SlideShare a Scribd company logo

Open Source at Scania

Download as PPTX, PDF
Shane Coughlan
Shane Coughlan

Open Source at Scania Part of the activities of the OpenChain Automotive Work Group Meeting #2

Software
1 of 20
open source at scania JONAS ÖBERG, chair of scania open source program
Jonas Öberg / Open Source at Scania Always 46% Sometimes 42% Rarely 10% Never 2% How often do you try to find open source alternatives?When we ask how often our developers try to find open source options over other kinds of software, we see that 88% of our developers sometimes or always try to use open source. That’s interesting, considering 43% felt there was no policy for open source, it was not permitted, or they didn’t know. Regardless of guidelines and whether open source is encouraged or not, it seems our developers still give some preference to open source. WE’re on the way, but the road is long!
Jonas Öberg / Open Source at Scania 26% 51% 18% 5% 0% 10% 20% 30% 40% 50% 60% Very interested Somewhat interested Not too interested Not interested at all how interested are you in contributing to open source? Finally, we asked whether our developers have an interest in contributing to open source in the future. 77% are somewhat or very interested in contributing to open source. This gives us some reassurance that if we provide our developers with clear guidelines for contributing to open source, many will take us up on the opportunity to do so.
supply chain freedrom to operate software
confidence in supply chain SPDX Bill-of- Material Mandatory Delivery of Required Compliance Artifacts OpenChain™ or TÜV SÜD TPS Standard PPP 15001A certification Q1 2020
Sure, we can do this! Q1 2019 Oh, this is actually hard work… Q4 2019 We now deliver!??
Export control is regulations that limit release of software, technology, services, knowledge to foreign countries: limiting our freedom to operate. Economic sanctions, trade restrictions, barriers, tariffs, embargoes. Designed to protect national security, foreign policy or domestic economic interests. confidence in freedom to operate
• Sensitive goods; software, technology and technical data, both physical items and transfer of software and technology (e.g. offering as download from a website) − Any goods transferred to a party with the intent of being used for military purposes, − Or, any goods which is part of the product control lists, which may be Dual Use items, i.e. items which can have both a civilian and military purpose. • Both require a license to export – unless they meet an exception • Applies regardless of how it’s transferred: electronically, post, on laptop when visiting foreign country, etc.. • Also apply to transfers within a group, e.g. Scania in Sweden to Scania in Brazil. What is affected by Export Control?
Self classify .. and then there are exceptions.. and exceptions to the exceptions. Quotation marks means the word is separately defined.
Contains Encryption? (Yes/No) Is encryption used for User Authentication? (Yes/No) Open-Source Encryption? (Yes/No) Generally available to the public by being sold without restriction from stock at retail points? (Yes/No) Encryption Type Used? (Symmetric/Asymmetric/Elliptic-Curve) Key-length used for the Encryption … Encryption Questionnaire
• The answers represent a statement of the capabilities of the software, easily understood by the developers. • Different organisations may interpret the answers differently. • No need for developers to make ECCN decisions. • Provides a way for developers to speak to export control groups. Interpretation
Introducing EXPORT.md Export-Declaration File v1.0 Contains-encryption: [Yes/No] Crypto-for-user-authentication: [Yes/No] ... Declared-ECCN: x-us:5D002 At least between Scania and FNC, we ask the same questions! And the answers can be shared. Export Control of Open Source Working Group – ECOS WG
confidence in softwareavoidance of physical harm
Open source / 3pp libraries/code Qualification Evidence that the software development process for the component is based on an appropriate national or international standard (e.g. ISO/IEC/IEEE 12207. Evidence that the software complies with its requirements, reactions to and description of anomalities etc. Complete code coverage including MC/DC (ASIL-D) 26262 Requirements Abridged No or almost no open source fulfilling this today.
tools TCL3 Confidence from use Evaluation of the tool development process Validation of the software tool Development according to a safety standard 26262 Requirements Highly recommends “For open source developments, some of the standards used by those communities can also be appropriate.” C,D C,D A,B A,B No or almost no open source fulfilling this today.
No or almost no open source fulfilling this today. Tomorrow?
supply chain OpenChain freedrom to operate export control of open source working group software ELISA ? Confidence
Jonas Öberg Scania CV AB <jonas.oberg@scania.com>

Recommended

IT Change Management Using JIRA
IT Change Management Using JIRAIT Change Management Using JIRA
IT Change Management Using JIRAAtlassian
 
Devops Intro - Devops for Unicorns & DevOps for Horses
Devops Intro - Devops for Unicorns & DevOps for HorsesDevops Intro - Devops for Unicorns & DevOps for Horses
Devops Intro - Devops for Unicorns & DevOps for HorsesBoonNam Goh
 
Cruise Control: Effortless management of Kafka clusters
Cruise Control: Effortless management of Kafka clustersCruise Control: Effortless management of Kafka clusters
Cruise Control: Effortless management of Kafka clustersPrateek Maheshwari
 
High Performance Software Engineering Teams
High Performance Software Engineering TeamsHigh Performance Software Engineering Teams
High Performance Software Engineering TeamsLars Thorup
 
