OpenChain is hosting a panel featuring experts from Bitsea, Jun Legal, FossID and SCANOSS discuss their experience and opinions on the topic of managing Generative AI in corporate environments. This discussion will feature both structured commentary and plenty of opportunity for the audience to engage and ask questions.
We wanted to let you know that there will be a rotation in the administrative leadership of the OpenChain Project in Mid-December 2025. Shane Coughlan, our General Manager over the last eight years, will be transitioning to work on a personal venture, and we will shortly be announcing a new executive leader in the same role. In the meantime, the Governing Board, The Linux Foundation project management office, the Work Group Chairs and the Ambassadors will collaborate as usual to continue our normal meetings, releases and community building.
The Governing Board would like to express their gratitude to Shane for all the work he has put into the project over the years, constantly going above and beyond. Shane’s work with the OpenChain Project is nothing short of spectacular, he has been a community builder, role model, and friend to the OpenChain community and he will be missed. The board want to wish him the best of luck in his new endeavors and for him to know that he will forever remain part of the OpenChain family he helped create.
“I have been honored to work on this project, with this board and with everyone in our exceptional community over the last eight and a half years,” says Shane Coughlan, OpenChain General Manager. “After such a long period, and enjoying so much collective success, it is a difficult decision to move on to a new venture. However, there is a personal project that I want to attend to, and the passage of time has suggested to me that it is appropriate to begin work on that activity. I will speak more to this in early 2026, but for now my focus is on finalizing the transition of the administrative leadership of the OpenChain Project. We have extensive internal process material and a purposefully distributed management system to aide in sustainability and such transitions, and I am fully confident in the health and continued momentum of the project and our activities.
In closing, I want to take a moment to thank everyone who has made this journey possible for me. While there are too many people to name individually – such is the scale of our community and accomplishment – I would like to give special thanks to David Marr of Qualcomm for leading the foundation of the OpenChain Project, to Jimmy Ahlberg of Ericsson for leading us through the evolution into a multi-ISO standard project, to Watanabe San, Kobota San, Owada San and Fukuchi San for being instrumental in the development of our work in Japan, to Haksung Jang for leading our work in Korea to such success, to Zhenhua Sun in China for his leadership and driving frequent local meetings, to Oliver Fendt and Marcel Kurzmann in Germany for endlessly encouraging and supporting one of the exceptional local communities in the domain of processes and automation, and finally to the dearly departed Ueda San for providing inspiration in community building that has always helped guide and ensure the success of what we do.
And finally my thanks to you all, who have attended calls, come to meetings and read (and reshared) our news across the world. You made this community, and you made this success. I am grateful to call you my colleagues in open source.”
An administrative note: For those of you interested in learning more about this transition for 2026 – and about the executive leadership role – you can contact Renu from the Project Management office at helpdesk@lists.openchainproject.org
OpenChain hosted an open discussion between Keith Bergelt, CEO of OIN and Shane Coughlan, GM of OpenChain to unpack the evolution of patent non-aggression in the open source ecosystem, and explore what is coming next for existing and potential new licensees of the OIN System Definition.
This is a key webinar for those interested in addressing patent risk and containment strategy, and is recommended for legal, project management and executive teams.
This event is part of the overarching OpenChain Project Webinar Series. Our series highlights knowledge from throughout the global OpenChain eco-system. Participants are discussing approaches, processes and activities from their experience, providing a free service to increase shared knowledge in the supply chain. Our goal, as always, is to increase trust and therefore efficiency. No registration or costs involved. This is user companies producing great informative content for their peers.
This OpenChain Webinar was broadcast on 2025-11-26.
Taipei, Taiwan — Sun Square has been officially recognized as both an OpenChain Service Provider and a Third-Party Certifier. This dual status enables the company to support global organizations in adopting ISO/IEC 5230 and ISO/IEC 18974, improving open source governance and software supply chain security.
This dual recognition enables Sun Square to support organizations adopting ISO/IEC 5230 (Open Source License Compliance) and ISO/IEC 18974 (Open Source Security Assurance), helping them build transparent and secure software-supply-chain governance.
The OpenChain Project, led by the Linux Foundation, establishes global standards for open source software supply chains. Its core specification, ISO/IEC 5230, defines best practices for license compliance, while ISO/IEC 18974 extends those principles to vulnerability management and security control.
As both a Service Provider and a Third-Party Certifier, Sun Square bridges advisory guidance with independent assessment. This combined capability allows enterprises to develop robust processes and obtain formal certification demonstrating their commitment to international standards.
“Becoming an OpenChain Partner reflects Sun Square’s long-term commitment to open collaboration and secure software supply chains,” said SZ Lin (林上智), Chief Cybersecurity Advisor at Sun Square. “By combining our OT cybersecurity and open source compliance expertise with OpenChain’s global framework, we aim to enable organizations to strengthen governance and resilience throughout the software lifecycle.”
Sun Square offers integrated services that include OT cybersecurity training and advisory based on the ISA/IEC 62443 standard, open source compliance and security governance for ISO/IEC 5230 and 18974 implementation, and software lifecycle security management covering SBOM development and vulnerability remediation.
By combining international standards with local implementation expertise, Sun Square continues to promote trusted and sustainable open source and cybersecurity practices in Taiwan and across the Asia-Pacific region.
