SlideShare a Scribd company logo

A Brief Introduction to OpenChain - June 2020

Download as PPTX, PDF
Shane Coughlan
Shane Coughlan

A Brief Introduction to OpenChain - June 2020 These are the overview slides explaining the OpenChain Project with embedded speaker notes. Please use freely to spread the word.

Software
1 of 29
How do I trust my open source supply chain?
Context 2 1400+ Members From 41 Countries 80% of Fortune 100 Tech & Telecom 35,000+ Developers Contributing Code 170+ Open Source Projects $16B Shared Value This is the Linux Foundation
Open Compliance Program Solutions Processes Bill of Materials Tooling https://compliance.linuxfoundation.org/ SPS SPDX Tools
OpenChain Platinum Member Companies 4
The OpenChain Project defines the key requirements of a quality open source compliance program.
outbound upstream downstream inbound Training Policy Process OpenChain Defines Inflection Points
Result: Predictable B2B Compliance Activity
9 Example Conformant Organizations
• Main List (3,700+ participants) • GitHub (105+ participants) • Automotive (115+ participants) • Reference Tooling (160+ participants) • China (105+ participants) • Japan (190+ participants) • Korea (40+ participants) • Taiwan (40+ participants) • India (40+ participants) • Germany (30+ participants) Work Groups + Lists + GitHub
Our Online Self-Certification Questionnaire
12 Comprehensive Reference Material
13
14
Partner Program 15
Partner Program 16
Partner Program 17
Partner Program 18
Global Third-Party Certification
OpenChain in ISO – Formal Standardization The OpenChain Project has submitted our specification to ISO via Publicly Available Specification (PAS) in Joint Technical Committee 1 (JTC-1). The ISO submission is available at: • https://wiki.linuxfoundation.org/_media/openchain/openchainsp ec-2.1.draft.pdf Working in partnership with in partnership with Joint Development Foundation we expect to become a formal standard in Q3 2020.
The OpenChain standard can be met by: Self-Certification Independent Compliance Assessment Third Party Certification Freedom of Choice for Customers and Suppliers
Self-Certification is at the heart of the OpenChain industry standard. Companies can access a series of yes/no questions to determine if they have implemented the key requirements of a quality open source compliance program. These questions can be found here: https://certification.openchainproject.org Self-Certification
Independent Compliance Assessment works in the same was as the Independent Assessments in other standards. An independent party such as a law firm, consultancy or accounting firm reviews the product of an OpenChain Self-Assessment and offers guidance on whether they perceive it as complete. Independent Compliance Assessment
Third-Party Certification is a process whereby a certification authority guides a company through an OpenChain Conformance Process. The certification authority then issues a formal certification document. This activity maps precisely to the forms of third-party certification observed around automotive, infrastructure and similar fields. Third-Party Certification
The OpenChain industry standard has been carefully designed by user companies to identify the inflection points where a process, policy or training should be implemented in an open source compliance program. Our experience shows that self-certification is an effective method of reducing risk and increasing efficiency. That said, the choice of self-certification, independent compliance assessment or third-party certification depends on each business sector and customer base. We seek to provide freedom of choice.
OpenChain is run by user companies for user companies. This companies are collaborating to create clear, shared and effective approaches to managing open source code.
OpenChain is well positioned to support and improve supply chain management best practices applicable to vulnerability management. We currently have an active dialogue on how this can be accomplished and all parties are welcome to contribute.
Be Part of This Join our community: https://www.openchainproject.org/get-started Self-Certify or Health Check an organization: https://certification.openchainproject.org
scoughlan@linuxfoundation.org www.openchainproject.org

Recommended

A Brief Introduction to OpenChain - May 2020 - Update1
A Brief Introduction to OpenChain - May 2020 - Update1A Brief Introduction to OpenChain - May 2020 - Update1
A Brief Introduction to OpenChain - May 2020 - Update1Shane Coughlan
 
A Brief Introduction to OpenChain - May 2020
A Brief Introduction to OpenChain - May 2020A Brief Introduction to OpenChain - May 2020
A Brief Introduction to OpenChain - May 2020Shane Coughlan
 
OpenChain as a Standard
OpenChain as a StandardOpenChain as a Standard
OpenChain as a StandardShane Coughlan
 
Processes Missing from OpenChain
Processes Missing from OpenChainProcesses Missing from OpenChain
Processes Missing from OpenChainShane Coughlan
 
