Skip to main content
Category

News

dSPACE GmbH Has Completed Third-Party Certification Of ISO/IEC 5230:2020

By Featured, News

dSPACE GmbH, a global leader in simulation and validation, has adopted ISO/IEC 5230:2020 via completed third-party certification provided by TÜV SÜD. TÜV SÜD is an official OpenChain Partner and is a well-known certification provider. 

“This certification is another important building block in dSPACE’s compliance management system,” says Stefan Schukat, Software Compliance Manager at dSPACE, “and the commitment to a sustainable, meaningful and compliant use of Open Source as well as the support of Open Source projects. We chose third-party certification via TÜV SÜD to ensure our adoption had assessment from independent, accredited experts, and to support the highest possible quality in our process management.”

“The adoption of ISO/IEC 5230 by dSPACE GmbH and their choice of third- party certification is a notable milestone in the increasing maturity of the open source supply chain,” says Shane Coughlan, OpenChain General Manager. “Our goal has always been to link more and more companies via trusted, reliable and consistent process management. This is an excellent example. Incidentally, the first OpenChain third-party certification was provided by TUV SUD to Hitachi in 2018. We are delighted to see the continuation of their service provision to the market, and our continued momentum in this domain.”

You can view the TUV SUD certificate for dSpace at this link:

About dSPACE

dSPACE is a leading provider of simulation and validation solutions worldwide for developing connected, autonomous, and electrically powered vehicles. The company’s range of end-to-end solutions are used particularly by automotive manufacturers and their suppliers to test the software and hardware components in their new vehicles long before a new model is allowed on the road. Not only is dSPACE a sought-after partner in vehicle development, but engineers also rely on dSPACE  know-how  when it comes to aerospace and industrial automation. The dSPACE portfolio ranges from end-to-end solutions for simulation and validation to engineering and consulting services as well as training and support. With more than 2,600 employees worldwide, dSPACE is headquartered in Paderborn, Germany; has three project centers in Germany; and serves customers through its regional companies in the USA, the UK, France, Japan, China, Croatia, Korea, India, and Sweden.

About the OpenChain Project

The OpenChain Project has an extensive global community of over 1,000 companies collaborating to make the supply chain quicker, more effective and more efficient. It maintains OpenChain ISO/IEC 5230, the international standard for open source license compliance programs and OpenChain ISO/IEC 18974, the industry standard for open source security assurance programs

About The Linux Foundation

The Linux Foundation is the world’s leading home for collaboration on open source software, hardware, standards, and data. Linux Foundation projects are critical to the world’s infrastructure, including Linux, Kubernetes, Node.js, ONAP, PyTorch, RISC-V, SPDX, OpenChain, and more. The Linux Foundation focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

OpenChain Project – Main Monthly North America and Asia Call – 2024-07-16 – Full Recording

By News

We held our regular Monthly North America and Asia Call this week. The focus was on discussing the Public Comment period for our draft proposed updates to the licensing and security specifications.

We keep all the slides from our monthly calls online and they can be a useful way to access direct links and more details:

Overview of the Public Comment Period

OpenChain Project Announces Public Comment Period for Draft Updates to Compliance and Security Specifications

Starting 2024-06-19 ~ Ending 2024-12-19

The OpenChain Project has announced the beginning of its six month Public Comment Period for proposed draft updates to the open source license compliance (ISO/IEC 5230:2020) and open source security assurance (ISO/IEC 18974:2023) specifications.

As per our specification development process outlined in the project FAQ, this Public Comment Period will run for six months, and it will be followed by a three month Freeze Period.

During the Public Comment Period everyone is invited to review and comment on the specifications. As an open project developing open standards, we host the draft documents on our GitHub repositories.

Learn More:

You can comment on this process by joining our monthly calls or via our Specification Mailing list. You can also leave comments via GitHub issues as detailed below.

Webinar: IAV, TimeToAct and ISO/IEC 5230 – Third-Party Certification Case Study

By legal, licensing, News, standards, Webinar

IAV GmbH has announced adoption of ISO/IEC 5230:2020 via third-party certification provided by TimeToAct. Adjacent to this, IAV and TimeToAct has collaborated with the OpenChain Project on a webinar and case study about the certification rationale and process. This webinar digs into details on how, why and when decisions were made in the IAV adoption and use of ISO/IEC 5230.

Get the Slides

More About Our Webinars:

This event is part of the overarching OpenChain Project Webinar Series. Our series highlights knowledge from throughout the global OpenChain eco-system. Participants are discussing approaches, processes and activities from their experience, providing a free service to increase shared knowledge in the supply chain. Our goal, as always, is to increase trust and therefore efficiency. No registration or costs involved. This is user companies producing great informative content for their peers.

