News

As always, we focused on the question of “how do we use SBOMs in production, large-scale and complex supply chains?”

This Meeting Featured:

1. A special presentation from Thomas Graf of Siemens on the practical implementation and use of the Siemens SBOM.
2. Open Q&A session
3. And some updates from the Chair

Watch the Meeting:

Learn More About This Study Group:

Our SBOM Study Group brings all our various SBOM-related activities together and helps answer the question of “how do we use SBOMs in production, large-scale and complex supply chains?” Our original kick-off call has all the details.

Get Involved:

Everyone is welcome to be part of this study group! OpenChain has free, open access to all its work groups and study groups. Just turn up, and listen in, and contribute comments, ideas and suggestions.

✉️ We have a dedicated mailing list: https://lists.openchainproject.org/g/sbom

💻 We have a dedicated GitHub Repo: https://github.com/OpenChain-Project/SBOM-sg

Attend Future Meetings:

You can find and get the dial-in details for all future meetings from our participate page here: https://www.openchainproject.org/participate

We Discussed:

Lead by Martin Yagi (Chair Education Work Group), the call covered the following agenda:

• OpenChain Project News
• Specification Work Group – Updates to the standard(s) and regulatory adherence
• Education Work Group – Updates to training material
• Any Other Business?

A reminder for those in North America – while this edition of the monthly call is happening in the darkest hours of the night for you, we also have a monthly North America / Europe call that works better for those in the Americas. Check out the schedule for this and all our other meetings here:
https://openchainproject.org/participate

Watch the Recording:

Check out the Meeting Slides:

• https://github.com/OpenChain-Project/Meeting-Minutes/tree/main/Slides/2025

Coming Next:

• A ton of work pending on education, and a survey to be released for the spec. Expect a strong focus on looking at what we have accomplished, looking at feedback, and making it better.

Join Our Work:

Everyone is welcome to be part of the Specification Work Group. You can join their mailing list here:
https://lists.openchainproject.org/g/specification/

You can find and be part of all OpenChain calls through our participation page here:
https://openchainproject.org/participate

We Discussed:

Lead by Chris Wood (Chair, Specification Work Group) and Martin Yagi (Chair Education Work Group), the call covered the following agenda:

• OpenChain Project News
• Specification Work Group – Updates to the standard(s) and regulatory adherence
• Education Work Group – Updates to training material
• Any Other Business?

A reminder for those in Asia – while this edition of the monthly call is happening in the darkest hours of the night (01:30 in Japan!), we also have a monthly Europe / Asia call that works better for those in Eastern time zones. Check out the schedule for this and all our other meetings here:
https://openchainproject.org/participate

Watch the Recording:

Check out the Meeting Slides:

• https://github.com/OpenChain-Project/Meeting-Minutes/tree/main/Slides/2025

Coming Next:

• A ton of work pending on education, and a survey to be released for the spec. Expect a strong focus on looking at what we have accomplished, looking at feedback, and making it better.

Join Our Work:

Everyone is welcome to be part of the Specification Work Group. You can join their mailing list here:
https://lists.openchainproject.org/g/specification/

You can find and be part of all OpenChain calls through our participation page here:
https://openchainproject.org/participate

OpenChain will host a special webinar on 2025-11-27 @ 09:00 CET  entitled “Software Hash ID: you will not be able to live without it.”

The Software Hash Identifier (SWHID) is an intrinsic identifier for software source code and artifacts that became an international standard in April 2025 (ISO/IEC 18670:2025).

In this talk, Thomas Aynaud will present the Software Heritage mission and data model, introduce the concept of intrinsic identifiers, explain the SWHID specification, and present its open standard governance model. He will share how open source projects and companies can adopt and benefit from SWHID through real-world use cases. The session will conclude with a summary of the key advantages of SWHID and an update on Software Heritage’s plans to support its development and adoption in the coming months.

Join here @ 09:00 CET – 2025-11-27:
https://zoom-lfx.platform.linuxfoundation.org/meeting/92168606138?password=fa7d1a61-26f7-416a-b9f7-9a9f6935b390

The OpenChain Project held a Mini-Summit at Open Source Summit Europe 2025, covering AI, SBOM and Automotive topics. This was an extensive series of talks from domain experts in our field, and surrounded by the excellent, active and innovative community of professional colleagues that is a hallmark of our project.

Watch the Opening Keynote:

Watch the Entire Summit:

• https://www.youtube.com/playlist?list=PLbzoR-pLrL6pKJOISNSUEtnwG89yTBm5H

Our regular OpenChain AI Work Group took place with participants from North America and Europe, and with a focus on discussing next steps with the AI System Bill of Materials Compliance Guide. The current consensus is focused on obtaining more market feedback to inform future development.

Watch the Recording:

Get Involved:

Everyone is welcome to be part of this activity! OpenChain has free, open access to all its work groups and study groups. Just turn up, and listen in, and contribute comments, ideas and suggestions.

✉️ We have a dedicated mailing list for the AI Work Group: https://lists.openchainproject.org/g/ai

Attend Future Meetings:

You can find and get the dial-in details for all future meetings from our participate page here: https://www.openchainproject.org/participate