COAC Presentation March 26 2015
COAC Presentation March 26 2015COAC Presentation March 26 2015
COAC Presentation March 26 2015U.S. Consumer Product Safety Commission
 
OpenChain: Great Open Source Compliance for Everyone (Version 7)
OpenChain: Great Open Source Compliance for Everyone (Version 7)OpenChain: Great Open Source Compliance for Everyone (Version 7)
OpenChain: Great Open Source Compliance for Everyone (Version 7)Shane Coughlan
 
Great Open Source Compliance For Everyone - Version 11
Great Open Source Compliance For Everyone - Version 11Great Open Source Compliance For Everyone - Version 11
Great Open Source Compliance For Everyone - Version 11Shane Coughlan
 
Great Open Source Compliance for Everyone - Version 6
Great Open Source Compliance for Everyone - Version 6Great Open Source Compliance for Everyone - Version 6
Great Open Source Compliance for Everyone - Version 6Shane Coughlan
 

Recommended

A Brief Introduction to OpenChain - May 2020 - Update1
A Brief Introduction to OpenChain - May 2020 - Update1A Brief Introduction to OpenChain - May 2020 - Update1
A Brief Introduction to OpenChain - May 2020 - Update1Shane Coughlan
 
A Brief Introduction to OpenChain - May 2020
A Brief Introduction to OpenChain - May 2020A Brief Introduction to OpenChain - May 2020
A Brief Introduction to OpenChain - May 2020Shane Coughlan
 
OpenChain as a Standard
OpenChain as a StandardOpenChain as a Standard
OpenChain as a StandardShane Coughlan
 
Processes Missing from OpenChain
Processes Missing from OpenChainProcesses Missing from OpenChain
Processes Missing from OpenChainShane Coughlan
 
COAC Presentation March 26 2015
COAC Presentation March 26 2015COAC Presentation March 26 2015
COAC Presentation March 26 2015U.S. Consumer Product Safety Commission
 
OpenChain: Great Open Source Compliance for Everyone (Version 7)
OpenChain: Great Open Source Compliance for Everyone (Version 7)OpenChain: Great Open Source Compliance for Everyone (Version 7)
OpenChain: Great Open Source Compliance for Everyone (Version 7)Shane Coughlan
 
Great Open Source Compliance For Everyone - Version 11
Great Open Source Compliance For Everyone - Version 11Great Open Source Compliance For Everyone - Version 11
Great Open Source Compliance For Everyone - Version 11Shane Coughlan
 
Great Open Source Compliance for Everyone - Version 6
Great Open Source Compliance for Everyone - Version 6Great Open Source Compliance for Everyone - Version 6
Great Open Source Compliance for Everyone - Version 6Shane Coughlan
 
Free and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainFree and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainShane Coughlan
 
Open Source in ISO Building the First LF Standard in Fourteen Years and What ...
Open Source in ISO Building the First LF Standard in Fourteen Years and What ...Open Source in ISO Building the First LF Standard in Fourteen Years and What ...
Open Source in ISO Building the First LF Standard in Fourteen Years and What ...Shane Coughlan
 
Whitepaper For Open Gp
Whitepaper For Open GpWhitepaper For Open Gp
Whitepaper For Open Gphansfrisvold
 
A Brief Introduction to OpenChain - February 2020
A Brief Introduction to OpenChain - February 2020A Brief Introduction to OpenChain - February 2020
A Brief Introduction to OpenChain - February 2020Shane Coughlan
 
451 Sugarcrm Aslett
451 Sugarcrm Aslett451 Sugarcrm Aslett
451 Sugarcrm AslettMatthew Aslett
 
OpenAthens Conference 2018 - Don Thibeau - OpenID Connect
OpenAthens Conference 2018 - Don Thibeau - OpenID ConnectOpenAthens Conference 2018 - Don Thibeau - OpenID Connect
OpenAthens Conference 2018 - Don Thibeau - OpenID ConnectOpenAthens
 
OpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case StudiesOpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case StudiesShane Coughlan
 
Business Process Analysis and Insights COPIS
Business Process Analysis and Insights COPISBusiness Process Analysis and Insights COPIS
Business Process Analysis and Insights COPISArthur L. Burris, Jr, MBA, BB
 
