018/11/06/the-openchain-q4-2018-survey-tell-your-friends

Summary

October was our busiest month yet…until November. We continue to put in place activities and releases that will support our work towards formal standardization in 2019/2020. We expect to end the year with significant updates on Membership and Conformance. Everything, as always, is due to our excellent volunteer community.

License and Trademarks

Copyright 2018 The Linux Foundation. This newsletter is licensed under the Creative Commons Attribution-NoDerivs 2.0 Generic (CC BY-ND 2.0). Please feel free to share it onwards! OpenChain is a trademark of The Linux Foundation. It may be used according to The Linux Foundation Trademark Policy and the OpenChain Terms of Use. All other trademarks belong to their respective owners.

OpenChain Newsletter #18

By Monthly Newsletter


Newsletter – Issue 18 – October 2018

Context

The OpenChain Project has active bi-weekly calls and a central mailing list that provide the “nuts and bolts” of our community activity. These are joined by various releases of documents and announcements of OpenChain-related events throughout each month. We collect key developments in this newsletter once a month.

Introduction

October was an incredible month for the OpenChain Project. We had more outreach, more collaboration and more announcements than ever before. Key items include new membership from Toshiba, new conformance from SUSE, and the release of beta documents to help with initiating and tracking OpenChain Conformance.

New Member

The OpenChain Project, which builds trust in open source by making open source license compliance simpler and more consistent, announced Toshiba has become a Platinum Member. Toshiba has long been a driving force in the OpenChain Japan Work Group, and their new Platinum membership will enable the company to contribute even more to the global adoption of the OpenChain standard.

“OpenChain is not just a project for OSS license compliance, it also helps to improve mutual trust and effective communication between open source developers and users,” says Tetsuji Fukaya, Director of the Corporate Software Engineering and Technology Center of Toshiba Corporation. “Open source is publicly recognized as an essential part of digital transformation and widely used in numerous products. In order to use open source appropriately, we think that license compliance alone is not enough. Mutual trust between developers and users is also essential. OpenChain will be key to achieve both. For that reason, we feel proud of being part of the OpenChain Project.”

Learn more:
https://www.openchainproject.org/news/2018/10/23/toshiba-joins-the-openchain-project-as-a-platinum-member

New Conformant Organization

The OpenChain Project announced it has welcomed SUSE to its community of conformance. Conformance with the OpenChain Specification confirms that an organization follows the key requirements of a quality open source compliance program, and builds trust between organizations in the supply chain. SUSE is the first enterprise Linux distributor to earn conformance with the OpenChain Project Specification.

“For more than 25 years, SUSE has created and engaged with open source communities as a foundation for its enterprise solutions,” said Thomas Di Giacomo, SUSE CTO. “We always engage with the community to better meet customer needs, and our OpenChain certification is another indication to enterprises that we are committed to making their experience with open source software more reliable and cost effective.”

Learn more:
https://www.openchainproject.org/news/2018/10/23/suse-joins-the-openchain-community-of-conformance

Media

We began October with an interview from the EFY Group covering the key requirements of quaility open source compliance programs. Find out more here:
https://www.openchainproject.org/news/2018/10/01/interview-openchain-project-managing-open-source-compliance-across-the-software-supply-chain

We continued with a Flexera Webinar designed to highlight OpenChain as a great starting point for any organization seeking to adopt the key processes of a quality open source compliance program. Learn more here:
https://www.openchainproject.org/news/2018/10/02/openchain-explained-on-a-forthcoming-flexera-webinar

Events

The OpenChain Project announced a a Birds of a Feather (BoF) at 6pm on Monday the 22nd of October at Open Source Summit Europe. This BoF was designed to provide a “ground level” introduction to what we are doing, how we are doing it, and why you should be part of this. Learn more:
https://www.openchainproject.org/news/2018/10/16/openchain-bof-open-source-summit-europe-22nd-october

The OpenChain Project announced a workshop co-located with the Open Source Summit Europe in Edinburgh on the 23rd of October. This provided a deeper dive into OpenChain then the BoF held the previous day. Learn more here:
https://www.openchainproject.org/news/2018/10/10/openchain-workshop-open-source-summit-europe-23rd-october

The OpenChain Project was featured at the Software IP event hosted by IAM and located at Golden Gate Club at the Presidio, San Francisco on the 30th of October. The project was represented by Hung Chang, Senior Product Counsel at Workday, and one of the founders of the OpenChain Project. Learn more:
https://www.openchainproject.org/news/2018/10/30/openchain-featured-software-ip-an-iam-event

The OpenChain Japan Work Group held its sixth meeting on the 31st of October between 2pm and 4:45pm at Toshiba Smart Community Center in Kanazawa. As with the previous five OpenChain Japan Work Group meetings the discussion included a mix of structured reports, activity planning and case studies. Learn more:
https://www.openchainproject.org/news/2018/10/31/openchain-japan-work-group-meeting-6

It was announced that the OpenChain Project will be featured at a forthcoming Bird & Bird event on the 20th of November in Frankfurt, Germany. Learn more:
https://www.openchainproject.org/news/2018/10/10/openchain-bird-bird-event-20th-november

Emerging Internal Services

The OpenChain Project previously maintained a document for “manual OpenChain Conformance.” The idea was that companies could download, print and/or the document to suit workflows beyond our online conformance web app. You can find a version of that document here:

Gary O’Neall from our Conformance Work Team has been doing some exciting work to make it quicker and faster to create a manual conformance document. He is automating the creation from inside the conformance web app. Check it out here:

