Skip to main content
Category

News

OpenChain Project Adds Fujitsu as Platinum Member

By News

Leading Japanese information and communication technology company to support industry’s only open source compliance standard for collaboration across supply chains

SAN FRANCISCO & HALF MOON BAY, Calif. – OPEN SOURCE LEADERSHIP SUMMIT –  March 13, 2019 — The OpenChain Project, which builds trust in open source by making open source license compliance simpler and more consistent, announced today at Linux Foundation’s Open Source Leadership Summit (OSLS), that Fujitsu has joined as a Platinum member.

Fujitsu joins other recent Platinum member additions including Bosch, Microsoft, Uber, Google and Facebook. OpenChain provides a specification as well as overarching processes, policies and training that companies need to be successful in managing open source license compliance so that it becomes more efficient, understandable and predictable for participants of the software supply chain.

As code flows between companies that consume billions of lines of open source software through their supply chains to build new products and services, a key challenge is ensuring the relevant license requirements are met in a timely and effective manner. The OpenChain Project provides a consistent way to address that and other challenges. Conformance with the OpenChain Specification shows that an organization follows the key requirements of a quality open source compliance program, and builds trust between organizations in the supply chain. It makes procurement easier for purchasers and preferred status easier for suppliers.

“Fujitsu has been a long supporter of open source communities and the Linux Foundation;  we believe open source compliance is crucial factor for open source collaborations,” said Kaneshige Kenji Vice President, and Head of the Linux Development Division, Platform Software Business unit of Fujitsu. “We’re excited to join the OpenChain project to foster trust in open source supply chain and encourage greater compliance for open source software rapidly increasing in our society.”

“We are delighted to have Fujitsu join the OpenChain Project as a platinum member,” said Shane Coughlan,  General Manager, OpenChain. “Their expertise and support will be crucial as we continue to build our industry standard for open source compliance in the supply chain. I am particularly excited to gain access to the substantial knowledge Fujitsu possesses in areas like IoT and cloud technology.”

As a Platinum member, a representative from Fujitsu will join the OpenChain Governing Board. Other Platinum members of the OpenChain project include Adobe, Arm Holdings, Bosch, Cisco, Comcast, Facebook, Google, Harman International, Hitachi, Microsoft, Qualcomm, Siemens, Sony, Toshiba, Toyota, Uber, and Western Digital.

Additional Resources

About the OpenChain Project

The OpenChain Project builds trust in open source by making open source license compliance simpler and more consistent. The OpenChain Specification defines a core set of requirements every quality compliance program must satisfy. The OpenChain Curriculum provides the educational foundation for open source processes and solutions, whilst meeting a key requirement of the OpenChain Specification. OpenChain Conformance allows organizations to display their adherence to these requirements. The result is that open source license compliance becomes more predictable, understandable and efficient for participants of the software supply chain.

About The Linux Foundation

Founded in 2000, the Linux Foundation is supported by more than 1,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more.  The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

###

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

Contact

Jill Lovato

The Linux Foundation

jlovato@linuxfoundation.org

Collaboration is Key for Open Source Compliance at NHS

By News

One of the powerful things about open source is the way it allows various organizations and stakeholders come together to achieve common objectives. Open source projects play a critical role by providing a common platform that can integrate with new and existing systems. This is even more apparent when discussing open source compliance and aligning the various stakeholders in an open source supply chain. 

A great example of this is a recent NHS case study published on openchainproject.org. NHS England is the public health services provider in England that treats more than 1.4 million patients every 24 hours. The organization needed a way to manage and leverage their open source assets across the organization without vendor lock in. Our partners at Source Code Control proposed the OpenChain Specification and brought us in to work with the Apperta Foundation, Code4Health initiative, OpenEyes, and AB EHR Digital for a training and pilot program. 

The result enabled the project participants to meet open source industry best practices. It also helped NHS take the first step in a broader deployment plan across multiple projects and providers in the coming months and years. Thank you to all of our partners and we look forward to future collaboration in healthcare, automotive, and many more industries as they increasingly adopt open source. Read the NHS case study.

OpenChain Japan Planning Subgroup報告 (2018年12月~2019年2月活動分)

By News

‘OpenChain Japan Planning Subgroup報告 (2018年12月~2019年2月活動分)’ is a presentation outlining the activities of the OpenChain Japan Work Group with respect to dedicated sub-groups. This is a record showing how a purely volunteer group has built a strong community focused on real solutions for real businesses.