Colombia The Open Group
Colombia The Open GroupColombia The Open Group
Colombia The Open GroupLeonardo Octavio Ramirez Gonzalez
 
OpenChain 2.0 specification in a nutshell
OpenChain 2.0 specification in a nutshellOpenChain 2.0 specification in a nutshell
OpenChain 2.0 specification in a nutshellSZ Lin
 
Top Software panies to Outsource.pdfTesting Com
Top Software panies to Outsource.pdfTesting ComTop Software panies to Outsource.pdfTesting Com
Top Software panies to Outsource.pdfTesting ComMindfire LLC
 
Robotic Process Automation
Robotic Process AutomationRobotic Process Automation
Robotic Process AutomationNext Space Pvt. Ltd
 
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...Paris Open Source Summit
 
APP Academy: Distribute Your App Through Automation (October 13, 2014)
APP Academy: Distribute Your App Through Automation (October 13, 2014)APP Academy: Distribute Your App Through Automation (October 13, 2014)
APP Academy: Distribute Your App Through Automation (October 13, 2014)Salesforce Partners
 
OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17Shane Coughlan
 
Agile Practices for Transitioning to SAP S/4HANA®
Agile Practices for Transitioning to SAP S/4HANA® Agile Practices for Transitioning to SAP S/4HANA®
Agile Practices for Transitioning to SAP S/4HANA® panayaofficial
 
Product Sheet For Open Gp
Product Sheet For Open GpProduct Sheet For Open Gp
Product Sheet For Open Gphansfrisvold
 
Future audit analytics
Future audit analyticsFuture audit analytics
Future audit analyticsJim Kaplan CIA CFE
 
Life sciences quality management system vendor software benchmark survey feb2014
Life sciences quality management system vendor software benchmark survey feb2014Life sciences quality management system vendor software benchmark survey feb2014
Life sciences quality management system vendor software benchmark survey feb2014Quality & Regulatory Network LLC
 
Procurement Exchange - An australian innovation
Procurement Exchange - An australian innovationProcurement Exchange - An australian innovation
Procurement Exchange - An australian innovationGlenn Turley
 
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingOpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingShane Coughlan
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingShane Coughlan
 

More Related Content

Similar to A Brief Introduction to OpenChain - June 2020

Free and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainFree and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainShane Coughlan
 
Open Source in ISO Building the First LF Standard in Fourteen Years and What ...
Open Source in ISO Building the First LF Standard in Fourteen Years and What ...Open Source in ISO Building the First LF Standard in Fourteen Years and What ...
Open Source in ISO Building the First LF Standard in Fourteen Years and What ...Shane Coughlan
 
Whitepaper For Open Gp
Whitepaper For Open GpWhitepaper For Open Gp
Whitepaper For Open Gphansfrisvold
 
A Brief Introduction to OpenChain - February 2020
A Brief Introduction to OpenChain - February 2020A Brief Introduction to OpenChain - February 2020
A Brief Introduction to OpenChain - February 2020Shane Coughlan
 
OpenAthens Conference 2018 - Don Thibeau - OpenID Connect
OpenAthens Conference 2018 - Don Thibeau - OpenID ConnectOpenAthens Conference 2018 - Don Thibeau - OpenID Connect
OpenAthens Conference 2018 - Don Thibeau - OpenID ConnectOpenAthens
 
OpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case StudiesOpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case StudiesShane Coughlan
 
OpenChain 2.0 specification in a nutshell
OpenChain 2.0 specification in a nutshellOpenChain 2.0 specification in a nutshell
OpenChain 2.0 specification in a nutshellSZ Lin
 
Top Software panies to Outsource.pdfTesting Com
Top Software panies to Outsource.pdfTesting ComTop Software panies to Outsource.pdfTesting Com
Top Software panies to Outsource.pdfTesting ComMindfire LLC
 
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...Paris Open Source Summit
 
APP Academy: Distribute Your App Through Automation (October 13, 2014)
APP Academy: Distribute Your App Through Automation (October 13, 2014)APP Academy: Distribute Your App Through Automation (October 13, 2014)
APP Academy: Distribute Your App Through Automation (October 13, 2014)Salesforce Partners
 
OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17Shane Coughlan
 
Agile Practices for Transitioning to SAP S/4HANA®
Agile Practices for Transitioning to SAP S/4HANA® Agile Practices for Transitioning to SAP S/4HANA®
Agile Practices for Transitioning to SAP S/4HANA® panayaofficial
 