Ditching the overhead - Moving Apache Kafka workloads into Amazon MSK - ADB30...
Ditching the overhead - Moving Apache Kafka workloads into Amazon MSK - ADB30...Ditching the overhead - Moving Apache Kafka workloads into Amazon MSK - ADB30...
Ditching the overhead - Moving Apache Kafka workloads into Amazon MSK - ADB30...Amazon Web Services
 
Hands-On with Amazon ElastiCache for Redis - Workshop (DAT309-R1) - AWS re:In...
Hands-On with Amazon ElastiCache for Redis - Workshop (DAT309-R1) - AWS re:In...Hands-On with Amazon ElastiCache for Redis - Workshop (DAT309-R1) - AWS re:In...
Hands-On with Amazon ElastiCache for Redis - Workshop (DAT309-R1) - AWS re:In...Amazon Web Services
 
Enterprise Architecture Governance: A Framework for Successful Business
Enterprise Architecture Governance: A Framework for Successful BusinessEnterprise Architecture Governance: A Framework for Successful Business
Enterprise Architecture Governance: A Framework for Successful BusinessNathaniel Palmer
 
Integrating Apache Kafka Into Your Environment
Integrating Apache Kafka Into Your EnvironmentIntegrating Apache Kafka Into Your Environment
Integrating Apache Kafka Into Your Environmentconfluent
 

Recommended

IT Change Management Using JIRA
IT Change Management Using JIRAIT Change Management Using JIRA
IT Change Management Using JIRAAtlassian
 
Devops Intro - Devops for Unicorns & DevOps for Horses
Devops Intro - Devops for Unicorns & DevOps for HorsesDevops Intro - Devops for Unicorns & DevOps for Horses
Devops Intro - Devops for Unicorns & DevOps for HorsesBoonNam Goh
 
Cruise Control: Effortless management of Kafka clusters
Cruise Control: Effortless management of Kafka clustersCruise Control: Effortless management of Kafka clusters
Cruise Control: Effortless management of Kafka clustersPrateek Maheshwari
 
High Performance Software Engineering Teams
High Performance Software Engineering TeamsHigh Performance Software Engineering Teams
High Performance Software Engineering TeamsLars Thorup
 
Ditching the overhead - Moving Apache Kafka workloads into Amazon MSK - ADB30...
Ditching the overhead - Moving Apache Kafka workloads into Amazon MSK - ADB30...Ditching the overhead - Moving Apache Kafka workloads into Amazon MSK - ADB30...
Ditching the overhead - Moving Apache Kafka workloads into Amazon MSK - ADB30...Amazon Web Services
 
Hands-On with Amazon ElastiCache for Redis - Workshop (DAT309-R1) - AWS re:In...
Hands-On with Amazon ElastiCache for Redis - Workshop (DAT309-R1) - AWS re:In...Hands-On with Amazon ElastiCache for Redis - Workshop (DAT309-R1) - AWS re:In...
Hands-On with Amazon ElastiCache for Redis - Workshop (DAT309-R1) - AWS re:In...Amazon Web Services
 
Enterprise Architecture Governance: A Framework for Successful Business
Enterprise Architecture Governance: A Framework for Successful BusinessEnterprise Architecture Governance: A Framework for Successful Business
Enterprise Architecture Governance: A Framework for Successful BusinessNathaniel Palmer
 
Integrating Apache Kafka Into Your Environment
Integrating Apache Kafka Into Your EnvironmentIntegrating Apache Kafka Into Your Environment
Integrating Apache Kafka Into Your Environmentconfluent
 
Five Pain Points of Agile Development (And How Software Version Management Ca...
Five Pain Points of Agile Development (And How Software Version Management Ca...Five Pain Points of Agile Development (And How Software Version Management Ca...
Five Pain Points of Agile Development (And How Software Version Management Ca...Perforce
 
Tips & Tricks for Apache Kafka®
Tips & Tricks for Apache Kafka®Tips & Tricks for Apache Kafka®
Tips & Tricks for Apache Kafka®confluent
 
Gitops: a new paradigm for software defined operations
Gitops: a new paradigm for software defined operationsGitops: a new paradigm for software defined operations
Gitops: a new paradigm for software defined operationsMariano Cunietti
 
Agile Network India | What does it take to Transform into Product Centric IT ...
Agile Network India | What does it take to Transform into Product Centric IT ...Agile Network India | What does it take to Transform into Product Centric IT ...
Agile Network India | What does it take to Transform into Product Centric IT ...AgileNetwork
 
How Pulsar Enables Netdata to Offer Unlimited Infrastructure Monitoring for F...
How Pulsar Enables Netdata to Offer Unlimited Infrastructure Monitoring for F...How Pulsar Enables Netdata to Offer Unlimited Infrastructure Monitoring for F...
How Pulsar Enables Netdata to Offer Unlimited Infrastructure Monitoring for F...StreamNative
 
Ingesting Data at Blazing Speed Using Apache Orc
Ingesting Data at Blazing Speed Using Apache OrcIngesting Data at Blazing Speed Using Apache Orc
Ingesting Data at Blazing Speed Using Apache OrcDataWorks Summit
 
Agile
AgileAgile
AgileRajiv Kane
 
Documentation in the agile software development process
Documentation in the agile software development processDocumentation in the agile software development process
Documentation in the agile software development processFabian Kiss
 
Adopting SAFe with JIRA
Adopting SAFe with JIRAAdopting SAFe with JIRA
Adopting SAFe with JIRACprime
 
