SlideShare a Scribd company logo

OpenChain Mini-Summit May 2023

Download as PPTX, PDF
Shane Coughlan
Shane Coughlan

OpenChain Mini-Summit May 2023

Software
1 of 47
The OpenChain Project Mini-Summit - 2023-05-09 14:30 PDT
Keeping Things Fun For The Community Swag and Mascots
AGENDA • 14:30: Introduction: The OpenChain License Compliance and Security Assurance Standards in 2023 • 14:50: Keynote: Moving Down The Pyramid - SBOMs in 2023 • 15:10 - Break • 15:20: Keynote: Moving Down The Pyramid - “State of the Tooling” in Open Source Automation, Helio Chissini de Castro, CARIAD • 15:40: Special Keynote: FOSSLight - Next Generation Open Source Automation for Compliance and Security, Kyoungae Kim and Soim Kim, LG Electronics • 16:00 - Break • 16:10: Roundtable Session - Process Standards • 16:25: Roundtable Session - SBOMs • 16:45: Roundtable Session - Automation • 17:00 - Close
The OpenChain License Compliance and Security Assurance Standards in 2023
OpenChain Membership – New (old) Faces! (not an official VW ID.4)
OpenChain Membership Today +
Members Represent Over 5.9 Trillion USD In Market Value https://docs.google.com/spreadsheets/d/1HllBIFRkqiUc-6nnJWRkPd1VmiajeRknDIH6EnWYYLE/edit?usp=sharing
Platinum Member / Conformance Pending ISO/IEC 5230 + DIS 18974 Conformant Platinum Member + ISO/IEC 5230 Conformant Automotive Banking Cloud Consumer Industrial SaaS Service Silicon Telco Example Verticals Impacted by OpenChain This is a snapshot based on membership and select conformant organizations currently listed on our website. Total conformant numbers are far higher. Example: PwC Survey shows 20% of companies in Germany with over 2,000 employees already used ISO/IEC 5230.
Snapshoot Represents Over 7.5 Trillion USD In Market Value https://docs.google.com/spreadsheets/d/1HllBIFRkqiUc-6nnJWRkPd1VmiajeRknDIH6EnWYYLE/edit?usp=sharing
Trillions More In Market Value Touched (Lockheed co-chairs our spec development) This is a non-exhaustive list of participants on some of our community lists
OpenChain Has 12 Official Tooling Vendors
OpenChain Has 11 Official Third-Party Certifiers CESI
OpenChain Has 27 Official Service Providers
OpenChain Has 22 Official Legal Providers
Key News Around ISO/IEC DIS 18974
General Community News: Standards
Overview ● We expect to complete the Draft International Standard (DIS) process via JTC-1 at the end of June. ● There will be an editorial period after this. ● According to Seth from Joint Development Foundation: “We will most likely end up passing with edits. We will clean up the editorial things but nothing technically normative and send it back. They will spend another month transposing the final version and give us the ISO number.” Questions?
Conformance Continues With De-Facto Standard
Key News Around ISO/IEC 5230
OpenChain Has 98 ISO/IEC 5230 Conformant Orgs Listed On Our Website (totals are higher) Total conformant numbers are far higher. Example: PwC Survey shows 20% of companies in Germany with over 2,000 employees already used ISO/IEC 5230.
Recent Significant ISO/IEC 5230 Conformance
And Also…
What Else Is Happening?
General Community News: Project Improvements
General Community News: Project Improvements
General Community News: Project Improvements
General Community News: Project Activities
General Community News: Webinars
General Community News: Events
General Community News: Publications
General Community News: Asking Questions
Into The Weeds…
Licensing and Security Specification Editing ● The editing process is continuing as expected, with solid feedback on issues, and changes heading in the direction of improved clarity. ● The open and closed issues are tracked via GitHub: Licensing: https://github.com/OpenChain-Project/License-Compliance-Specification/issues Security: https://github.com/OpenChain-Project/Security-Assurance-Specification/issues ● The draft next generation specifications are also hosted on GitHub: Licensing: https://github.com/OpenChain-Project/License-Compliance- Specification/blob/master/3.0/en/openchain-license-compliance-3.0.md Security: https://github.com/OpenChain-Project/Security-Assurance-Specification/blob/main/Security-Assurance- Specification/2.0/en/openchain-security-specification-2.0.md ● As are the slides used for every meeting (two meetings per month): https://github.com/OpenChain-Project/Meeting-Minutes/tree/main/Slides
Model Language For Procurement ● The first meeting of the Legal Work Group took place on the 25th of April 2023. ● We explored model provisions for including OpenChain ISO/IEC 5230 and OpenChain ISO/IEC DIS 18974 (and potentially other standards) in procurement contracts or similar material. The goal is to ensure people can understand options. We will not be prescriptive, and these model provisions will remain part of the OpenChain reference material. They will not be included in the standards themselves. ○ The call started by looking at model provisions done before via the Risk Grid. ○ The document, under public domain, has been moved to the OpenChain GitHub for ease of access and editing. ● Our outcome was to use this basic format to structure our first round of model provisions, and to have the option of merging the documents in the future.
Moving Down The Pyramid - SBOMs in 2023
One More Thing… ● Today (2023-05-09) we are releasing the first draft case studies created by ChatGPT on our GitHub. ● These are not intended to replace our community contributions, but to make it fast for people to add ideas and adjustments. ● This will specifically address one of the greatest challenges in creating new material: the initial time spent for drafting. Our community usually enjoys commenting and adjusting more than drafting. ● It took ChatGPT less than ten minutes to create eight case studies: https://github.com/OpenChain-Project/Reference-Material/tree/master/Adoption-Case-Studies/Official/en/ChatGPT
Moving Down The Pyramid - SBOMs in 2023
We Just Talked About SPDX 3.0
OpenChain Supports Both NTIA + CISA SBOM ● ISO/IEC 5230 and ISO/IEC DIS 18974 both require the existence of an SBOM as part of the key requirements of either a quality license compliance or security assurance program. ● We inherently match the guidance provided by NTIA and CISA. ● We are non-prescriptive on the actual SBOM format used, allowing our community the freedom to choose SPDX, CycloneDX or SWID as appropriate to meet their needs. ● We have been positioning the supply chain to meeting The Minimum Elements For a Software Bill of Materials (SBOM) since our inception.
BREAKTIME!
Moving Down The Pyramid - “State of the Tooling” in Open Source Automation Helio Chissini de Castro, CARIAD
FOSSLight - Next Generation Open Source Automation for Compliance and Security Kyoungae Kim and Soim Kim, LG Electronics
BREAKTIME!
Roundtable Session – Process Standards
Roundtable Session – SBOMs
Roundtable Session – Automation
OpenChain Mini-Summit May 2023