Product Sheet For Open Gp
Product Sheet For Open GpProduct Sheet For Open Gp
Product Sheet For Open Gphansfrisvold
 
Life sciences quality management system vendor software benchmark survey feb2014
Life sciences quality management system vendor software benchmark survey feb2014Life sciences quality management system vendor software benchmark survey feb2014
Life sciences quality management system vendor software benchmark survey feb2014Quality & Regulatory Network LLC
 
Procurement Exchange - An australian innovation
Procurement Exchange - An australian innovationProcurement Exchange - An australian innovation
Procurement Exchange - An australian innovationGlenn Turley
 

Similar to A Brief Introduction to OpenChain - June 2020 (20)

Free and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainFree and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply Chain
 
Open Source in ISO Building the First LF Standard in Fourteen Years and What ...
Open Source in ISO Building the First LF Standard in Fourteen Years and What ...Open Source in ISO Building the First LF Standard in Fourteen Years and What ...
Open Source in ISO Building the First LF Standard in Fourteen Years and What ...
 
Whitepaper For Open Gp
Whitepaper For Open GpWhitepaper For Open Gp
Whitepaper For Open Gp
 
A Brief Introduction to OpenChain - February 2020
A Brief Introduction to OpenChain - February 2020A Brief Introduction to OpenChain - February 2020
A Brief Introduction to OpenChain - February 2020
 
451 Sugarcrm Aslett
451 Sugarcrm Aslett451 Sugarcrm Aslett
451 Sugarcrm Aslett
 
OpenAthens Conference 2018 - Don Thibeau - OpenID Connect
OpenAthens Conference 2018 - Don Thibeau - OpenID ConnectOpenAthens Conference 2018 - Don Thibeau - OpenID Connect
OpenAthens Conference 2018 - Don Thibeau - OpenID Connect
 
OpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case StudiesOpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case Studies
 
Business Process Analysis and Insights COPIS
Business Process Analysis and Insights COPISBusiness Process Analysis and Insights COPIS
Business Process Analysis and Insights COPIS
 
Colombia The Open Group
Colombia The Open GroupColombia The Open Group
Colombia The Open Group
 
OpenChain 2.0 specification in a nutshell
OpenChain 2.0 specification in a nutshellOpenChain 2.0 specification in a nutshell
OpenChain 2.0 specification in a nutshell
 
Top Software panies to Outsource.pdfTesting Com
Top Software panies to Outsource.pdfTesting ComTop Software panies to Outsource.pdfTesting Com
Top Software panies to Outsource.pdfTesting Com
 
Robotic Process Automation
Robotic Process AutomationRobotic Process Automation
Robotic Process Automation
 
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
 
APP Academy: Distribute Your App Through Automation (October 13, 2014)
APP Academy: Distribute Your App Through Automation (October 13, 2014)APP Academy: Distribute Your App Through Automation (October 13, 2014)
APP Academy: Distribute Your App Through Automation (October 13, 2014)
 
OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17
 
Agile Practices for Transitioning to SAP S/4HANA®
Agile Practices for Transitioning to SAP S/4HANA® Agile Practices for Transitioning to SAP S/4HANA®
Agile Practices for Transitioning to SAP S/4HANA®
 
Product Sheet For Open Gp
Product Sheet For Open GpProduct Sheet For Open Gp
Product Sheet For Open Gp
 
Future audit analytics
Future audit analyticsFuture audit analytics
Future audit analytics
 
Life sciences quality management system vendor software benchmark survey feb2014
Life sciences quality management system vendor software benchmark survey feb2014Life sciences quality management system vendor software benchmark survey feb2014
Life sciences quality management system vendor software benchmark survey feb2014
 
Procurement Exchange - An australian innovation
Procurement Exchange - An australian innovationProcurement Exchange - An australian innovation
Procurement Exchange - An australian innovation
 

More from Shane Coughlan

OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingOpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingShane Coughlan
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingShane Coughlan
 
OpenChain Monthly Meeting North America and Asia - 2024-03-19
OpenChain Monthly Meeting North America and Asia - 2024-03-19OpenChain Monthly Meeting North America and Asia - 2024-03-19
OpenChain Monthly Meeting North America and Asia - 2024-03-19Shane Coughlan
 