Introduction to apache kafka
Introduction to apache kafkaIntroduction to apache kafka
Introduction to apache kafkaDimitris Kontokostas
 
Kafka Lag Monitoring For Human Beings (Elad Leev, AppsFlyer) Kafka Summit 2020
Kafka Lag Monitoring For Human Beings (Elad Leev, AppsFlyer) Kafka Summit 2020Kafka Lag Monitoring For Human Beings (Elad Leev, AppsFlyer) Kafka Summit 2020
Kafka Lag Monitoring For Human Beings (Elad Leev, AppsFlyer) Kafka Summit 2020HostedbyConfluent
 
Upgrade Preparation Best Practices & Templates | INNOVATE16
Upgrade Preparation Best Practices & Templates | INNOVATE16Upgrade Preparation Best Practices & Templates | INNOVATE16
Upgrade Preparation Best Practices & Templates | INNOVATE16Abraic, Inc.
 
Supercharge your teams with Value Stream Management by Richard Knaster
Supercharge your teams with Value Stream Management by Richard KnasterSupercharge your teams with Value Stream Management by Richard Knaster
Supercharge your teams with Value Stream Management by Richard KnasterBosnia Agile
 
Lean-Agile Journey @ Migros - Mit kleinen Schritten zu grossen Veränderungen
Lean-Agile Journey @ Migros - Mit kleinen Schritten zu grossen VeränderungenLean-Agile Journey @ Migros - Mit kleinen Schritten zu grossen Veränderungen
Lean-Agile Journey @ Migros - Mit kleinen Schritten zu grossen VeränderungenJoël Krapf
 
Archimate Viewpoints
Archimate ViewpointsArchimate Viewpoints
Archimate ViewpointsMaganathin Veeraragaloo
 
Solution architecture
Solution architectureSolution architecture
Solution architectureiasaglobal
 
What's new in the Scaled Agile Framework (SAFe) 6.0 - Agile Indy May 10th Meetup
What's new in the Scaled Agile Framework (SAFe) 6.0 - Agile Indy May 10th MeetupWhat's new in the Scaled Agile Framework (SAFe) 6.0 - Agile Indy May 10th Meetup
What's new in the Scaled Agile Framework (SAFe) 6.0 - Agile Indy May 10th MeetupYuval Yeret
 
Scalable complex event processing on samza @UBER
Scalable complex event processing on samza @UBERScalable complex event processing on samza @UBER
Scalable complex event processing on samza @UBERShuyi Chen
 
Free GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOpsFree GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOpsWeaveworks
 
Splunk observability
Splunk observabilitySplunk observability
Splunk observabilityVikram Kumar Yadav
 
Owasp_Security_Labeling_System
Owasp_Security_Labeling_SystemOwasp_Security_Labeling_System
Owasp_Security_Labeling_SystemluisenriquezA
 
Capability Building for Cyber Defense: Software Walk through and Screening
Capability Building for Cyber Defense: Software Walk through and Screening Capability Building for Cyber Defense: Software Walk through and Screening
Capability Building for Cyber Defense: Software Walk through and Screening Maven Logix
 

More Related Content

What's hot

Five Pain Points of Agile Development (And How Software Version Management Ca...
Five Pain Points of Agile Development (And How Software Version Management Ca...Five Pain Points of Agile Development (And How Software Version Management Ca...
Five Pain Points of Agile Development (And How Software Version Management Ca...Perforce
 
Tips & Tricks for Apache Kafka®
Tips & Tricks for Apache Kafka®Tips & Tricks for Apache Kafka®
Tips & Tricks for Apache Kafka®confluent
 
Gitops: a new paradigm for software defined operations
Gitops: a new paradigm for software defined operationsGitops: a new paradigm for software defined operations
Gitops: a new paradigm for software defined operationsMariano Cunietti
 
Agile Network India | What does it take to Transform into Product Centric IT ...
Agile Network India | What does it take to Transform into Product Centric IT ...Agile Network India | What does it take to Transform into Product Centric IT ...
Agile Network India | What does it take to Transform into Product Centric IT ...AgileNetwork
 
How Pulsar Enables Netdata to Offer Unlimited Infrastructure Monitoring for F...
How Pulsar Enables Netdata to Offer Unlimited Infrastructure Monitoring for F...How Pulsar Enables Netdata to Offer Unlimited Infrastructure Monitoring for F...
How Pulsar Enables Netdata to Offer Unlimited Infrastructure Monitoring for F...StreamNative
 
Ingesting Data at Blazing Speed Using Apache Orc
Ingesting Data at Blazing Speed Using Apache OrcIngesting Data at Blazing Speed Using Apache Orc
Ingesting Data at Blazing Speed Using Apache OrcDataWorks Summit
 
Documentation in the agile software development process
Documentation in the agile software development processDocumentation in the agile software development process
Documentation in the agile software development processFabian Kiss
 
Adopting SAFe with JIRA
Adopting SAFe with JIRAAdopting SAFe with JIRA
Adopting SAFe with JIRACprime
 
Kafka Lag Monitoring For Human Beings (Elad Leev, AppsFlyer) Kafka Summit 2020
Kafka Lag Monitoring For Human Beings (Elad Leev, AppsFlyer) Kafka Summit 2020Kafka Lag Monitoring For Human Beings (Elad Leev, AppsFlyer) Kafka Summit 2020
Kafka Lag Monitoring For Human Beings (Elad Leev, AppsFlyer) Kafka Summit 2020HostedbyConfluent
 
Upgrade Preparation Best Practices & Templates | INNOVATE16
Upgrade Preparation Best Practices & Templates | INNOVATE16Upgrade Preparation Best Practices & Templates | INNOVATE16
Upgrade Preparation Best Practices & Templates | INNOVATE16Abraic, Inc.
 
