Skip to main content

BlackBerry Announces First North American OpenChain Security Assurance Specification Conformance

BlackBerry Limited (NYSE: BB; TSX: BB) announces adoption of the OpenChain Security Assurance Specification 1.1, creating a series of landmarks in doing so. BlackBerry is the first whole entity to announce conformance, the first conformance in the Americas, the first multinational company conformance, and first entity to achieve conformance with both OpenChain/ISO5230:2020 and OpenChain Security Assurance 1.1 with an OpenChain Partner, OSS Consultants. This announcement builds on their previous adoption of OpenChain ISO/IEC 5230:2020, the international standard for open source license compliance. OpenChain Security Assurance Specification 1.1 is the sister standard to ISO/IEC 5230, and is also slated to become an ISO standard later in 2023.

OpenChain has a collaborative global community of companies working to build a more effective and efficient supply chain to create trust between entities around open source; working to increase trust in the open source supply chain. With thousands of people from hundreds of companies actively involved, it is a key part of the governance fabric behind open source technology. BlackBerry is the first company in North America to gain company-wide OpenChain Security Assurance conformance, and the first to collaborate with an official OpenChain Partner Company, OSS Consultants.

“BlackBerry has long been synonymous with excellence in process management, and their engagement with OpenChain standards underlines this,” says Shane Coughlan, OpenChain General Manager. “Their previous whole-entity adoption of ISO/IEC 5230, the international standard for open source license compliance, set an important market example. Their market-leadership is continued today with the world’s first whole entity adoption of the OpenChain Security Assurance Specification, the industry standard for open source security assurance. We look forward to working closely together in continuing to drive sustainable, efficient software supply chains.”

“BlackBerry has one of the deepest commitments in this industry to bringing increased peace of mind to enterprise and governmental organizations,” said Russ Eling, CEO OSS Consultants. “This added certification highlights BlackBerry’s position as a trusted supply chain vendor and serves as an example for others to follow. BlackBerry was able to meet the specification through its existing policies and processes due to its long history and commitments to responsible management of open source. BlackBerry has a team of experts who have developed their practices, tooling, and operational capability to manage the vulnerabilities that arise within open source libraries.”

About BlackBerry

BlackBerry (NYSE: BB; TSX: BB) provides intelligent security software and services to enterprises and governments around the world. The company secures more than 500M endpoints including 215M vehicles. Based in Waterloo, Ontario, the company leverages AI and machine learning to deliver innovative solutions in the areas of cybersecurity, safety and data privacy solutions, and is a leader in the areas of endpoint security, endpoint management, encryption, and embedded systems.  BlackBerry’s vision is clear — to secure a connected future you can trust.

BlackBerry. Intelligent Security. Everywhere. 
For more information, visit and follow @BlackBerry.  

Trademarks, including but not limited to BLACKBERRY, EMBLEM Design and QNX are the trademarks or registered trademarks of BlackBerry Limited, its subsidiaries and/or affiliates, used under license, and the exclusive rights to such trademarks are expressly reserved.

About OSS Consultants:

OSS Consultants is a business dedicated to helping organizations of all sizes – from the world’s largest and well-known companies to small businesses and start-ups – design, implement, and manage the most efficient, comprehensive and robust open-source program offices and policies on the planet. Service offerings range from a scan and audit of your third-party and proprietary software to creating a full OSPO within your organization. Find more information at

About the OpenChain Project

The OpenChain Project maintains the International Standard for open source license compliance. This allows companies of all sizes and in all sectors to adopt the key requirements of a quality open source compliance program. This is an open standard and all parties are welcome to engage with our community, to share their knowledge, and to contribute to the future of our standard.

About The Linux Foundation

The Linux Foundation is the organization of choice for the world’s top developers and companies to build ecosystems that accelerate open technology development and industry adoption. Together with the worldwide open source community, it is solving the hardest technology problems by creating the largest shared technology investment in history. Founded in 2000, The Linux Foundation today provides tools, training and events to scale any open source project, which together deliver an economic impact not achievable by any one company. More information can be found at

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page:

Linux is a registered trademark of Linus Torvalds.


Media Contact:

OSS Consultants Media Relations