OpenChain Webinar: Universal CVSS Calculator
OpenChain Webinar: Universal CVSS CalculatorOpenChain Webinar: Universal CVSS Calculator
OpenChain Webinar: Universal CVSS CalculatorShane Coughlan
 
openEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scaleopenEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scaleShane Coughlan
 
OpenChain AI Study Group - North America and Europe - 2024-02-20
OpenChain AI Study Group - North America and Europe - 2024-02-20OpenChain AI Study Group - North America and Europe - 2024-02-20
OpenChain AI Study Group - North America and Europe - 2024-02-20Shane Coughlan
 
AI Study Group North America - Europe 2024-02-06
AI Study Group North America - Europe 2024-02-06AI Study Group North America - Europe 2024-02-06
AI Study Group North America - Europe 2024-02-06Shane Coughlan
 
OpenChain Monthly North America / Europe Call - 2024-02-06
OpenChain Monthly North America / Europe Call - 2024-02-06OpenChain Monthly North America / Europe Call - 2024-02-06
OpenChain Monthly North America / Europe Call - 2024-02-06Shane Coughlan
 
OpenChain Export Control Work Group 2024-01-09
OpenChain Export Control Work Group 2024-01-09OpenChain Export Control Work Group 2024-01-09
OpenChain Export Control Work Group 2024-01-09Shane Coughlan
 
Openchain AI Study Group 2024-01-23.pptx
Openchain AI Study Group 2024-01-23.pptxOpenchain AI Study Group 2024-01-23.pptx
Openchain AI Study Group 2024-01-23.pptxShane Coughlan
 
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...Shane Coughlan
 
Maturity Models - Open Compliance Summit 2023
Maturity Models - Open Compliance Summit 2023Maturity Models - Open Compliance Summit 2023
Maturity Models - Open Compliance Summit 2023Shane Coughlan
 
OpenChain Annual Report 2023 - Key Metrics Slides
OpenChain Annual Report 2023 - Key Metrics SlidesOpenChain Annual Report 2023 - Key Metrics Slides
OpenChain Annual Report 2023 - Key Metrics SlidesShane Coughlan
 
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27Shane Coughlan
 
FOSSLight Community Day 2023-11-30
FOSSLight Community Day 2023-11-30FOSSLight Community Day 2023-11-30
FOSSLight Community Day 2023-11-30Shane Coughlan
 
OpenChain Webinar #56: Generative AI and Your Code
OpenChain Webinar #56: Generative AI and Your CodeOpenChain Webinar #56: Generative AI and Your Code
OpenChain Webinar #56: Generative AI and Your CodeShane Coughlan
 
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptx
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptxFrom One Standard to a Family - Taiwan Work Group - 2023-08-15.pptx
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptxShane Coughlan
 
OpenChain Japan Work Group Meeting #28 - 2023-07-11
OpenChain Japan Work Group Meeting #28 - 2023-07-11OpenChain Japan Work Group Meeting #28 - 2023-07-11
OpenChain Japan Work Group Meeting #28 - 2023-07-11Shane Coughlan
 
OpenChain Legal Work Group - 2023-06-29
OpenChain Legal Work Group - 2023-06-29OpenChain Legal Work Group - 2023-06-29
OpenChain Legal Work Group - 2023-06-29Shane Coughlan
 
OpenChain Webinar #53 – OpenSCA
OpenChain Webinar #53 – OpenSCAOpenChain Webinar #53 – OpenSCA
OpenChain Webinar #53 – OpenSCAShane Coughlan
 

More from Shane Coughlan (20)

OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingOpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
 
OpenChain Monthly Meeting North America and Asia - 2024-03-19
OpenChain Monthly Meeting North America and Asia - 2024-03-19OpenChain Monthly Meeting North America and Asia - 2024-03-19
OpenChain Monthly Meeting North America and Asia - 2024-03-19
 
OpenChain Webinar: Universal CVSS Calculator
OpenChain Webinar: Universal CVSS CalculatorOpenChain Webinar: Universal CVSS Calculator
OpenChain Webinar: Universal CVSS Calculator
 
openEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scaleopenEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scale
 
OpenChain AI Study Group - North America and Europe - 2024-02-20
OpenChain AI Study Group - North America and Europe - 2024-02-20OpenChain AI Study Group - North America and Europe - 2024-02-20
OpenChain AI Study Group - North America and Europe - 2024-02-20
 