Check Out The Rest Of Our Webinars

This OpenChain Webinar was broadcast on 2024-07-16.

OpenChain SBOM Study Group Kick-Off Call – 2024-07-30 at 09:00 CEST / 15:00 CST / 16:00 KST + JST

By News

OpenChain SBOM Study Group Kick-Off Call

2024-07-30 at 09:00 CEST / 15:00 CST / 16:00 KST + JST

The OpenChain Governing Board recently approved the creation of a new study group to discuss SBOM use in the supply chain. With a focus on “how to use,” this study group will consider practical ways to increase trust in the supply chain and satisfy regulatory requirements. It builds on previous work by the OpenChain Project around lightweight SBOM profiles (SPDX Lite), defining quality SBOM (Telco SBOM Guide) and local work group activities.

Join here up to ten minutes before we start, no registration required:

This kick-off call will:

  • Introduce the practical considerations of using SBOMs in supply chains
  • Discuss who these considerations apply to
  • Talk about existing market solutions: Case Study SPDX Lite
  • Have an open discussion on next steps

Everyone with an interest in SBOMs, the use of SBOMs in the supply chain, and in increasing trust in the supply chain is invited. Kobota San from Sony is the chair of this study group in 2024. Kobota San, thank you for stepping forward to start this activity!

We have a dedicated mailing list:

We have a dedicated Slack Channel:

We have a dedicated GitHub Repo:

OpenChain Explainer for Sales and Marketing – Beta

By News

One of the most innovative people in the OpenChain community has to be Martin Yagi of the UK Work Group. He kicked off an initiative to create and publish tons of bite-sized videos around OpenChain training courses and more. Not satisfied with that, he has also created a beta video for some work underway in the Education Work Group around “explainers” for different departments in companies.

Let’s explore how we can explain OpenChain to Sales and Marketing departments (beta, because the explainer is still in draft development).

Want to be part of helping with the development of the explainer series?

Be part of this:

You can get involved with the Education Work Group through their dedicated mailing list. At this link, you will also find connections to other study and working groups around the world:

OpenChain AI Study Group Call – Asia Sync Call – 2024-07-11 – Full Recording

By News

The OpenChain AI Study Group held its regular Asia sync on the 11th of July. This focused on a recap of the earlier monthly workshop, including an overview of outcomes from the recent OpenChain Governing Board meeting regarding the AI Study Group, flagging a presentation by Laurie Grant @ Qualcomm on ISO/IEC 42001, and other discussion around shared concerns regarding AI compliance in the supply chain.

Be part of this:

You can get involved with this study or work group through their dedicated mailing list. At this link, you will also find connections to other study and working groups around the world:

OpenChain Education Work Group – 2024-07-03 – Full Recording

By News

On the 3rd of July we held our regular meeting of the OpenChain Education Work Group. As part of the outreach activities of the OpenChain Project, it focuses on help to make it easier to understand and adopt OpenChain ISO/IEC 5230:2020 for license compliance and OpenChain ISO/IEC 18974:2023 for security assurance. Discussion ranges from handouts to education leaflets to training slides to case studies and guides. Editing is normally done on GitHub. All are welcome.

Exciting stuff this time:

  • Explainers for different parts of companies
  • Maturity modeling
  • More about upcoming PDF versions of documents
  • And a discussion about our update training slides

Be part of this:

You can get involved with the OpenChain Education Work Group through their dedicated mailing list. At this link, you will also find connections to other working groups around the world:

OpenChain Telco Work Group Meetings – 2024-07-04 – Full Recording

By News

As usual, this was a very practical meeting, and it covered topics like TR-03183 – Cyber Resilience Requirements for Manufacturers and Products. Full recording below.

Be part of this:

You can get involved with the OpenChain Telco Work Group through their dedicated mailing list. At this link, you will also find connections to other working groups around the world:

Please note: you do not have to be an expert in telecommunications or work for a telecommunications company to join the group. Work on subjects like the Telco SBOM Quality Guide is intended to also help other market sectors.

OpenChain Japan All Member Meeting #30 – 2024-02-28

By News

An oldie but a goodie. If you want to see what a longer community event is like, check out the OpenChain Japan All Member Meeting #30 from February.

Owada San, our ever-dedicated community contributor, is currently preparing the 31st meeting for release, so watch this space!

You can get involved with the OpenChain Japan Work Group through their dedicated mailing list. At this link, you will also find connections to other working groups around the world: