This week we have the following international meetings:
Tuesday 23rd April:
– OpenChain Webinar: OFE Briefing on the Cyber Resilience Act @ 07:00 UTC
You can check out all our international meetings and get instructions on adding our calendar to your client here:
Tomorrow we are holding the OpenChain Webinar: OFE Briefing on the Cyber Resilience Act
2024-04-23 @ 07:00 UTC / 09:00 CEST / 15:00 CST / 16:00 KST + JST
This is a special briefing lead by Ciarán O’Riordan, Senior Policy Advisor at OpenForum Europe (OFE), on European policy matters that impact open source, business processes and risk management. OFE is a not-for-profit, Brussels-based independent think tank which explains the merits of openness in computing to policy makers and communities across Europe. Originally launched in 2002 to accelerate and broaden the use of Open Source Software (OSS) among businesses, consumers and governments, OFE’s focus has since evolved to also cover issues related to Open standards, Cybersecurity, Digital Government, Public Procurement, Intellectual Property, Cloud Computing and Internet Policy.
Get the dial-in details on the OpenChain Global Calendar at our “Participate” page:
https://www.openchainproject.org/participate
This webinar by Hilary Carter, SVP Research at The Linux Foundation, unpacked LF Management & Best Practices, the digital home where communities of “best practice” converge. Here, you’ll be able to find the standards, reference material, courses, live events and webinars, research, project communities, and the automation tools to help you start your project or organization’s open source journey, and to keep it on track!
This event is part of the overarching OpenChain Project Webinar Series. Our series highlights knowledge from throughout the global OpenChain eco-system. Participants are discussing approaches, processes and activities from their experience, providing a free service to increase shared knowledge in the supply chain. Our goal, as always, is to increase trust and therefore efficiency. No registration or costs involved. This is user companies producing great informative content for their peers.
This OpenChain Webinar was broadcast on 2024-04-09.
Shane Coughlan, OpenChain General Manager, presented at Open Source Summit North America on the topic of how OpenChain ISO/IEC 5230:2020 and ISO/IEC 18974:2023 will impact procurement, M&A and supply chain management in 2024. This talk was targeted towards legal professionals, but accessible to all parties.
This talk was part of the new Operations Management Summit track developed in collaboration with LF Research. This new track compliments the recently launched LF Management & Best Practices portal. The goal is to make it easier for all parties working on open source management in organizations to find the resources they need.
Check out the full recording below.
This webinar had Marcel Kurzmann from Robert Bosch GmbH present the Eclipse Apoapsis project in general with its process level idea of an abstraction layer concept and the ORT-server on a technical level. In the second part of the webinar, he gave an introduction of the abstraction layer concept with a generic process description, the generic architecture and templates.
This event is part of the overarching OpenChain Project Webinar Series. Our series highlights knowledge from throughout the global OpenChain eco-system. Participants are discussing approaches, processes and activities from their experience, providing a free service to increase shared knowledge in the supply chain. Our goal, as always, is to increase trust and therefore efficiency. No registration or costs involved. This is user companies producing great informative content for their peers.
This OpenChain Webinar was broadcast on 2024-04-09.
Volvo Cars has announced an OpenChain ISO/IEC 5230:2020 conformant program.
“Volvo Cars is committed to a sustainable, meaningful approach to open source engagement,” says Mary Wang, Director of Open Source at Volvo Cars. “Our adoption of ISO/IEC 5230 for helping to manage open source license compliance is part of this strategy. We look forward for working with the OpenChain Project and community as we expand the scope of our program over time, and contribute knowledge and experience to our peers and suppliers.”
“We are delighted to welcome Volvo Cars to our community of conformance,” says Shane Coughlan, OpenChain General Manager. “We are also grateful for their choice to publicly announce this program, and allow us to add their logo alongside contemporaries such as Toyota on our website. The positive momentum in the automotive industry around using ISO standards for open source supply chain management serves as an inspiration to all industries, and is an example of how open source has become not only core to software development, but also aligns with professional, sustainable management practices.”
Volvo Cars was founded in 1927. Today, it is one of the most well-known and respected car brands in the world with sales to customers in more than 100 countries. Volvo Cars is listed on the Nasdaq Stockholm exchange, where it is traded under the ticker “VOLCAR B”.
“For life. To give people the freedom to move in a personal, sustainable and safe way.” This purpose is reflected in Volvo Cars’ ambition to become a fully electric car maker by 2030 and in its commitment to an ongoing reduction of its carbon footprint, with the ambition to be a climate-neutral company by 2040.
As of December 2023, Volvo Cars employed approximately 43,400 full-time employees. Volvo Cars’ head office, product development, marketing and administration functions are mainly located in Gothenburg, Sweden. Volvo Cars’ production plants are located in Gothenburg, Ghent (Belgium), South Carolina (US), Chengdu, Daqing and Taizhou (China). The company also has R&D and design centres in Gothenburg and Shanghai (China).
This week we have the following international meetings:
Tuesday 16th April:
– OpenChain Monthly North America / Asia Call @ 01:00 UTC
You can check out all our international meetings and get instructions on adding our calendar to your client here:
The focus was on developing the Draft Security Assurance Specification 2.0, which may become an update to ISO/IEC 18974:2023 over time.
Add triage entry to specific situations where vulnerability not applicable
https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/29
Expand definitions section for (1) Secure Software Development to include Secure Programming Techniques and (2) Security Testing to include Static and Dynamic
https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/36
We also had a look at the Draft License Compliance Specification 3.0, which may become an update to ISO/IEC 5230:2020 over time.
3.8 supplied software – for discussion in subsequent iteration
https://github.com/OpenChain-Project/License-Compliance-Specification/issues/40
Verification Material For Training – next iteration
https://github.com/OpenChain-Project/License-Compliance-Specification/issues/38
On the 2nd of April, the OpenChain AI Study Group continued its monthly AI workshop series to deep dive into the topic of AI compliance. On this call we narrowed down the focus area with a concluding decision to refine the discussion by taking the content of ISO 5230 and seeing what level of overlap there is with AI supply chain compliance. You can check out the full recording for a precise recap.
On the 11th of April, the OpenChain AI Study Group held its new regular recap meeting for Europe / Asia participants. This is not intended to push forward “the state of the art” in the discussion, but rather ensure Asian participants sync with the North America / Europe discussion, and to provide a platform for further input ahead of the next monthly workshop.
You can follow and contribute to the work of the OpenChain AI Study Group through its dedicated mailing list. This is open to everyone regardless of industry vertical or speciality. You will find it here:
Watch The Previous Meeting
The first Workshop to deep-dive into this topic and consolidate ideas was held on the 6th of March 2024:
You can find and get the dial-in details for all future AI Study Group meetings from our participate page here:
As the chairpersonship batten passes from Nathan to Andrew, Andrew lead a full assessment and discussion on next steps. A ton is happening, with the last year of work including updates to the reference training slides and supplier education leaflet pending release, the Telco SBOM Quality Guide now approved for final review and release as an official OpenChain resources, and new ideas on the table.
Join the Education Work Group mailing list to participate in the calls and async editing:
© 2024 OpenChain. All rights reserved. The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our Trademark Usage page. Linux is a registered trademark of Linus Torvalds. Privacy Policy and Terms of Use