Supercharge your teams with Value Stream Management by Richard Knaster
Supercharge your teams with Value Stream Management by Richard KnasterSupercharge your teams with Value Stream Management by Richard Knaster
Supercharge your teams with Value Stream Management by Richard KnasterBosnia Agile
 
Lean-Agile Journey @ Migros - Mit kleinen Schritten zu grossen Veränderungen
Lean-Agile Journey @ Migros - Mit kleinen Schritten zu grossen VeränderungenLean-Agile Journey @ Migros - Mit kleinen Schritten zu grossen Veränderungen
Lean-Agile Journey @ Migros - Mit kleinen Schritten zu grossen VeränderungenJoël Krapf
 
Solution architecture
Solution architectureSolution architecture
Solution architectureiasaglobal
 
What's new in the Scaled Agile Framework (SAFe) 6.0 - Agile Indy May 10th Meetup
What's new in the Scaled Agile Framework (SAFe) 6.0 - Agile Indy May 10th MeetupWhat's new in the Scaled Agile Framework (SAFe) 6.0 - Agile Indy May 10th Meetup
What's new in the Scaled Agile Framework (SAFe) 6.0 - Agile Indy May 10th MeetupYuval Yeret
 
Scalable complex event processing on samza @UBER
Scalable complex event processing on samza @UBERScalable complex event processing on samza @UBER
Scalable complex event processing on samza @UBERShuyi Chen
 
Free GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOpsFree GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOpsWeaveworks
 

What's hot (20)

Five Pain Points of Agile Development (And How Software Version Management Ca...
Five Pain Points of Agile Development (And How Software Version Management Ca...Five Pain Points of Agile Development (And How Software Version Management Ca...
Five Pain Points of Agile Development (And How Software Version Management Ca...
 
Tips & Tricks for Apache Kafka®
Tips & Tricks for Apache Kafka®Tips & Tricks for Apache Kafka®
Tips & Tricks for Apache Kafka®
 
Gitops: a new paradigm for software defined operations
Gitops: a new paradigm for software defined operationsGitops: a new paradigm for software defined operations
Gitops: a new paradigm for software defined operations
 
Agile Network India | What does it take to Transform into Product Centric IT ...
Agile Network India | What does it take to Transform into Product Centric IT ...Agile Network India | What does it take to Transform into Product Centric IT ...
Agile Network India | What does it take to Transform into Product Centric IT ...
 
How Pulsar Enables Netdata to Offer Unlimited Infrastructure Monitoring for F...
How Pulsar Enables Netdata to Offer Unlimited Infrastructure Monitoring for F...How Pulsar Enables Netdata to Offer Unlimited Infrastructure Monitoring for F...
How Pulsar Enables Netdata to Offer Unlimited Infrastructure Monitoring for F...
 
Ingesting Data at Blazing Speed Using Apache Orc
Ingesting Data at Blazing Speed Using Apache OrcIngesting Data at Blazing Speed Using Apache Orc
Ingesting Data at Blazing Speed Using Apache Orc
 
Agile
AgileAgile
Agile
 
Documentation in the agile software development process
Documentation in the agile software development processDocumentation in the agile software development process
Documentation in the agile software development process
 
Adopting SAFe with JIRA
Adopting SAFe with JIRAAdopting SAFe with JIRA
Adopting SAFe with JIRA
 
Introduction to apache kafka
Introduction to apache kafkaIntroduction to apache kafka
Introduction to apache kafka
 
Kafka Lag Monitoring For Human Beings (Elad Leev, AppsFlyer) Kafka Summit 2020
Kafka Lag Monitoring For Human Beings (Elad Leev, AppsFlyer) Kafka Summit 2020Kafka Lag Monitoring For Human Beings (Elad Leev, AppsFlyer) Kafka Summit 2020
Kafka Lag Monitoring For Human Beings (Elad Leev, AppsFlyer) Kafka Summit 2020
 
Upgrade Preparation Best Practices & Templates | INNOVATE16
Upgrade Preparation Best Practices & Templates | INNOVATE16Upgrade Preparation Best Practices & Templates | INNOVATE16
Upgrade Preparation Best Practices & Templates | INNOVATE16
 
Supercharge your teams with Value Stream Management by Richard Knaster
Supercharge your teams with Value Stream Management by Richard KnasterSupercharge your teams with Value Stream Management by Richard Knaster
Supercharge your teams with Value Stream Management by Richard Knaster
 
Lean-Agile Journey @ Migros - Mit kleinen Schritten zu grossen Veränderungen
Lean-Agile Journey @ Migros - Mit kleinen Schritten zu grossen VeränderungenLean-Agile Journey @ Migros - Mit kleinen Schritten zu grossen Veränderungen
Lean-Agile Journey @ Migros - Mit kleinen Schritten zu grossen Veränderungen
 
