Skip to main content

Welcome to our series of interviews with the people behind the OpenChain Project. While open source is mostly about software, and governance is mostly about licenses, it is also the story of thousands of individuals collaborating. We hope these interviews will inform and inspire our readers, and encourage more people to participate in open source and OpenChain.

Our fourteenth interview is with SZ Lin from Moxa

As a leading provider of industrial edge-to-cloud connectivity and computing solutions for Industrial Internet of Things (IIoT) environments, Moxa recently joined the OpenChain project as a Platinum Member to demonstrate its continuous commitment to open-source compliance. 

Moxa’s SZ Lin is a key contributor to the OpenChain project. He helps localise OpenChain material in Mandarin and lead OpenChain discussions in the local community in Taiwan. 

You have been involved with technology for a while, and you now have a leadership position in Open Source. Can you tell us a little about how you joined your company, why you are involved in technology development, and how you first discovered Open Source?

I joined Moxa in 2010 as a R&D engineer in the Industrial and Embedded Computers Department. During my nine-year service in that department, I learned that open-source software (OSS) greatly increases the quality and efficiency of any product development by allowing you to leverage the intelligence from worldwide communities. For example, many of the award-winning Moxa products that are highly recognised in the global market are Linux based. This illustrates very clearly the benefit of properly leveraging OSS to build excellent products. Realising the beauty of open source, I became an OSS advocate as well as a Debian developer for integrating and maintaining various open-source projects into Debian archives in my spare time, including Modbus, the widely-adopted industrial communication protocols. In early 2019, I transferred to Moxa’s Embedded Linux Center, a newly formed R&D department for embedded Linux distributions, serving as the foundation for Moxa’s embedded systems. In this department, my role is to optimise the management of OSS across Moxa’s business units and product lines. 

Your involvement in open source is very interesting. Software is behind most of our technology and Open Source is behind most of our software. However, in relative terms there are few coordinators, managers or lawyers with significant experience of this approach to technology. How did you become a decision maker in your companies use of open source?

Rather than being a decision maker, my role is more specifically to help the developers and engineers of various product teams find the right open-source software that best fits their needs. We also integrate the OSS resources among various product teams to provide a holistic view in optimizing open-source governance.

Moxa has built its products on a great number of OSS. The collaboration between the open source community inside and outside the company has been the key driving force to bring more innovations in our offerings.

Moxa joined Linux Foundation and its Civil Infrastructure Platform (CIP) Project in 2018. In the CIP project, we have been working closely with Siemens, Toshiba, Hitachi, to name a few, to establish an open source “base layer” of industrial-grade software to enable the use and implementation of software building blocks in civil infrastructure projects.

On behalf of Moxa, I am a member of the technical steering committee that makes technical decisions and reviews the progress of each workgroup in the CIP project. I also chaired the kernel workgroup from 2018 to 2019 to standardise the policy and-procedure for kernel maintenance with a systematic approach.

OpenChain is all about Open Source compliance in the supply chain. Our industry standard builds trust and our reference material helps companies build processes to meet the standard. Approaching this discussion for the first time can be a little intimidating. Most people are modest about their understanding of licenses or choosing the “best” approach to solve a business challenge. It may be a strong word to use, but often a certain sense of fear makes people hesitate. How did you learn to approach this issue with a positive and open mind?

Despite OSS becoming indispensable to today’s technology companies, the complexity of licensing issues has been a great concern for organizations to integrate OSS. At Embedded Linux Center, our team’s role is to eliminate the uncertainty while providing support to our developers and engineering teams, and partnering with our supply chains.

The OpenChain project makes open-source license compliance simpler and more consistent across supply chains, and provides a framework that defines the key requirements of a quality open-source compliance program. Therefore, with the adoption of the OpenChain standard, we are able to incorporate a series of processes, policy, and training to streamline open-source compliance. 

Moreover, participation in the OpenChain project is a very good approach to solve the challenges. When I was first involved, I spent time better understanding OpenChain proactively. I was able to achieve many breakthroughs, and it also took Moxa to join the OpenChain project as the first Platinum Member in the Mandarin-speaking world. This speaks loudly of our commitment to open-source compliance.

One thing the OpenChain Project is concerned with is diversity. Our project is developing a long-term industry standard and our strategic perspective is measured in many years or even decades. To access the potential in our community we need to make sure gender or personal choices never make people feel unwelcome or excluded. In some markets like China and Korea around half of the people we work with are female. In other markets, such as Japan and the United States, the percentage of women is far less. Have you faced challenges because of gender and how did you overcome them?

From my observation, Moxa is a gender-equality employer that provides equal opportunities in employment and promotion to both male and female employees. At Moxa, I’ve never seen gender playing any role in career development. 

In my point of view, if any, the disproportion of gender participation in the OpenChain community may result from the different career interests between genders. I do encourage more women to pursue a career in engineering fields.

The next question is directly related to the last one. Because the OpenChain Project is concerned with diversity we must acknowledge that every part of our project needs to continually improve. Our social structures, our meeting formats, our processes to create or improve material. Everything needs to be considered to find any challenge to making people welcome and empowered. Can you assist us in this process with some suggestions for improvement?

The OpenChain project has done a great job to be both inclusive and empowering in regard to its mission.  The committee and the project team are both very encouraging and inspiring in taking new initiatives to promote OpenChain as a worldwide standard for open-source compliance. 

