Skip to main content
Category

News

Webinar: Open Hardware at CERN, FOSSLight Overview and Automating Yocto with SPDX

By automation, community, Featured, licensing, News, standards, Webinar

This webinar covered a lot of ground with open hardware, new open source automation from Korea and methods of using SPDX with the Yocto Project. It provided a solid way to “take the pulse” of a certain moment in open source governance.

Plus…

The LG Electronics video on FOSSLight

The full LG Electronics presentation

Check Out The Rest Of Our Webinars

This is OpenChain Webinar #26, released on 2021-07-07.

The Linux Foundation SBOM Readiness Survey

By News

The Linux Foundation’s SBOM Readiness Survey has just been announced on their blog and social media channels. This is a major, important new initiative for the Linux Foundation.

Please take a few moments to read more about it and complete it if possible:

Linux Foundation Research Announces Software Bill of Materials (SBOM) Readiness Survey – Linux FoundationThis SBOM readiness survey is the Linux Foundation’s first project addressing how to secure the software supply chain.LINUXFOUNDATION.ORG

Webinar: Compliance Around Old Development Projects + ISO 5230 in Software Quality Management

By community, Featured, legal, licensing, News, standards, Webinar

In this webinar we had two great talks and a very active Q&A. First we had Dr. Till Jaeger from JBB Rechtsanwälte on ‘How to bring an ancient development project into compliance best practices.’ This was followed by Nicole Pappler from AlektoMetis ‘OpenChain ISO 5230 and Software Quality Management.’ Check out the full recording below.

Check Out The Rest Of Our Webinars

This is OpenChain Webinar #25, released on 2021-06-23.

External Webinar: Accelerating Innovation With Open Source and Agile Compliance in the Financial Sector; June 17 at 11:00 CET

By News

Open source adoption is increasing rapidly within the financial services industry. Thanks to cutting edge technologies, affordability, flexibility, and the power of the open source community – more and more financial institutions are encouraged to integrate open source components into their investment and more data processing systems.

Meanwhile, the industry’s growing list of compliance initiatives and regulations dramatically changes the way financial companies rely on technology

to help improve governance and compliance structures.

In this webinar our experts will discuss the challenges the financial services industry faces when it comes to open source compliance, a look at regulation trusted standards and how companies that want to stay ahead of the game must leverage technology to automate important security and compliance processes.

Read the full article and register here.

Software Bill of Materials: Protect Yourself, Protect Your Supply Chain (External Article)

By News

Device and IoT manufacturers must manage risk around the rapidly growing dependency on open source software, which directly impacts trust among software supply chain vendors and suppliers. How a software bill of materials (SBOM) plays a critical role, discusses Mark Gisi, director of the open source program office at Wind River Systems.

Imagine that you’ve injured yourself. You think you’ve broken a bone—maybe a toe. You go to a doctor to determine what’s happened and how to treat the injury. 

Who would you trust more? The doctor who just looks at the outside of your foot or the doctor who orders and reads an x-ray for clarity into what’s actually going on inside. 

Just as x-rays provide insight to what’s happening in your body, an open source software bill of materials (SBOM) provides details of what’s going on inside your software and how to handle it. 

Device and IoT manufacturers need to effectively manage risk around the rapidly growing dependency on open source software (OSS), which directly impacts trust among software supply chain vendors and suppliers. For this reason, the SBOM is a cornerstone of every robust software composition analysis (SCA) program. Here we’ll look at why that is, the critical role the SBOM plays in establishing trust around the use of open source, and why a quality SBOM is essential to the success of both internal and external stakeholders.

Read the full article here

OpenChain Korea Work Group Meeting #10 – 2021-06-22

By News

The OpenChain Korea Work Group will hold its 10th meeting on the 22nd of June between 15:00 and 17:00 KST. The agenda will be published on the dedicated event page shortly. All welcome. No registration necessary. The meeting will be conducted in Korean.

Keep Connected To The Korea Work Group

Check Out The Details

External Blog: ISO 5230 OpenChain: How Will the Standard be Used?

By News

“Open source software license compliance must not be overlooked. Following the trends in the use of ISO/IEC 5230:2020, it is fair to predict more companies and industries will demand conformance as well as integrate the standard into their supply chain work practices. Cybersecurity breaches are a serious threat to all types of businesses. In the last twelve months four in ten businesses report having cybersecurity breaches or attacks in the UK. Although ISO/IEC 5230:2020 does not contain an express provision regarding cybersecurity, conformance to the standard makes the tracking of security vulnerabilities much easier. Adherence to the ISO standard now, puts your organisation ahead of the curve and places you ahead of non-conformant competitors.”

Read The Full Article