Archimate Viewpoints
Archimate ViewpointsArchimate Viewpoints
Archimate Viewpoints
 
Solution architecture
Solution architectureSolution architecture
Solution architecture
 
What's new in the Scaled Agile Framework (SAFe) 6.0 - Agile Indy May 10th Meetup
What's new in the Scaled Agile Framework (SAFe) 6.0 - Agile Indy May 10th MeetupWhat's new in the Scaled Agile Framework (SAFe) 6.0 - Agile Indy May 10th Meetup
What's new in the Scaled Agile Framework (SAFe) 6.0 - Agile Indy May 10th Meetup
 
Scalable complex event processing on samza @UBER
Scalable complex event processing on samza @UBERScalable complex event processing on samza @UBER
Scalable complex event processing on samza @UBER
 
Free GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOpsFree GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOps
 
Splunk observability
Splunk observabilitySplunk observability
Splunk observability
 

Similar to Open Source at Scania

Owasp_Security_Labeling_System
Owasp_Security_Labeling_SystemOwasp_Security_Labeling_System
Owasp_Security_Labeling_SystemluisenriquezA
 
Capability Building for Cyber Defense: Software Walk through and Screening
Capability Building for Cyber Defense: Software Walk through and Screening Capability Building for Cyber Defense: Software Walk through and Screening
Capability Building for Cyber Defense: Software Walk through and Screening Maven Logix
 
Owasp Summit - Wednesday evening briefing master
Owasp Summit - Wednesday evening briefing masterOwasp Summit - Wednesday evening briefing master
Owasp Summit - Wednesday evening briefing masterDinis Cruz
 
Software Security Assurance for DevOps
Software Security Assurance for DevOpsSoftware Security Assurance for DevOps
Software Security Assurance for DevOpsBlack Duck by Synopsys
 
Software Security Assurance for Devops
Software Security Assurance for DevopsSoftware Security Assurance for Devops
Software Security Assurance for DevopsJerika Phelps
 
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black DuckSoftware Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black DuckBlack Duck by Synopsys
 
Combating Software Piracy Using Code Encryption Technique
Combating Software Piracy Using Code Encryption TechniqueCombating Software Piracy Using Code Encryption Technique
Combating Software Piracy Using Code Encryption Techniquetheijes
 
HIS 2017 Paul Sherwood- towards trustable software
HIS 2017 Paul Sherwood- towards trustable software HIS 2017 Paul Sherwood- towards trustable software
HIS 2017 Paul Sherwood- towards trustable software jamieayre
 
Software Security Assurance for DevOps
Software Security Assurance for DevOpsSoftware Security Assurance for DevOps
Software Security Assurance for DevOpsBlack Duck by Synopsys
 
Open Source Software: What Are Your Obligations?
Open Source Software: What Are Your Obligations? Open Source Software: What Are Your Obligations?
Open Source Software: What Are Your Obligations? Source Code Control Limited
 
Online Software development training
Online Software development trainingOnline Software development training
Online Software development trainingvibrantuser
 
Introduction to the proposed EU cyber resilience act (CRA)
Introduction to the proposed EU cyber resilience act (CRA)Introduction to the proposed EU cyber resilience act (CRA)
Introduction to the proposed EU cyber resilience act (CRA)Olle E Johansson
 
User management - the next-gen of authentication meetup 27012022
User management - the next-gen of authentication meetup 27012022User management - the next-gen of authentication meetup 27012022
User management - the next-gen of authentication meetup 27012022lior mazor
 
Implementing Secure DevOps on Public Cloud Platforms
Implementing Secure DevOps on Public Cloud PlatformsImplementing Secure DevOps on Public Cloud Platforms
Implementing Secure DevOps on Public Cloud PlatformsGaurav "GP" Pal
 
Driving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive SoftwareDriving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive SoftwareParasoft
 
Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)
Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)
Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)TelecomValley
 
Shifting the conversation from active interception to proactive neutralization
Shifting the conversation from active interception to proactive neutralization Shifting the conversation from active interception to proactive neutralization
Shifting the conversation from active interception to proactive neutralization Rogue Wave Software
 
What is software product development services.pptx
What is software product development services.pptxWhat is software product development services.pptx
What is software product development services.pptxXlogia Tech
 
Secure Your DevOps Pipeline Best Practices Meetup 08022024.pptx
Secure Your DevOps Pipeline Best Practices Meetup 08022024.pptxSecure Your DevOps Pipeline Best Practices Meetup 08022024.pptx
Secure Your DevOps Pipeline Best Practices Meetup 08022024.pptxlior mazor
 

Similar to Open Source at Scania (20)

Owasp_Security_Labeling_System
Owasp_Security_Labeling_SystemOwasp_Security_Labeling_System
Owasp_Security_Labeling_System
 
Capability Building for Cyber Defense: Software Walk through and Screening
Capability Building for Cyber Defense: Software Walk through and Screening Capability Building for Cyber Defense: Software Walk through and Screening
Capability Building for Cyber Defense: Software Walk through and Screening
 
Owasp Summit - Wednesday evening briefing master
Owasp Summit - Wednesday evening briefing masterOwasp Summit - Wednesday evening briefing master
Owasp Summit - Wednesday evening briefing master
 