View the Slides

OpenChain Project Announces Bosch as Platinum Member

By News

Bosch to  leverage industry’s only open source compliance standard to provide common approaches and understanding for collaboration across automotive & IoT supply chains

SAN FRANCISCO –  February 28, 2019 — The OpenChain Project, which builds trust in open source by making open source license compliance simpler and more consistent, announced today that Bosch has joined as a platinum member. Membership momentum continues to grow for the project, as Microsoft joined just a few weeks ago as well as other large companies including Uber, Google and Facebook in December. OpenChain provides a specification as well as overarching processes, policies and training that companies need to be successful in managing open source license compliance so that it becomes more efficient, understandable and predictable for participants of the software supply chain.

As code flows between companies that consume billions of lines of open source software through their supply chains to build new products and services, a key challenge is ensuring the relevant license requirements are met in a timely and effective manner. The OpenChain Project provides a consistent way to address that and other challenges. Conformance with the OpenChain Specification shows that an organization follows the key requirements of a quality open source compliance program, and builds trust between organizations in the supply chain. It makes procurement easier for purchasers and preferred status easier for suppliers.

Over the last 15 years, Bosch has embraced open source software starting with consuming open source tooling in automotive using the Eclipse IDE, embedding Linux into Bosch products, and co-innovation of software in public funded projects. Bosch is now leading more than a dozen open source projects and actively driving its open platform strategy for the Bosch IoT Suite at Eclipse IoT with over 1.5 million contributed lines of code. Therefore, it has a special interest in increasing the number of collaborating companies using mature open source management processes. Bosch believes OpenChain is a great platform to share good practices and improve the open source management systems and processes, so other companies can join open source communities.

The OpenChain Specification is the only standard for open source compliance in the supply chain and has major interest from automotive companies. Toyota is currently a platinum member and Scania recently became OpenChain conformant. Also, companies like Panasonic and Renesas are active in the community work groups.

“An open source management system standard will be key for successful collaboration on open source management infrastructure and services,” said Hans Malte Kern, Head of the Center of Competence Open Source, Bosch. “We’re excited to join the OpenChain project, as it reflects the importance of compliant open source usage, distribution, and contribution. Instead of negotiating the open source requirements with all our partners and suppliers, Bosch will leverage OpenChain as an open standard that provides common approaches and understanding for open source collaborations – not only in the automotive industry but also the connected world of IoT. We are convinced the OpenChain standard will replace bilateral negotiations, educations, and open source risk mitigation discussions.”

“It is terrific to have Bosch join other automotive companies such as Toyota as a platinum Member,” said Shane Coughlan, OpenChain General Manager. “Bosch is no stranger to the OpenChain Project and has a long history of contributing  to open source compliance activities. We are thrilled to have them participate in the Governing Board, Steering and Outreach Committees, as well as the work team calls and meetings to help drive this community forward.”

As a platinum member, a representative from Bosch will join the OpenChain Governing Board. Other platinum members of the OpenChain project include Adobe, ARM Holdings, Cisco, Comcast, Facebook, Google, Harman International, Hitachi, Microsoft, Qualcomm, Siemens, Sony, Toshiba, Toyota, Uber and Western Digital.

Additional Resources

About the OpenChain Project

The OpenChain Project builds trust in open source by making open source license compliance simpler and more consistent. The OpenChain Specification defines a core set of requirements every quality compliance program must satisfy. The OpenChain Curriculum provides the educational foundation for open source processes and solutions, whilst meeting a key requirement of the OpenChain Specification. OpenChain Conformance allows organizations to display their adherence to these requirements. The result is that open source license compliance becomes more predictable, understandable and efficient for participants of the software supply chain.

About The Linux Foundation

Founded in 2000, the Linux Foundation is supported by more than 1,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more.  The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

Contact

Jessica Rampen
OpenChain Project/Linux Foundation
jrampen@linuxfoundation.org
650-787-3548

OpenChain Newsletter #22

By Monthly Newsletter, News

Newsletter – Issue 22 – February 2019

The OpenChain Project has active bi-weekly calls and a central mailing list that provide the “nuts and bolts” of our community activity. These are joined by various releases of documents and announcements of OpenChain-related events throughout each month. We collect key developments in this newsletter once a month.

Introduction

Building trust in open source: a look inside the OpenChain Project

Open source software provides businesses with a number of benefits including cost, flexibility and freedom. This freely distributed software can also be easily altered by any business that is familiar with its source code.

Read more in TechRadar.

OpenChain @ Announcements

Microsoft joins OpenChain platform

As part of its continued efforts to support open source software, Microsoft has announced that it has joined the OpenChain Project as its latest platinum member.

The company joins the likes of Uber, Google and Facebook, who joined OpenChain last month as well as GitHub which the software giant acquired last year.

Read more in TechRadar.

Microsoft joins OpenChain open-source compliance group

OpenChain is the most important open-source project you’ve never heard of before. This Linux Foundation consortium provides an industry standard for open-source supply chain license compliance. And now, Microsoft has joined the the OpenChain Project.

Read more at ZDNet.