We also announced the public Beta of a new Web App for benchmarking OpenChain Conformance. The idea is to provide a quick, simple and attractive way for companies to check their status regarding meeting the OpenChain standard. This project is being managed by our good friends at Source Code Control. Learn more:
https://www.openchainproject.org/news/2018/10/04/new-in-beta-web-app-for-benchmarking-openchain-conformance

We are seeking feedback on the current offering regarding:

  1. Ease of use
  2. If it helps solves friction around conformance
  3. How complementary it is to our Conformance Web App

Emerging External Services

TÜV SÜD Japan have launched an OpenChain Certification Program. This is the first such program and foreshadows a series of announcements over the coming months. The core of the OpenChain Project is our specification (standard) and our simple, free process for self-certification. Commercial activities adjacent to this by TÜV SÜD Japan and other organizations are complementary, providing an avenue for verified/audited certification for entities that want to have this level of assurance. Learn more here:
https://www.openchainproject.org/news/2018/10/02/tuv-sud-japan-announces-openchain-certification-program

Project Collaboration

There is a lot of cross-pollination between Linux Foundation open source projects. The latest is a contribution from Fukuchi-San, a driving force in the OpenChain Japan WG, to SPDX. Motivated by a suggestion from Thomas Steenbergen at Open Source Summit Europe 2017 he has prepared a Japanese translation of the SPDX Specification. The draft document is available for comments, suggestions and improvements here:

Learn more:
https://www.openchainproject.org/news/2018/10/29/openchain-♥-spdx

Summary

This was easily our busiest month yet, with a rocket-ship launch into Q4, and providing a strong foundation for our next steps towards formal standardization in 2019/2020. Of particular note is that we are building out membership, conformance and awareness. This will continue through November and the end of the year. Watch this space!

License and Trademarks

Copyright 2018 The Linux Foundation. This newsletter is licensed under the Creative Commons Attribution-NoDerivs 2.0 Generic (CC BY-ND 2.0). Please feel free to share it onwards! OpenChain is a trademark of The Linux Foundation. It may be used according to The Linux Foundation Trademark Policy and the OpenChain Terms of Use. All other trademarks belong to their respective owners.

OpenChain Newsletter #17

By Monthly Newsletter

Newsletter – Issue 17 – September 2018

Introduction

The OpenChain Project has active bi-weekly calls and a great mailing list that provide the “nuts and bolts” of our community activity. These are joined by various releases of documents and announcements of OpenChain-related events throughout each month. In September the big news was the appointment of our first Community Representative to our Steering Committee and a terrific, exceptional series of educational case studies in English and Japanese from our Japan Work Group.

Community

We are delighted to announce that Indira Bhatt acted as our OpenChain Community Representative during our inaugural Steering Committee meeting. Indira is a Manager in KPMG’s San Francisco Advisory practice with nearly 10 years of experience in the area of Free and Open Source Software (FOSS) due diligence. She has extensive experience in setting up FOSS compliance teams including leading, training and mentoring junior and senior analysts. Indira has helped various organizations successfully contribute code to the open source community and establish FOSS review boards by either defining or refining existing governance and usage and approval policies and procedures.
https://www.openchainproject.org/news/2018/09/11/openchain-announces-our-first-community-representative-on-the-steering-committee

Indira will represent the community in our second Steering Committee scheduled for late October before rotating the role with another community member.

Contributions

This month is all about case studies. This time around we focused on how companies instituted educational programs. All of the case studies came from our excellent and highly productive Japan Work Group. Big thanks are due to Fukuchi San from Sony for coordinating all the moving pieces.

Panasonic Case Study:
https://www.openchainproject.org/news/2018/09/12/announcing-our-panasonic-educational-case-study

Toshiba Case Study:
https://www.openchainproject.org/news/2018/09/18/announcing-our-toshiba-educational-case-study

Sony Case Study:
https://www.openchainproject.org/news/2018/09/21/announcing-our-sony-educational-case-study

Toyota Case Study:
https://www.openchainproject.org/news/2018/09/25/announcing-our-toyota-educational-case-study

Fujitsu Case Study:
https://www.openchainproject.org/news/2018/09/27/announcing-our-fujitsu-educational-case-study

Events

The OpenChain Project benefited from outreach talks being reserved in the international schedule by our chair of the Specification Work Team and one of our most active partners in the UK.

First up, Mark Gisi presented the latest news from our project at the recent SPDX General Meeting. One of the most interesting highlights was the reveal of SParts – a supply chain ledger leveraging blockchain technology – can solve accountability and access questions. This merges SPDX and Hyperledger to provide a supply chain solution that can be immediately useful for companies managing open source compliance.
https://www.openchainproject.org/news/2018/09/04/openchain-spdx-general-meeting

A little bit down the road, Andrew Katz from Moorcrofts has booked a space at FINOS Open Source Strategy Forum in London on the 14th and 15th of November. This conference for financial technology professionals is designed to accelerate open source engagement at their firms. This marks our first step into the FinTech community:
https://www.openchainproject.org/news/2018/09/05/openchain-finos-open-source-strategy-forum-in-london

Summary

October will see a strong emphasis on outreach, both at Open Source Summit Europe and via other events and webinars. At the same time the project is benefiting from an expanding commercial ecosystem, purely market driven, that indicates further substantial growth in the adoption of best practices for open source compliance programs is just around the corner.

License and Trademarks

Copyright 2018 The Linux Foundation. This newsletter is licensed under the Creative Commons Attribution-NoDerivs 2.0 Generic (CC BY-ND 2.0). Please feel free to share it onwards! OpenChain is a trademark of The Linux Foundation. It may be used according to The Linux Foundation Trademark Policy and the OpenChain Terms of Use. All other trademarks belong to their respective owners.