Recommended

OpenChain Japan Work Group - Meeting 27
OpenChain Japan Work Group - Meeting 27OpenChain Japan Work Group - Meeting 27
OpenChain Japan Work Group - Meeting 27Shane Coughlan
 
OpenChain Germany Work Group Meeting 2022-11-16
OpenChain Germany Work Group Meeting 2022-11-16OpenChain Germany Work Group Meeting 2022-11-16
OpenChain Germany Work Group Meeting 2022-11-16Shane Coughlan
 
OpenChain-Monthly-Meeting-2022-11-15
OpenChain-Monthly-Meeting-2022-11-15OpenChain-Monthly-Meeting-2022-11-15
OpenChain-Monthly-Meeting-2022-11-15Shane Coughlan
 
OpenChain Monthly Meeting 2022-11-01
OpenChain Monthly Meeting 2022-11-01OpenChain Monthly Meeting 2022-11-01
OpenChain Monthly Meeting 2022-11-01Shane Coughlan
 
2023-06-corporate
2023-06-corporate2023-06-corporate
2023-06-corporateShane Coughlan
 
2023-06-classic
2023-06-classic2023-06-classic
2023-06-classicShane Coughlan
 
2023-06-cute
2023-06-cute2023-06-cute
2023-06-cuteShane Coughlan
 
OpenChain Monthly Meeting 2023-02-21 (North America and Asia)
OpenChain Monthly Meeting 2023-02-21 (North America and Asia)OpenChain Monthly Meeting 2023-02-21 (North America and Asia)
OpenChain Monthly Meeting 2023-02-21 (North America and Asia)Shane Coughlan
 

Recommended

OpenChain Japan Work Group - Meeting 27
OpenChain Japan Work Group - Meeting 27OpenChain Japan Work Group - Meeting 27
OpenChain Japan Work Group - Meeting 27Shane Coughlan
 
OpenChain Germany Work Group Meeting 2022-11-16
OpenChain Germany Work Group Meeting 2022-11-16OpenChain Germany Work Group Meeting 2022-11-16
OpenChain Germany Work Group Meeting 2022-11-16Shane Coughlan
 
OpenChain-Monthly-Meeting-2022-11-15
OpenChain-Monthly-Meeting-2022-11-15OpenChain-Monthly-Meeting-2022-11-15
OpenChain-Monthly-Meeting-2022-11-15Shane Coughlan
 
OpenChain Monthly Meeting 2022-11-01
OpenChain Monthly Meeting 2022-11-01OpenChain Monthly Meeting 2022-11-01
OpenChain Monthly Meeting 2022-11-01Shane Coughlan
 
2023-06-corporate
2023-06-corporate2023-06-corporate
2023-06-corporateShane Coughlan
 
