News

Revenera, a company with more than three decades of history in software licensing and compliance, has adopted OpenChain ISO/IEC 5230 for managing open source license compliance. OpenChain ISO/IEC 5230 is the International Standard for open source license compliance, and is supported by a global community spanning multiple continents.

“The OpenChain Project has established a set of requirements for a comprehensive open source management program. By applying OpenChain standards, Revenera is able to demonstrate our shared commitment to increasing trust and transparency in open source software usage,” said Alex Rybak, Director of Product Management at Revenera. “As a provider of solutions that help organizations manage their software supply chain, Revenera is honored to lead by example by being OpenChain Conformant.”

“The pervasive nature of open source means that many companies specializing in the use of open source are users themselves,” says Shane Coughlan, OpenChain General Manager. “Revenera is an example of a company both experienced in the management of open source and simultaneously being a consumer of this type of technology. Their adoption of OpenChain ISO/IEC 5230 is a simple, clear statement of their commitment to supporting the key requirements of quality open source compliance programs.”

About Revenera

Revenera helps product executives build better products, accelerate time to value and monetize what matters. Revenera’s leading solutions help software and technology companies drive top line revenue with modern software monetization, understand usage and compliance with software usage analytics, empower the use of open source with software composition analysis and deliver an excellent user experience—for embedded, on-premises, cloud and SaaS products. To learn more, visit www.revenera.com.

About the OpenChain Project 

The OpenChain Project maintains the International Standard for open source license compliance. This allows companies of all sizes and in all sectors to adopt the key requirements of a quality open source compliance program. This is an open standard and all parties are welcome to engage with our community, to share their knowledge, and to contribute to the future of our standard.

About The Linux Foundation

The Linux Foundation is the organization of choice for the world’s top developers and companies to build ecosystems that accelerate open technology development and industry adoption. Together with the worldwide open source community, it is solving the hardest technology problems by creating the largest shared technology investment in history. Founded in 2000, The Linux Foundation today provides tools, training and events to scale any open source project, which together deliver an economic impact not achievable by any one company. More information can be found at www.linuxfoundation.org.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage.

Linux is a registered trademark of Linus Torvalds.

IT company expands portfolio to include open-source license management and services around OpenChain ISO/IEC 5230

TIMETOACT becomes an official partner of OpenChain a project of the Linux Foundation: With this partnership the IT company from Cologne Germany qualifies to advise companies on the implementation of open-source license management programs and to support customers adopting OpenChain ISO/IEC 5230.  

Open source software, just like proprietary software, is used based on various license conditions. It is important to adhere to these conditions to ensure smooth business operations and to avoid concerns or conflicts with third parties. OpenChain ISO/IEC 5230 is an International Standard focused on identifying the key requirements of a quality open source license compliance program, and allows companies that adopt it through self-certification, independent assessment or third-party certification to substantial reduce their potential exposure to issues.

“Open source has long been more than just a trend in the IT landscape – more and more software uses open-source libraries, frameworks and the like,” says Simon Pletschacher, Manager IT Performance Strategy at TIMETOACT. “We are very pleased to be working with OpenChain. The partnership offers our customers tangible added value and will help them to adopt OpenChain ISO/IEC 5230 in the future.” 

“OpenChain helps companies of all sizes and across all markets get more effective license programs in place,” says Shane Coughlan, OpenChain General Manager. “We are pleased to welcome TIMETOACT as another consultancy partner in our project and to collaborate on making sure more companies have easy access to the key requirements of quality open source compliance programs.”

Learn More About TIMETOACT

TIMETOACT Software & Consulting GmbH is the strategic partner for and trusted advisor to its customers. With an unrestricted customer focus and high analytical and technical expertise we implement sustainable solutions for the upper middle class, insurance companies and public authorities. Our range of services includes consulting on Cloud Transformation, Digital Workplace, Custom Applications, BI & Data Science, Enterprise Content Management, Identity & Access Management, Managed Services and Managed Support as well as Software License Consulting & Sales. Together with our subsidiaries, we can implement very large and comprehensive projects as a general contractor.

• https://www.timetoact.de/details/open-source-lizenzmanagement

One of the key documents in the OpenChain ecosystem – and the broader world of open source license compliance – is our policy template. This is designed to help organizations quickly, effectively create open source policies for their teams.