I really enjoy the friendly atmosphere in the meetings and discussions of the OpenChain project. With participants from different countries, we can make the OpenChain project better and more universal. It is impressive to see the OpenChain project expanding its reach to various countries, and we should keep the momentum. I look forward to seeing OpenChain become a formal ISO standard soon.    

All around the world age is a topic. Our populations are getting older and the social distance between young and old people seems to be growing. People in their early twenties seem to have very little in common with people in their forties or fifties. Of course, this is understandable and of course it has always existed between generations. However, in the context of Open Source, our population is aging too, with the average age of participants around 30~55. Maybe we have more older people than young people. Do you have any suggestions for how we can make young people interested and welcome in projects like OpenChain?

It’s inevitable that an OpenChain project is often initiated by relatively senior people in an organization since it requires many years of experience to understand the workflow and potential risks hidden in open-source license distribution. Yet that shouldn’t become a barrier for young generations. Once they have opportunities to learn the importance of open-source compliance, they certainly will take a keen interest in the OpenChain project. 

In recent years, the OSS developer community has been thriving in Taiwan. Taiwan’s “Digital Minister,” Audrey Tang (Tang Feng), is a prominent example. She is an OSS developer of great renown and has inspired the young generation and many developers in Taiwan since 2014. Then Tang even became Taiwan’s youngest ever government minister at the age of 35 in 2016. During the global COVID-19 outbreak, she led a team in various digital initiatives to combat the pandemic, for instance, creating an app with open data that shows face mask inventory levels at a glance. Tang’s achievement not only deeply impressed the world during the global pandemic, but also illustrated the vitality of the OSS community in Taiwan. 

With a role model such as Tang, many young developers in Taiwan are inspired and actively involved in OSS projects. As their involvement goes deeper with various OSS projects, the compliance issue will be ineluctable. By addressing the fundamental question: “Why is open source compliance important?” we can convince young generations to participate in and contribute to the OpenChain project. 

There is a big difference between tactical activities that solve day-to-day problems and strategic activities that solve bigger challenges. OpenChain is basically focused on strategy. This means our participants think about the future and it means we also have to think about how many tactical actions can serve a strategic mission. People often ask how to do this and they often mention that it is hard to think strategically when many business metrics are based on quarterly activities. Do you have any suggestions based on your own experience?

There is no doubt that compliance should come first when a company applies OSS in its business domain. However, developers and engineering teams shouldn’t take excessive workload to tackle the OSS license and distribution issues in their day-to-day work as the integration of OSS is an approach, not a major business goal.

At Moxa’s Embedded Linux Center, it is our team’s mission to automate the process and reduce the barriers to make open-source compliance easy and simple. With the adoption of OpenChain, we are taking a systematic approach while dynamically adjusting the business goals. Of course, it is very challenging for all organisations to strike a balance between strategic moves and day-to-day tactics. At Moxa, we divide strategic moves into phased plans to lower the impact on the near-term business objectives and to achieve the long-term organisation goals.

We have asked many serious questions in this interview. Each of your answers is extremely valuable for our current and our future community. OpenChain is all about sharing knowledge and helping everyone do better. However, we are not only a dry, factual community. We also have many positive social relationships and there is a hope or a goal that OpenChain can be fun too. We are all together collaborating to solve interesting challenges. Do you have any tips for how people can come into a project like OpenChain and find the experience rewarding personally as well as in a business sense?

As OpenChain has been adopted by more and more organisations as the official standard for open-source compliance, it is critical to make more people understand its benefit and importance by using a far-reaching approach.

My experience in the OpenChain community became especially rewarding when I joined the discussions. Yet, it’s hard to convince people outside the community until they become involved. To overcome this barrier, making the OpenChain stories in different organisations known to more people through media might be a good way to enhance awareness about OpenChain.

In addition, the OpenChain project might consider leveraging resources from its members to create media buzz across different countries. Japan is a very good example where OpenChain has become a booming topic within the local community there. In short, the OpenChain project needs more media exposure to raise awareness, especially when it reaches certain milestones, such as OpenChain becoming an ISO standard. 

Finally, you have been so kind to answer these questions in English and German. However, the future of open source and OpenChain is not in English, but instead in communication from Mandarin to Hindi to German. The future is making sure people in each nation can work together freely. We already hold the local work group meetings in the local language but is there a way we can reduce language barriers even more?

The OpenChain project is taking the right approach by localising the OpenChain training materials for audiences around the world. I think localisation plays a crucial role in promoting OpenChain project across regions and countries. Therefore, I localised the OpenChain 2.0 materials and make it more accessible to Mandarin-speaking people.  

For the past two years, Moxa has been working closely with Sony, Panasonic, and local-open-source communities to organise a number of open-source compliance seminars to promote the OpenChain standard in Taiwan. As the first Platinum Member of the OpenChain project in the Mandarin-speaking world, Moxa has also introduced OpenChain to the local communities on various occasions, such as Hong Kong Open Source Conference and Conference for Open Source Coders, Users and Promoters (COSCUP), the biggest annual open-source conference in Taiwan. With participation in local open-source events, we can effectively engage more audiences while greatly reducing language barriers.

Thank you SZ Lin for your time and thoughts!