Sun Square Co., Ltd., headquartered in Taiwan and serving clients worldwide, provides cybersecurity and open source advisory services that help organizations align with international standards and regulations. The company specializes in OT security training, open source compliance, and software supply chain assurance, delivering consulting, training, and certification support aligned with ISO/IEC 5230, ISO/IEC 18974, and other global standards.
Learn more: https://sunsquare.tech
The OpenChain Project has an extensive global community of over 1,000 companies collaborating to make the supply chain quicker, more effective and more efficient. It maintains OpenChain ISO/IEC 5230, the international standard for open source license compliance programs and OpenChain ISO/IEC 18974, the industry standard for open source security assurance programs.
The Linux Foundation is the world’s leading home for collaboration on open source software, hardware, standards, and data. Linux Foundation projects are critical to the world’s infrastructure, including Linux, Kubernetes, Node.js, ONAP, PyTorch, RISC-V, SPDX, OpenChain, and more. The Linux Foundation focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.
As always, we focused on the question of “how do we use SBOMs in production, large-scale and complex supply chains?”
Our SBOM Study Group brings all our various SBOM-related activities together and helps answer the question of “how do we use SBOMs in production, large-scale and complex supply chains?” Our original kick-off call has all the details.
Everyone is welcome to be part of this study group! OpenChain has free, open access to all its work groups and study groups. Just turn up, and listen in, and contribute comments, ideas and suggestions.
✉️ We have a dedicated mailing list: https://lists.openchainproject.org/g/sbom
💻 We have a dedicated GitHub Repo: https://github.com/OpenChain-Project/SBOM-sg
You can find and get the dial-in details for all future meetings from our participate page here: https://www.openchainproject.org/participate
Lead by Martin Yagi (Chair Education Work Group), the call covered the following agenda:
A reminder for those in North America – while this edition of the monthly call is happening in the darkest hours of the night for you, we also have a monthly North America / Europe call that works better for those in the Americas. Check out the schedule for this and all our other meetings here:
https://openchainproject.org/participate
Everyone is welcome to be part of the Specification Work Group. You can join their mailing list here:
https://lists.openchainproject.org/g/specification/
You can find and be part of all OpenChain calls through our participation page here:
https://openchainproject.org/participate
Lead by Chris Wood (Chair, Specification Work Group) and Martin Yagi (Chair Education Work Group), the call covered the following agenda:
A reminder for those in Asia – while this edition of the monthly call is happening in the darkest hours of the night (01:30 in Japan!), we also have a monthly Europe / Asia call that works better for those in Eastern time zones. Check out the schedule for this and all our other meetings here:
https://openchainproject.org/participate
Everyone is welcome to be part of the Specification Work Group. You can join their mailing list here:
https://lists.openchainproject.org/g/specification/
You can find and be part of all OpenChain calls through our participation page here:
https://openchainproject.org/participate
OpenChain will host a special webinar on 2025-11-27 @ 09:00 CET entitled “Software Hash ID: you will not be able to live without it.”
The Software Hash Identifier (SWHID) is an intrinsic identifier for software source code and artifacts that became an international standard in April 2025 (ISO/IEC 18670:2025).
In this talk, Thomas Aynaud will present the Software Heritage mission and data model, introduce the concept of intrinsic identifiers, explain the SWHID specification, and present its open standard governance model. He will share how open source projects and companies can adopt and benefit from SWHID through real-world use cases. The session will conclude with a summary of the key advantages of SWHID and an update on Software Heritage’s plans to support its development and adoption in the coming months.
Join here @ 09:00 CET – 2025-11-27:
https://zoom-lfx.platform.linuxfoundation.org/meeting/92168606138?password=fa7d1a61-26f7-416a-b9f7-9a9f6935b390
This is a panel featuring experts from Bitsea, Jun Legal, FossID and SCANOSS discuss their experience and opinions on the topic of managing Generative AI in corporate environments. This discussion will feature both structured commentary and plenty of opportunity for the audience to engage and ask questions.
Join here @ 09:00 CET – 2025-12-04:
https://zoom-lfx.platform.linuxfoundation.org/meeting/99505474824?password=77048af8-0226-4d4e-974a-2f7c95251b6f
OpenChain will host a special webinar on 2025-11-25 @ 16:00 PST – 2025-11-26 @ 08:00 CST / 09:00 KST+JST entitled “OIN: A Conversation About the Journey So Far and Preview of OIN 2.0.”
Featuring an open discussion between Keith Bergelt, CEO of OIN and Shane Coughlan, GM of OpenChain, we will unpack the evolution of patent non-aggression in the open source ecosystem, and explore what is coming next for existing and potential new licensees of the OIN System Definition.
This will be a key discussion for those interested in addressing patent risk and containment strategy, and is recommended for legal, project management and executive teams.
Join here @ 16:00 PST – 2025-11-26 @ 08:00 CST / 09:00 KST+JST:
https://zoom-lfx.platform.linuxfoundation.org/meeting/93064800269?password=7e728b97-7be0-488f-8a89-e12d7f864eea
© 2025 OpenChain. All rights reserved. The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our Trademark Usage page. Linux is a registered trademark of Linus Torvalds. Privacy Policy and Terms of Use