Microsoft joins the OpenChain Project to push open-source software licensing standards

Microsoft Corp. wants to support more standardization of open-source software licensing, so today it’s putting its weight behind the OpenChain Project as its latest platinum member.

Microsoft joins other platinum members that include Google LLC, Arm Holdings Ltd. and Facebook Inc., as well as GitHub Inc., which Microsoft acquired last year.

The OpenChain Project was set up to bring more clarity to the world of open-source software licenses. Open-source software has revolutionized the way in which companies build the technology they need to run their businesses, but licensing issues remain a big headache for their legal teams. In a constant state of panic over potential litigation issues, businesses need assurances that the open source they use is in compliance with whatever rules govern its use.

Read more in Silicon Angle.

Microsoft joins open-source foundation that is trying to simplify the software supply chain

The OpenChain Project, which is attempting to bring a little more clarity to the turbulent world of modern open-source licensing, is the latest beneficiary of Microsoft’s open-source redemption tour.

Read more in GeekWire.

Microsoft Joins OpenChain Project to Help Standardize Open Source Licensing

Microsoft has announced it is joining the OpenChain Project in another move that furthers the company’s embracing of the open source community. In a post this week, Microsoft says it is joining the OpenChain Project goal to standardize open source licensing.

Read more in WinBuzzer.

OpenChain Project Announces Bosch as Platinum Member

SAN FRANCISCO –  February 28, 2019 — The OpenChain Project, which builds trust in open source by making open source license compliance simpler and more consistent, announced today that Bosch has joined as a platinum member. Membership momentum continues to grow for the project, as Microsoft joined just a few weeks ago as well as other large companies including Uber, Google and Facebook in December. OpenChain provides a specification as well as overarching processes, policies and training that companies need to be successful in managing open source license compliance so that it becomes more efficient, understandable and predictable for participants of the software supply chain.

As code flows between companies that consume billions of lines of open source software through their supply chains to build new products and services, a key challenge is ensuring the relevant license requirements are met in a timely and effective manner. The OpenChain Project provides a consistent way to address that and other challenges. Conformance with the OpenChain Specification shows that an organization follows the key requirements of a quality open source compliance program, and builds trust between organizations in the supply chain. It makes procurement easier for purchasers and preferred status easier for suppliers.

Over the last 15 years, Bosch has embraced open source software starting with consuming open source tooling in automotive using the Eclipse IDE, embedding Linux into Bosch products, and co-innovation of software in public funded projects. Bosch is now leading more than a dozen open source projects and actively driving its open platform strategy for the Bosch IoT Suite at Eclipse IoT with over 1.5 million contributed lines of code. Therefore, it has a special interest in increasing the number of collaborating companies using mature open source management processes. Bosch believes OpenChain is a great platform to share good practices and improve the open source management systems and processes, so other companies can join open source communities.

The OpenChain Specification is the only standard for open source compliance in the supply chain and has major interest from automotive companies. Toyota is currently a platinum member and Scania recently became OpenChain conformant. Also, companies like Panasonic and Renesas are active in the community work groups.

“An open source management system standard will be key for successful collaboration on open source management infrastructure and services,” said Hans Malte Kern, Head of the Center of Competence Open Source, Bosch. “We’re excited to join the OpenChain project, as it reflects the importance of compliant open source usage, distribution, and contribution. Instead of negotiating the open source requirements with all our partners and suppliers, Bosch will leverage OpenChain as an open standard that provides common approaches and understanding for open source collaborations – not only in the automotive industry but also the connected world of IoT. We are convinced the OpenChain standard will replace bilateral negotiations, educations, and open source risk mitigation discussions.”

“It is terrific to have Bosch join other automotive companies such as Toyota as a platinum Member,” said Shane Coughlan, OpenChain General Manager. “Bosch is no stranger to the OpenChain Project and has a long history of contributing  to open source compliance activities. We are thrilled to have them participate in the Governing Board, Steering and Outreach Committees, as well as the work team calls and meetings to help drive this community forward.”

As a platinum member, a representative from Bosch will join the OpenChain Governing Board. Other platinum members of the OpenChain project include Adobe, ARM Holdings, Cisco, Comcast, Facebook, Google, Harman International, Hitachi, Microsoft, Qualcomm, Siemens, Sony, Toshiba, Toyota, Uber and Western Digital.

OpenChain @ Reference Material

The recently released OpenChain M&A Checklist has inspired discussion and further contribution to the project. Ibrahim Haddad has just announced a new draft M&A White Paper discussing open source processes in detail. At this time we are seeking review and comments ahead of a projected March release.