AI Study Group North America - Europe 2024-02-06
AI Study Group North America - Europe 2024-02-06AI Study Group North America - Europe 2024-02-06
AI Study Group North America - Europe 2024-02-06
 
OpenChain Monthly North America / Europe Call - 2024-02-06
OpenChain Monthly North America / Europe Call - 2024-02-06OpenChain Monthly North America / Europe Call - 2024-02-06
OpenChain Monthly North America / Europe Call - 2024-02-06
 
OpenChain Export Control Work Group 2024-01-09
OpenChain Export Control Work Group 2024-01-09OpenChain Export Control Work Group 2024-01-09
OpenChain Export Control Work Group 2024-01-09
 
Openchain AI Study Group 2024-01-23.pptx
Openchain AI Study Group 2024-01-23.pptxOpenchain AI Study Group 2024-01-23.pptx
Openchain AI Study Group 2024-01-23.pptx
 
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
 
Maturity Models - Open Compliance Summit 2023
Maturity Models - Open Compliance Summit 2023Maturity Models - Open Compliance Summit 2023
Maturity Models - Open Compliance Summit 2023
 
OpenChain Annual Report 2023 - Key Metrics Slides
OpenChain Annual Report 2023 - Key Metrics SlidesOpenChain Annual Report 2023 - Key Metrics Slides
OpenChain Annual Report 2023 - Key Metrics Slides
 
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
 
FOSSLight Community Day 2023-11-30
FOSSLight Community Day 2023-11-30FOSSLight Community Day 2023-11-30
FOSSLight Community Day 2023-11-30
 
OpenChain Webinar #56: Generative AI and Your Code
OpenChain Webinar #56: Generative AI and Your CodeOpenChain Webinar #56: Generative AI and Your Code
OpenChain Webinar #56: Generative AI and Your Code
 
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptx
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptxFrom One Standard to a Family - Taiwan Work Group - 2023-08-15.pptx
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptx
 
OpenChain Japan Work Group Meeting #28 - 2023-07-11
OpenChain Japan Work Group Meeting #28 - 2023-07-11OpenChain Japan Work Group Meeting #28 - 2023-07-11
OpenChain Japan Work Group Meeting #28 - 2023-07-11
 
OpenChain Legal Work Group - 2023-06-29
OpenChain Legal Work Group - 2023-06-29OpenChain Legal Work Group - 2023-06-29
OpenChain Legal Work Group - 2023-06-29
 
OpenChain Webinar #53 – OpenSCA
OpenChain Webinar #53 – OpenSCAOpenChain Webinar #53 – OpenSCA
OpenChain Webinar #53 – OpenSCA
 

Recently uploaded

Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Rob Geurden
 
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...OnePlan Solutions
 
How to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationHow to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationBradBedford3
 
SoftTeco - Software Development Company Profile
SoftTeco - Software Development Company ProfileSoftTeco - Software Development Company Profile
SoftTeco - Software Development Company Profileakrivarotava
 
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdfEnhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdfRTS corp
 
Leveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + KobitonLeveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + KobitonApplitools
 
Introduction to Firebase Workshop Slides
Introduction to Firebase Workshop SlidesIntroduction to Firebase Workshop Slides
Introduction to Firebase Workshop Slidesvaideheekore1
 
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdfExploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdfkalichargn70th171
 
Machine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringMachine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringHironori Washizaki
 
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfComparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfDrew Moseley
 
VictoriaMetrics Anomaly Detection Updates: Q1 2024
VictoriaMetrics Anomaly Detection Updates: Q1 2024VictoriaMetrics Anomaly Detection Updates: Q1 2024
VictoriaMetrics Anomaly Detection Updates: Q1 2024VictoriaMetrics
 
Understanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM ArchitectureUnderstanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM Architecturerahul_net
 
Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on IdentityPost Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identityteam-WIBU
 
Salesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZSalesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZABSYZ Inc
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Angel Borroy López
 
SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?Alexandre Beguel
 
VK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web DevelopmentVK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web Developmentvyaparkranti
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...confluent
 
Osi security architecture in network.pptx
Osi security architecture in network.pptxOsi security architecture in network.pptx
Osi security architecture in network.pptxVinzoCenzo
 
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...OnePlan Solutions
 

Recently uploaded (20)

Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...
 
