Taipei, Taiwan — Sun Square has been officially recognized as both an OpenChain Service Provider and a Third-Party Certifier. This dual status enables the company to support global organizations in adopting ISO/IEC 5230 and ISO/IEC 18974, improving open source governance and software supply chain security.
This dual recognition enables Sun Square to support organizations adopting ISO/IEC 5230 (Open Source License Compliance) and ISO/IEC 18974 (Open Source Security Assurance), helping them build transparent and secure software-supply-chain governance.
The OpenChain Project, led by the Linux Foundation, establishes global standards for open source software supply chains. Its core specification, ISO/IEC 5230, defines best practices for license compliance, while ISO/IEC 18974 extends those principles to vulnerability management and security control.
As both a Service Provider and a Third-Party Certifier, Sun Square bridges advisory guidance with independent assessment. This combined capability allows enterprises to develop robust processes and obtain formal certification demonstrating their commitment to international standards.
“Becoming an OpenChain Partner reflects Sun Square’s long-term commitment to open collaboration and secure software supply chains,” said SZ Lin (林上智), Chief Cybersecurity Advisor at Sun Square. “By combining our OT cybersecurity and open source compliance expertise with OpenChain’s global framework, we aim to enable organizations to strengthen governance and resilience throughout the software lifecycle.”
Sun Square offers integrated services that include OT cybersecurity training and advisory based on the ISA/IEC 62443 standard, open source compliance and security governance for ISO/IEC 5230 and 18974 implementation, and software lifecycle security management covering SBOM development and vulnerability remediation.
By combining international standards with local implementation expertise, Sun Square continues to promote trusted and sustainable open source and cybersecurity practices in Taiwan and across the Asia-Pacific region.
About Sun Square
Sun Square Co., Ltd., headquartered in Taiwan and serving clients worldwide, provides cybersecurity and open source advisory services that help organizations align with international standards and regulations. The company specializes in OT security training, open source compliance, and software supply chain assurance, delivering consulting, training, and certification support aligned with ISO/IEC 5230, ISO/IEC 18974, and other global standards.
About the OpenChain Project:
The OpenChain Project has an extensive global community of over 1,000 companies collaborating to make the supply chain quicker, more effective and more efficient. It maintains OpenChain ISO/IEC 5230, the international standard for open source license compliance programs and OpenChain ISO/IEC 18974, the industry standard for open source security assurance programs.
About The Linux Foundation:
The Linux Foundation is the world’s leading home for collaboration on open source software, hardware, standards, and data. Linux Foundation projects are critical to the world’s infrastructure, including Linux, Kubernetes, Node.js, ONAP, PyTorch, RISC-V, SPDX, OpenChain, and more. The Linux Foundation focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.