Review the Draft Text

OpenChain Specification 2.0 – Comment Now

It is official – we are now seeking broader public comments for version 2.0 of the Specification. This is one of the last major steps in the spec development cycle which is described here:
https://wiki.linuxfoundation.org/openchain/openchain-specification-wiki-page?&#specification_developmentrelease_process

We will continue to collection feedback from the OpenChain community through the public comments stage as well which concludes on March 22nd.

The current draft is available at:
https://wiki.linuxfoundation.org/_media/openchain/openchainspec-2.0.draft.pdf

Past readers of the spec might find the marked up version useful: https://wiki.linuxfoundation.org/_media/openchain/OpenChainSpec-2.0.draft.MarkUp.pdf

You can send feedback via:
the Mailing list: Openchain-specification@lists.linuxfoundation.org
the issues wiki: https://github.com/OpenChain-Project/Specification/issues;
or·
replying to Mark Gisi directly if you wish to remain anonymous (mark.gisi@windiver.com)

Updated Intro Slides – OpenChain – Great Open Source Compliance For Everyone

The latest version of the OpenChain Project introduction slides are available. These slides can help bring anyone interested in our standard and supporting material up-to-speed. Full speaker notes included on the downloadable version:
https://www.slideshare.net/ShaneCoughlan3/great-open-source-compliance-for-everyone-version-5

OpenChain @ Localization

OpenChain Japan Planning Subgroup報告 (2018年12月~2019年2月活動分)

‘OpenChain Japan Planning Subgroup報告 (2018年12月~2019年2月活動分)’ is a presentation outlining the activities of the OpenChain Japan Work Group with respect to dedicated sub-groups. This is a record showing how a purely volunteer group has built a strong community focused on real solutions for real businesses.

View the Slides

OpenChain Japan Planning Subgroup報告(2018年12月~2019年2月活動分)from Shane Coughlan

Summary

Outreach in Korea and improved reference material to help explain options around process content set the tone for an outward-facing, pro-active year that will see OpenChain dramatically expanding its engagement with companies around the world.

License and Trademarks

Copyright 2019 The Linux Foundation. This newsletter is licensed under the Creative Commons Attribution-NoDerivs 2.0 Generic (CC BY-ND 2.0). Please feel free to share it onwards! OpenChain is a trademark of The Linux Foundation. It may be used according to The Linux Foundation Trademark Policy and the OpenChain Terms of Use. All other trademarks belong to their respective owners.

OpenChain Specification 2.0 – Comment Now

By News

It is official – we are now seeking broader public comments for version 2.0 of the Specification. This is one of the last major steps in the spec development cycle which is described here:
https://wiki.linuxfoundation.org/openchain/openchain-specification-wiki-page?&#specification_developmentrelease_process

We will continue to collection feedback from the OpenChain community through the public comments stage as well which concludes on March 22nd.

The current draft is available at:
https://wiki.linuxfoundation.org/_media/openchain/openchainspec-2.0.draft.pdf

Past readers of the spec might find the marked up version useful: https://wiki.linuxfoundation.org/_media/openchain/OpenChainSpec-2.0.draft.MarkUp.pdf

You can send feedback via:
the Mailing list: Openchain-specification@lists.linuxfoundation.org;
or·
replying to Mark Gisi directly if you wish to remain anonymous (mark.gisi@windiver.com)

Find more guides and documents in the OpenChain Reference Library.

 

Comment on the next generation of the OpenChain Specification

By News

Comment Time!

The latest draft of the next version of OpenChain Project Specification can be found here:
https://wiki.linuxfoundation.org/_media/openchain/openchainspec-2.0.draft.pdf

A marked up version can be found here:
https://wiki.linuxfoundation.org/_media/openchain/OpenChainSpec-2.0.draft.MarkUp.pdf

Recent updates can be found in yellow and blue highlights.

IF YOU HAVE FEEDBACK PLEASE SUBMIT IT NOW TO ENSURE TIMELY CONSIDERATION

Next Steps:

· Continue to discuss the Introduction rewrite and work through the remaining outstanding issues listed on the spec’s github issue list:
https://github.com/OpenChain-Project/Specification/issues
· Widely distribute the draft for public comments which will be initiated on February 19th and will last 30 days
· The draft freeze period will start on April 4th and will last 14 days

The specification Development Life Cycle is explained here:
https://wiki.linuxfoundation.org/openchain/openchain-specification-wiki-page?_developmentrelease_process

Additional Resources

Find more guides and documents in the OpenChain Reference Library

Microsoft partners with OpenChain Project, simplifying compliance in software supply chain

By News

A global open source license compliance project, designed to simplify and make open source license compliance more consistent for participants of the software supply chain, has been backed by Microsoft.

The OpenChain Project, through its OpenChain Curriculum, looks to produce the “educational foundation” for open source processes and solutions creating a more predictable, understandable an efficient open source license compliance process for the software supply chain.

Read more in Supply Chain Digital.