Software Security Assurance for DevOps
Software Security Assurance for DevOpsSoftware Security Assurance for DevOps
Software Security Assurance for DevOps
 
Software Security Assurance for Devops
Software Security Assurance for DevopsSoftware Security Assurance for Devops
Software Security Assurance for Devops
 
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black DuckSoftware Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
 
Combating Software Piracy Using Code Encryption Technique
Combating Software Piracy Using Code Encryption TechniqueCombating Software Piracy Using Code Encryption Technique
Combating Software Piracy Using Code Encryption Technique
 
HIS 2017 Paul Sherwood- towards trustable software
HIS 2017 Paul Sherwood- towards trustable software HIS 2017 Paul Sherwood- towards trustable software
HIS 2017 Paul Sherwood- towards trustable software
 
Software Security Assurance for DevOps
Software Security Assurance for DevOpsSoftware Security Assurance for DevOps
Software Security Assurance for DevOps
 
Open Source Software: What Are Your Obligations?
Open Source Software: What Are Your Obligations? Open Source Software: What Are Your Obligations?
Open Source Software: What Are Your Obligations?
 
Online Software development training
Online Software development trainingOnline Software development training
Online Software development training
 
Introduction to the proposed EU cyber resilience act (CRA)
Introduction to the proposed EU cyber resilience act (CRA)Introduction to the proposed EU cyber resilience act (CRA)
Introduction to the proposed EU cyber resilience act (CRA)
 
User management - the next-gen of authentication meetup 27012022
User management - the next-gen of authentication meetup 27012022User management - the next-gen of authentication meetup 27012022
User management - the next-gen of authentication meetup 27012022
 
Implementing Secure DevOps on Public Cloud Platforms
Implementing Secure DevOps on Public Cloud PlatformsImplementing Secure DevOps on Public Cloud Platforms
Implementing Secure DevOps on Public Cloud Platforms
 
Driving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive SoftwareDriving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive Software
 
Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)
Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)
Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)
 
Shifting the conversation from active interception to proactive neutralization
Shifting the conversation from active interception to proactive neutralization Shifting the conversation from active interception to proactive neutralization
Shifting the conversation from active interception to proactive neutralization
 
What is software product development services.pptx
What is software product development services.pptxWhat is software product development services.pptx
What is software product development services.pptx
 
Open Source vs Proprietary
Open Source vs ProprietaryOpen Source vs Proprietary
Open Source vs Proprietary
 
Secure Your DevOps Pipeline Best Practices Meetup 08022024.pptx
Secure Your DevOps Pipeline Best Practices Meetup 08022024.pptxSecure Your DevOps Pipeline Best Practices Meetup 08022024.pptx
Secure Your DevOps Pipeline Best Practices Meetup 08022024.pptx
 

More from Shane Coughlan

OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingOpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingShane Coughlan
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingShane Coughlan
 
OpenChain Monthly Meeting North America and Asia - 2024-03-19
OpenChain Monthly Meeting North America and Asia - 2024-03-19OpenChain Monthly Meeting North America and Asia - 2024-03-19
OpenChain Monthly Meeting North America and Asia - 2024-03-19Shane Coughlan
 
OpenChain Webinar: Universal CVSS Calculator
OpenChain Webinar: Universal CVSS CalculatorOpenChain Webinar: Universal CVSS Calculator
OpenChain Webinar: Universal CVSS CalculatorShane Coughlan
 
openEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scaleopenEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scaleShane Coughlan
 
OpenChain AI Study Group - North America and Europe - 2024-02-20
OpenChain AI Study Group - North America and Europe - 2024-02-20OpenChain AI Study Group - North America and Europe - 2024-02-20
OpenChain AI Study Group - North America and Europe - 2024-02-20Shane Coughlan
 
AI Study Group North America - Europe 2024-02-06
AI Study Group North America - Europe 2024-02-06AI Study Group North America - Europe 2024-02-06
AI Study Group North America - Europe 2024-02-06Shane Coughlan
 
OpenChain Monthly North America / Europe Call - 2024-02-06
OpenChain Monthly North America / Europe Call - 2024-02-06OpenChain Monthly North America / Europe Call - 2024-02-06
OpenChain Monthly North America / Europe Call - 2024-02-06Shane Coughlan
 
OpenChain Export Control Work Group 2024-01-09
OpenChain Export Control Work Group 2024-01-09OpenChain Export Control Work Group 2024-01-09
OpenChain Export Control Work Group 2024-01-09Shane Coughlan
 
OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17Shane Coughlan
 
Openchain AI Study Group 2024-01-23.pptx
Openchain AI Study Group 2024-01-23.pptxOpenchain AI Study Group 2024-01-23.pptx
Openchain AI Study Group 2024-01-23.pptxShane Coughlan
 
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...Shane Coughlan
 
Maturity Models - Open Compliance Summit 2023
Maturity Models - Open Compliance Summit 2023Maturity Models - Open Compliance Summit 2023
Maturity Models - Open Compliance Summit 2023Shane Coughlan
 
OpenChain Annual Report 2023 - Key Metrics Slides
OpenChain Annual Report 2023 - Key Metrics SlidesOpenChain Annual Report 2023 - Key Metrics Slides
OpenChain Annual Report 2023 - Key Metrics SlidesShane Coughlan
 