The policy template was originally created by Andrew Katz, from Orcro Limited and Bristows LLP, in the United Kingdom. It has since been explored and used by open source stakeholders around the world. Recently, the OpenChain China Work Group began to explore localization, and thanks to the hard work of Chloe Zhong from Honor we now have a complete document in Simplified Chinese to share with the world.

The policy template is a spreadsheet with different tabs to help you formulate a policy that is concise but effective. It can be used by people new to or experienced in open source, and provides plenty of support to assist with your decisions.

You can get the Chinese version in Excel (XLSX) and OpenDocument (ODS) formats:

• https://github.com/OpenChain-Project/Reference-Material/tree/master/Policy-Templates/Official/OpenChain-2.1-ISO5230/zh-Hans

You can also get the English version in Excel (XLSX) and OpenDocument (ODS) formats:

• https://github.com/OpenChain-Project/Reference-Material/tree/master/Policy-Templates/Official/OpenChain-2.1-ISO5230/en

And we also have a Japanese version in Excel (XLSX) and OpenDocument (ODS) formats:

• https://github.com/OpenChain-Project/Reference-Material/tree/master/Policy-Templates/Official/OpenChain-2.1-ISO5230/ja

We welcome more translations to help more organizations around the world use open source effectively. Please reach out to our main mailing list if you wish to assist:

• https://lists.openchainproject.org/g/main

First North American Company to Adopt International
Open Source Standard Across its Entire Product Portfolio

WATERLOO, ON and SAN FRANCISCO, CA – March 17, 2022 – BlackBerry Limited (NYSE: BB; TSX: BB) today announced that it is the first company based in North America to adopt and conform to OpenChain ISO / IEC 5230:2020 across its entire product portfolio. OpenChain is the International Standard for open-source license compliance and is designed to build trust in the supply chain. BlackBerry saw the need to lead in this space to adopt a higher standard for its software supply chain.

The new accreditation will enable BlackBerry customers to have increased confidence in the company’s ability to manage the use of open source software across its Cybersecurity and IoT product portfolio. As the frequency and severity of cybersecurity attacks grow and stringent regulatory standards like President Biden’s Cybersecurity Executive Order come into effect, the need to have holistic visibility into the security of the software supply chain is of paramount importance, particularly when managing open source software.  

BlackBerry is the first company in North America to gain company-wide OpenChain ISO/IEC 5230:2020 conformance and collaborated with OSS Consultants to achieve the accreditation. OpenChain encourages self-certification, independent assessment, and third-party certification as options for entities seeking to address the risk profile of their supply chain.

“It is hard to overstate the importance of today’s announcement,” says Shane Coughlan, OpenChain General Manager. “BlackBerry has one of the deepest industry pedigrees in bringing increased peace of mind to enterprise and governmental organizations. Certifying their open source software management  underlines their commitment to excellence and serves as a beacon for other companies to follow.”

“We are extremely proud to be the first company based in North America to announce whole entity conformance to OpenChain ISO/IEC 5230:2020,” said Charles Eagan, Chief Technology Officer at BlackBerry. “BlackBerry continues to lead in securely developing software. We realized the importance of leveraging Open Source Software and recognized the need for a robust process to manage the use of it in our products.”

“As trusted consultants that have helped organizations of all sizes implement Open Source Programs, we were thrilled to partner with BlackBerry to attain the first whole-entity OpenChain conformance in North America. The OpenChain Project has set a high standard of open-source compliance within the supply chain and across the world,” said Russ Eling, CEO and Founder of OSS Consultants.”

###

About BlackBerry

BlackBerry (NYSE: BB; TSX: BB) provides intelligent security software and services to enterprises and governments around the world.  The company secures more than 500M endpoints including over 195M vehicles.  Based in Waterloo, Ontario, the company leverages AI and machine learning to deliver innovative solutions in the areas of cybersecurity, safety and data privacy solutions, and is a leader in the areas of endpoint management, endpoint security, encryption, and embedded systems.  BlackBerry’s vision is clear – to secure a connected future you can trust.

BlackBerry. Intelligent Security. Everywhere. 

For more information, visit BlackBerry.com and follow @BlackBerry.

Trademarks, including but not limited to BLACKBERRY and EMBLEM Design are the trademarks or registered trademarks of BlackBerry Limited, and the exclusive rights to such trademarks are expressly reserved.  All other trademarks are the property of their respective owners.  BlackBerry is not responsible for any third-party products or services.

