This series highlights offerings from various service providers throughout the global OpenChain eco-system. Each featured partner has an official relationship with the project, whereby they may use our trademark for marketing OpenChain-specific services, and in exchange they help with community outreach, education and other aspects of collaborative (and free) support.
This event is part of the overarching OpenChain Project Webinar Series. Our series highlights knowledge from throughout the global OpenChain eco-system. Participants are discussing approaches, processes and activities from their experience, providing a free service to increase shared knowledge in the supply chain. Our goal, as always, is to increase trust and therefore efficiency. No registration or costs involved. This is user companies producing great informative content for their peers.
It is time for another OpenChain mini-summit! This time we are going to be discussing one of the most critical aspects of our project outside of the ISO/IEC 5230 standard for open source license compliance:
How do we onboard people *to* the standard and to our broader community?
This topic covers outreach, it covers what happens when people arrive on our site, and it covers how we arrange community support.
We would really value your input in this event as we discuss:
How should we “market” OpenChain ISO/IEC 5230?
How can entry to our website and community work best for new participants?
How can we do great community support regionally and globally?
How should the Onboarding Committee of the project work in the future?
Nathan Kumagai, our chair, will lead the discussion.
The OpenChain Project featured prominently at an open hardware event held in China on July 1st. This is part of our long-term commitment to supporting a trusted supply chain, and an awareness that the supply chain will inevitably consist of both hardware and software.
Check out our (and other) speeches from the event:
RIOS Lab is an open source lab founded by Prof. David Patterson, the inventor of RISC. We are committed to contributing to the open RISC-V ecosystem. In the last two years, RIOS Lab has launched several legal research projects on OSH IP protection collaborating with top research institutes, law firms, and leading companies in the microprocessor industry. In these projects, we conduct microprocessor patent analysis, and study its potential impact or threats to RISC-V as well as OSH in general.
Feeling the need to further raise the awareness of the importance of open source hardware IP protection and licensing, RIOS Lab is organizing a workshop series that invites policymakers, open source community leaders, academic researchers, and legal professionals and experts around the world to discuss the legal issues the OSH community is facing.
The OpenChain Japan Work Group will hold its 24th all member meeting (11th virtual meeting) on July 29 (Friday) between 15:00 and 16:00 Japan Standard Time (JST). The primary discussion will be around the open source program office (OSPO) of Cybertrust. OSPO activity is an emerging topic in this jurisdiction and all are welcome to participate.
First Korean IT service company to achieve ISO/IEC 5230:2020
To enhance reliability with preliminary verification and threat factor prevention conducted by open source specialists
To provide integrated system that manages open source usage and verification history
Samsung SDS became the first among Korean IT service companies to adopt the international standard for open source compliance (ISO/IEC 5230:2020) maintained by OpenChain Project.
This certification is enabled by OpenChain Project, led by the Linux Foundation in 2016, to global companies that secured open source license compliance process and application capabilities.
Samsung SDS was acknowledged for its global competence in all evaluation criteria including open source policy and process, professional workforce, and employee training.
Although open source is a software license that makes source code available to the public, legal disputes and threats may occur if users do not comply with its license agreement or verify weak points.
Early this year, Samsung SDS expanded its team dedicated to open source software into Open Source Program Office(OSPO) and reinforced specialists in development, security, legal, and patent, in order to provide support in open source application and prevent legal disputes.
The OSPO enhances open source usage by conducting preliminary verification on threats such as security weak points and errors during the planning stage of software, application and IT infrastructure development.
Since last year, Samsung SDS carries out a comprehensive review in cooperation with its overseas offices and Global Development Center to operate an open source verification system on a global level.
Samsung SDS will develop an integrated management system by September to manage open source status, track previous verification records, and respond to weak points. The company expects the system to further strengthen customer trust in its IT service business and solutions.
Jongpil KIM, Executive Vice President and Leader of Development Office at Samsung SDS, said, “With the increasing use of open source software, securing reliability is important in the software supply chain. With thorough verification and abiding by the license policy, Samsung SDS will provide our customers with services and solutions they can rely on.”
The OpenChain Project is launching a new series of webinars that will explain the services available from our partners around the world. Our goal is to help you understand your options if you seek third party assistance for adoption, refinement or certification.
In this webinar we cover the services available from a Chinese service provider call XMirror. This company provides SCA solutions and – intriguingly – has an open source version of their tooling available for anyone to use: https://gitee.com/xmirrorsecurity
The agenda for our next two webinars is:
26th of July at 06:00 UTC:
LEX PAN LAW & OPSEQUIO
9th of August at 06:00 UTC:
EACG (TrustSource)
We also have webinars coming from:
HH Partners & Double Open
PwC
Bitsea GmbH
And more…
We hope you enjoy this new series and welcome your feedback as it progresses.
As a side note, this does not replace our existing community webinar series. That will continue throughout 2022 as usual. You can expect the new agenda for those events to be published soon.
This series highlights offerings from various service providers throughout the global OpenChain eco-system. Each featured partner has an official relationship with the project, whereby they may use our trademark for marketing OpenChain-specific services, and in exchange they help with community outreach, education and other aspects of collaborative (and free) support.
This event is part of the overarching OpenChain Project Webinar Series. Our series highlights knowledge from throughout the global OpenChain eco-system. Participants are discussing approaches, processes and activities from their experience, providing a free service to increase shared knowledge in the supply chain. Our goal, as always, is to increase trust and therefore efficiency. No registration or costs involved. This is user companies producing great informative content for their peers.
Sony will host a small physical meeting at their Shinagawa offices on the 14th of July between 09:20 and 10:50 as a prelude to a full in-person OpenChain Japan Work Group meeting. This is the first physical meeting for our Japan Work Group in two and a half years.
The current plan is to have around 10 people attend. This will ensure compliance with company policies and act as a stepping stone to larger gatherings.
We expect to discuss the current state of the market, our community, and concrete next steps in collaboration for 2H 2022.
The OpenChain Project featured prominently at this event held in China via a talk (slides below) and participation in the end panel discussion on next steps in IPR around open hardware. This is part of our long-term commitment to supporting a trusted supply chain, and an awareness that the supply chain will inevitably consist of both hardware and software.