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27Shane Coughlan
 
FOSSLight Community Day 2023-11-30
FOSSLight Community Day 2023-11-30FOSSLight Community Day 2023-11-30
FOSSLight Community Day 2023-11-30Shane Coughlan
 
OpenChain Webinar #56: Generative AI and Your Code
OpenChain Webinar #56: Generative AI and Your CodeOpenChain Webinar #56: Generative AI and Your Code
OpenChain Webinar #56: Generative AI and Your CodeShane Coughlan
 
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptx
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptxFrom One Standard to a Family - Taiwan Work Group - 2023-08-15.pptx
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptxShane Coughlan
 
OpenChain Japan Work Group Meeting #28 - 2023-07-11
OpenChain Japan Work Group Meeting #28 - 2023-07-11OpenChain Japan Work Group Meeting #28 - 2023-07-11
OpenChain Japan Work Group Meeting #28 - 2023-07-11Shane Coughlan
 
OpenChain Legal Work Group - 2023-06-29
OpenChain Legal Work Group - 2023-06-29OpenChain Legal Work Group - 2023-06-29
OpenChain Legal Work Group - 2023-06-29Shane Coughlan
 

More from Shane Coughlan (20)

OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingOpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
 
OpenChain Monthly Meeting North America and Asia - 2024-03-19
OpenChain Monthly Meeting North America and Asia - 2024-03-19OpenChain Monthly Meeting North America and Asia - 2024-03-19
OpenChain Monthly Meeting North America and Asia - 2024-03-19
 
OpenChain Webinar: Universal CVSS Calculator
OpenChain Webinar: Universal CVSS CalculatorOpenChain Webinar: Universal CVSS Calculator
OpenChain Webinar: Universal CVSS Calculator
 
openEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scaleopenEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scale
 
OpenChain AI Study Group - North America and Europe - 2024-02-20
OpenChain AI Study Group - North America and Europe - 2024-02-20OpenChain AI Study Group - North America and Europe - 2024-02-20
OpenChain AI Study Group - North America and Europe - 2024-02-20
 
AI Study Group North America - Europe 2024-02-06
AI Study Group North America - Europe 2024-02-06AI Study Group North America - Europe 2024-02-06
AI Study Group North America - Europe 2024-02-06
 
OpenChain Monthly North America / Europe Call - 2024-02-06
OpenChain Monthly North America / Europe Call - 2024-02-06OpenChain Monthly North America / Europe Call - 2024-02-06
OpenChain Monthly North America / Europe Call - 2024-02-06
 
OpenChain Export Control Work Group 2024-01-09
OpenChain Export Control Work Group 2024-01-09OpenChain Export Control Work Group 2024-01-09
OpenChain Export Control Work Group 2024-01-09
 
OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17
 
Openchain AI Study Group 2024-01-23.pptx
Openchain AI Study Group 2024-01-23.pptxOpenchain AI Study Group 2024-01-23.pptx
Openchain AI Study Group 2024-01-23.pptx
 
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
 
Maturity Models - Open Compliance Summit 2023
Maturity Models - Open Compliance Summit 2023Maturity Models - Open Compliance Summit 2023
Maturity Models - Open Compliance Summit 2023
 
OpenChain Annual Report 2023 - Key Metrics Slides
OpenChain Annual Report 2023 - Key Metrics SlidesOpenChain Annual Report 2023 - Key Metrics Slides
OpenChain Annual Report 2023 - Key Metrics Slides
 
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
 
FOSSLight Community Day 2023-11-30
FOSSLight Community Day 2023-11-30FOSSLight Community Day 2023-11-30
FOSSLight Community Day 2023-11-30
 
OpenChain Webinar #56: Generative AI and Your Code
OpenChain Webinar #56: Generative AI and Your CodeOpenChain Webinar #56: Generative AI and Your Code
OpenChain Webinar #56: Generative AI and Your Code
 
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptx
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptxFrom One Standard to a Family - Taiwan Work Group - 2023-08-15.pptx
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptx
 
OpenChain Japan Work Group Meeting #28 - 2023-07-11
OpenChain Japan Work Group Meeting #28 - 2023-07-11OpenChain Japan Work Group Meeting #28 - 2023-07-11
OpenChain Japan Work Group Meeting #28 - 2023-07-11
 
OpenChain Legal Work Group - 2023-06-29
OpenChain Legal Work Group - 2023-06-29OpenChain Legal Work Group - 2023-06-29
OpenChain Legal Work Group - 2023-06-29
 

Recently uploaded

Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEEVICTOR MAESTRE RAMIREZ
 
Lecture # 8 software design and architecture (SDA).ppt
Lecture # 8 software design and architecture (SDA).pptLecture # 8 software design and architecture (SDA).ppt
Lecture # 8 software design and architecture (SDA).pptesrabilgic2
 
Cyber security and its impact on E commerce
Cyber security and its impact on E commerceCyber security and its impact on E commerce
Cyber security and its impact on E commercemanigoyal112
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...confluent
 
Understanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM ArchitectureUnderstanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM Architecturerahul_net
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsAhmed Mohamed
 
How to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationHow to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationBradBedford3
 
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdfExploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdfkalichargn70th171
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Angel Borroy López
 
Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalLionel Briand
 
A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfA healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfMarharyta Nedzelska
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...OnePlan Solutions
 
Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 EnterpriseOdoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprisepreethippts
 
Powering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsPowering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsSafe Software
 
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Matt Ray
 
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Natan Silnitsky
 
Machine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringMachine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringHironori Washizaki
 
Large Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLarge Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLionel Briand
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)jennyeacort
 

Recently uploaded (20)

Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
 
Lecture # 8 software design and architecture (SDA).ppt
Lecture # 8 software design and architecture (SDA).pptLecture # 8 software design and architecture (SDA).ppt
Lecture # 8 software design and architecture (SDA).ppt
 
Cyber security and its impact on E commerce
Cyber security and its impact on E commerceCyber security and its impact on E commerce
Cyber security and its impact on E commerce
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
 
Understanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM ArchitectureUnderstanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM Architecture
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML Diagrams
 
How to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationHow to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion Application
 
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdfExploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
 
Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive Goal
 
A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfA healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdf
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
 
Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 EnterpriseOdoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprise
 
Powering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsPowering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data Streams
 
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
 
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
 
Machine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringMachine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their Engineering
 
Large Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLarge Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and Repair
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
 

Open Source at Scania

  • 1. open source at scania JONAS ÖBERG, chair of scania open source program
  • 2. Jonas Öberg / Open Source at Scania Always 46% Sometimes 42% Rarely 10% Never 2% How often do you try to find open source alternatives?When we ask how often our developers try to find open source options over other kinds of software, we see that 88% of our developers sometimes or always try to use open source. That’s interesting, considering 43% felt there was no policy for open source, it was not permitted, or they didn’t know. Regardless of guidelines and whether open source is encouraged or not, it seems our developers still give some preference to open source. WE’re on the way, but the road is long!
  • 3. Jonas Öberg / Open Source at Scania 26% 51% 18% 5% 0% 10% 20% 30% 40% 50% 60% Very interested Somewhat interested Not too interested Not interested at all how interested are you in contributing to open source? Finally, we asked whether our developers have an interest in contributing to open source in the future. 77% are somewhat or very interested in contributing to open source. This gives us some reassurance that if we provide our developers with clear guidelines for contributing to open source, many will take us up on the opportunity to do so.
  • 5. confidence in supply chain SPDX Bill-of- Material Mandatory Delivery of Required Compliance Artifacts OpenChain™ or TÜV SÜD TPS Standard PPP 15001A certification Q1 2020
  • 6. Sure, we can do this! Q1 2019 Oh, this is actually hard work… Q4 2019 We now deliver!??
  • 7. Export control is regulations that limit release of software, technology, services, knowledge to foreign countries: limiting our freedom to operate. Economic sanctions, trade restrictions, barriers, tariffs, embargoes. Designed to protect national security, foreign policy or domestic economic interests. confidence in freedom to operate
  • 8. • Sensitive goods; software, technology and technical data, both physical items and transfer of software and technology (e.g. offering as download from a website) − Any goods transferred to a party with the intent of being used for military purposes, − Or, any goods which is part of the product control lists, which may be Dual Use items, i.e. items which can have both a civilian and military purpose. • Both require a license to export – unless they meet an exception • Applies regardless of how it’s transferred: electronically, post, on laptop when visiting foreign country, etc.. • Also apply to transfers within a group, e.g. Scania in Sweden to Scania in Brazil. What is affected by Export Control?
  • 9. Self classify .. and then there are exceptions.. and exceptions to the exceptions. Quotation marks means the word is separately defined.
  • 10.
  • 11. Contains Encryption? (Yes/No) Is encryption used for User Authentication? (Yes/No) Open-Source Encryption? (Yes/No) Generally available to the public by being sold without restriction from stock at retail points? (Yes/No) Encryption Type Used? (Symmetric/Asymmetric/Elliptic-Curve) Key-length used for the Encryption … Encryption Questionnaire
  • 12. • The answers represent a statement of the capabilities of the software, easily understood by the developers. • Different organisations may interpret the answers differently. • No need for developers to make ECCN decisions. • Provides a way for developers to speak to export control groups. Interpretation
  • 13. Introducing EXPORT.md Export-Declaration File v1.0 Contains-encryption: [Yes/No] Crypto-for-user-authentication: [Yes/No] ... Declared-ECCN: x-us:5D002 At least between Scania and FNC, we ask the same questions! And the answers can be shared. Export Control of Open Source Working Group – ECOS WG
  • 15.
  • 16. Open source / 3pp libraries/code Qualification Evidence that the software development process for the component is based on an appropriate national or international standard (e.g. ISO/IEC/IEEE 12207. Evidence that the software complies with its requirements, reactions to and description of anomalities etc. Complete code coverage including MC/DC (ASIL-D) 26262 Requirements Abridged No or almost no open source fulfilling this today.
  • 17. tools TCL3 Confidence from use Evaluation of the tool development process Validation of the software tool Development according to a safety standard 26262 Requirements Highly recommends “For open source developments, some of the standards used by those communities can also be appropriate.” C,D C,D A,B A,B No or almost no open source fulfilling this today.
  • 18. No or almost no open source fulfilling this today. Tomorrow?
  • 19. supply chain OpenChain freedrom to operate export control of open source working group software ELISA ? Confidence
  • 20. Jonas Öberg Scania CV AB <jonas.oberg@scania.com>