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
 
How to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationHow to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion Application
 
SoftTeco - Software Development Company Profile
SoftTeco - Software Development Company ProfileSoftTeco - Software Development Company Profile
SoftTeco - Software Development Company Profile
 
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdfEnhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
 
Leveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + KobitonLeveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
 
Introduction to Firebase Workshop Slides
Introduction to Firebase Workshop SlidesIntroduction to Firebase Workshop Slides
Introduction to Firebase Workshop Slides
 
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdfExploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
 
Machine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringMachine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their Engineering
 
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfComparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdf
 
VictoriaMetrics Anomaly Detection Updates: Q1 2024
VictoriaMetrics Anomaly Detection Updates: Q1 2024VictoriaMetrics Anomaly Detection Updates: Q1 2024
VictoriaMetrics Anomaly Detection Updates: Q1 2024
 
Understanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM ArchitectureUnderstanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM Architecture
 
Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on IdentityPost Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identity
 
Salesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZSalesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZ
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
 
SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?
 
VK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web DevelopmentVK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web Development
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
 
Osi security architecture in network.pptx
Osi security architecture in network.pptxOsi security architecture in network.pptx
Osi security architecture in network.pptx
 
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
 

A Brief Introduction to OpenChain - June 2020

  • 1. How do I trust my open source supply chain?
  • 2. Context 2 1400+ Members From 41 Countries 80% of Fortune 100 Tech & Telecom 35,000+ Developers Contributing Code 170+ Open Source Projects $16B Shared Value This is the Linux Foundation
  • 3. Open Compliance Program Solutions Processes Bill of Materials Tooling https://compliance.linuxfoundation.org/ SPS SPDX Tools
  • 5. The OpenChain Project defines the key requirements of a quality open source compliance program.
  • 7. Result: Predictable B2B Compliance Activity
  • 8.
  • 10. • Main List (3,700+ participants) • GitHub (105+ participants) • Automotive (115+ participants) • Reference Tooling (160+ participants) • China (105+ participants) • Japan (190+ participants) • Korea (40+ participants) • Taiwan (40+ participants) • India (40+ participants) • Germany (30+ participants) Work Groups + Lists + GitHub
  • 13. 13
  • 14. 14
  • 20. OpenChain in ISO – Formal Standardization The OpenChain Project has submitted our specification to ISO via Publicly Available Specification (PAS) in Joint Technical Committee 1 (JTC-1). The ISO submission is available at: • https://wiki.linuxfoundation.org/_media/openchain/openchainsp ec-2.1.draft.pdf Working in partnership with in partnership with Joint Development Foundation we expect to become a formal standard in Q3 2020.
  • 21. The OpenChain standard can be met by: Self-Certification Independent Compliance Assessment Third Party Certification Freedom of Choice for Customers and Suppliers
  • 22. Self-Certification is at the heart of the OpenChain industry standard. Companies can access a series of yes/no questions to determine if they have implemented the key requirements of a quality open source compliance program. These questions can be found here: https://certification.openchainproject.org Self-Certification
  • 23. Independent Compliance Assessment works in the same was as the Independent Assessments in other standards. An independent party such as a law firm, consultancy or accounting firm reviews the product of an OpenChain Self-Assessment and offers guidance on whether they perceive it as complete. Independent Compliance Assessment
  • 24. Third-Party Certification is a process whereby a certification authority guides a company through an OpenChain Conformance Process. The certification authority then issues a formal certification document. This activity maps precisely to the forms of third-party certification observed around automotive, infrastructure and similar fields. Third-Party Certification
  • 25. The OpenChain industry standard has been carefully designed by user companies to identify the inflection points where a process, policy or training should be implemented in an open source compliance program. Our experience shows that self-certification is an effective method of reducing risk and increasing efficiency. That said, the choice of self-certification, independent compliance assessment or third-party certification depends on each business sector and customer base. We seek to provide freedom of choice.
  • 26. OpenChain is run by user companies for user companies. This companies are collaborating to create clear, shared and effective approaches to managing open source code.
  • 27. OpenChain is well positioned to support and improve supply chain management best practices applicable to vulnerability management. We currently have an active dialogue on how this can be accomplished and all parties are welcome to contribute.
  • 28. Be Part of This Join our community: https://www.openchainproject.org/get-started Self-Certify or Health Check an organization: https://certification.openchainproject.org