About OSS Consultants:

OSS Consultants is a business dedicated to helping organizations of all sizes – from the world’s largest and well-known companies to small businesses and start-ups – design, implement, and manage the most efficient, comprehensive and robust open-source program offices and policies on the planet. Service offerings range from a scan and audit of your third-party and proprietary software to creating a full OSPO within your organization. Find more information at www.ossconsultants.com.

About the OpenChain Project 

The OpenChain Project maintains the International Standard for open source license compliance. This allows companies of all sizes and in all sectors to adopt the key requirements of a quality open source compliance program. This is an open standard and all parties are welcome to engage with our community, to share their knowledge, and to contribute to the future of our standard.

About The Linux Foundation

The Linux Foundation is the organization of choice for the world’s top developers and companies to build ecosystems that accelerate open technology development and industry adoption. Together with the worldwide open source community, it is solving the hardest technology problems by creating the largest shared technology investment in history. Founded in 2000, The Linux Foundation today provides tools, training and events to scale any open source project, which together deliver an economic impact not achievable by any one company. More information can be found at www.linuxfoundation.org.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage.

Linux is a registered trademark of Linus Torvalds.

Media Contact:

BlackBerry Media Relations
+1 (519) 597-7273
mediarelations@BlackBerry.com

OSS Consultants Media Relations
info@ossconsultants.com

The OpenChain Korea Work Group holds its next meeting on the 16th of March at 14:00 Korea Standard Time. Check out the agenda and the dial-in details below!

You can join the event via LINE’s Zoom room:
https://line.zoom.us/j/98865487244?pwd=UnJFMHg2ZmIxNTAwcWtGTkRzc2tJdz09​
Please use this password: 160322

The Korean Work Group also had a dedicated page for the event:

• https://openchain-project.github.io/OpenChain-KWG/en/meeting/13th/

Block, a global technology company with a focus on financial services, today joined OpenChain’s Governing Board. Block, made up of Square, Cash App, Spiral, TIDAL, and TBD, builds tools that help make the economy more accessible for everyone. The OpenChain Project has been building trust in the supply chain since 2016. It maintains OpenChain ISO/IEC 5230, the International Standard for open source license compliance. This is a simple, effective standard suitable for companies of all sizes in all markets. It is developed openly by a vibrant user community and freely available to all.

“Welcoming Block to the OpenChain Governing board is a landmark moment for our project,” says Shane Coughlan, General Manager at OpenChain. “The financial sector is one of the areas where regulation is most important, and where getting things done correctly is of vital significance. Managing the supply chain is an issue here as it is everywhere, and OpenChain standard for open source compliance helps to mitigate this challenge. We are proud to be part of the solution for Block and we look forward to working with many other financial companies in the future.”

“Managing supply chains is not something that a company does alone. It is a combined industry effort to reduce errors and to increase efficiency,” says Max Sills, Counsel at Block. “At Block, we recognize that OpenChain is a critical part of this in the open source ecosystem, and we see immense value in being part of the strategic management around the ISO standard and the global community. We look forward to helping the open source supply chain become more efficient and more effective together.”

About Block

​Block (NYSE: SQ) is a global technology company with a focus on financial services. Made up of Square, Cash App, Spiral, TIDAL, and TBD], we build tools to help more people access the economy. Square helps sellers run and grow their businesses with its integrated ecosystem of commerce solutions, business software, and banking services. With Cash App, anyone can easily send, spend, or invest their money in stocks or Bitcoin. Spiral (formerly Square Crypto) builds and funds free, open-source Bitcoin projects. Artists use TIDAL to help them succeed as entrepreneurs and connect more deeply with fans. TBD is building an open developer platform to make it easier to access Bitcoin and other blockchain technologies without having to go through an institution.

About the OpenChain Project

The OpenChain Project maintains the International Standard for open source license compliance. This allows companies of all sizes and in all sectors to adopt the key requirements of a quality open source compliance program. This is an open standard and all parties are welcome to engage with our community, to share their knowledge, and to contribute to the future of our standard.

About The Linux Foundation

The Linux Foundation is the organization of choice for the world’s top developers and companies to build ecosystems that accelerate open technology development and industry adoption. Together with the worldwide open source community, it is solving the hardest technology problems by creating the largest shared technology investment in history. Founded in 2000, The Linux Foundation today provides tools, training and events to scale any open source project, which together deliver an economic impact not achievable by any one company. More information can be found at www.linuxfoundation.org.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage.

Linux is a registered trademark of Linus Torvalds.