2023-06-classic
2023-06-classic2023-06-classic
2023-06-classicShane Coughlan
 
2023-06-cute
2023-06-cute2023-06-cute
2023-06-cuteShane Coughlan
 
OpenChain Monthly Meeting 2023-02-21 (North America and Asia)
OpenChain Monthly Meeting 2023-02-21 (North America and Asia)OpenChain Monthly Meeting 2023-02-21 (North America and Asia)
OpenChain Monthly Meeting 2023-02-21 (North America and Asia)Shane Coughlan
 
OpenChain Monthly Meeting North America - Europe - 2023-02-07
OpenChain Monthly Meeting North America - Europe - 2023-02-07OpenChain Monthly Meeting North America - Europe - 2023-02-07
OpenChain Monthly Meeting North America - Europe - 2023-02-07Shane Coughlan
 
OpenChain-Monthly-Meeting-2023-01-17
OpenChain-Monthly-Meeting-2023-01-17OpenChain-Monthly-Meeting-2023-01-17
OpenChain-Monthly-Meeting-2023-01-17Shane Coughlan
 
OpenChain Monthly Meeting - North America / Asia - 2023-03-21
OpenChain Monthly Meeting - North America / Asia - 2023-03-21OpenChain Monthly Meeting - North America / Asia - 2023-03-21
OpenChain Monthly Meeting - North America / Asia - 2023-03-21Shane Coughlan
 
Great Open Source Compliance For Everyone (Version 3)
Great Open Source Compliance For Everyone (Version 3)Great Open Source Compliance For Everyone (Version 3)
Great Open Source Compliance For Everyone (Version 3)Shane Coughlan
 
Complex Made Simple @ LF Energy Conference in Paris
Complex Made Simple @ LF Energy Conference in ParisComplex Made Simple @ LF Energy Conference in Paris
Complex Made Simple @ LF Energy Conference in ParisShane Coughlan
 
OpenChain @ OSPOlogy.live Sweden 2022
OpenChain @ OSPOlogy.live Sweden 2022OpenChain @ OSPOlogy.live Sweden 2022
OpenChain @ OSPOlogy.live Sweden 2022Shane Coughlan
 
ISC Cloud13 Sill - Crossing organizational boundaries in cloud computing
ISC Cloud13 Sill - Crossing organizational boundaries in cloud computingISC Cloud13 Sill - Crossing organizational boundaries in cloud computing
ISC Cloud13 Sill - Crossing organizational boundaries in cloud computingAlan Sill
 
FOSSLight Community Day 2023-11-30
FOSSLight Community Day 2023-11-30FOSSLight Community Day 2023-11-30
FOSSLight Community Day 2023-11-30Shane Coughlan
 
OpenChain Japan Work Group Meeting #28 - 2023-07-11
OpenChain Japan Work Group Meeting #28 - 2023-07-11OpenChain Japan Work Group Meeting #28 - 2023-07-11
OpenChain Japan Work Group Meeting #28 - 2023-07-11Shane Coughlan
 
Europace's journey to InnerSource
Europace's journey to InnerSourceEuropace's journey to InnerSource
Europace's journey to InnerSourceEnrico Hartung
 
OpenChain Automotive Work Group Meeting #2 - Lyon
OpenChain Automotive Work Group Meeting #2 - LyonOpenChain Automotive Work Group Meeting #2 - Lyon
OpenChain Automotive Work Group Meeting #2 - LyonShane Coughlan
 
The State of Open Source for Software Alliance Germany 2023-04-14
The State of Open Source for Software Alliance Germany 2023-04-14The State of Open Source for Software Alliance Germany 2023-04-14
The State of Open Source for Software Alliance Germany 2023-04-14Shane Coughlan
 
Complex Made Simple @ Bird&Birds OpenChain Seminar
Complex Made Simple @ Bird&Birds OpenChain SeminarComplex Made Simple @ Bird&Birds OpenChain Seminar
Complex Made Simple @ Bird&Birds OpenChain SeminarShane Coughlan
 
Free and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainFree and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainShane Coughlan
 
Primers or Reminders? The Effects of Existing Review Comments on Code Review
Primers or Reminders? The Effects of Existing Review Comments on Code ReviewPrimers or Reminders? The Effects of Existing Review Comments on Code Review
Primers or Reminders? The Effects of Existing Review Comments on Code ReviewDelft University of Technology
 
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptx
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptxFrom One Standard to a Family - Taiwan Work Group - 2023-08-15.pptx
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptxShane Coughlan
 
CHIPS Alliance_Object Automation Inc_workshop
CHIPS Alliance_Object Automation Inc_workshopCHIPS Alliance_Object Automation Inc_workshop
CHIPS Alliance_Object Automation Inc_workshopObject Automation
 
Open Source Insight: Hub Detect & DevOps, OSS for Cars & 1.8 M Voter Info Leaked
Open Source Insight: Hub Detect & DevOps, OSS for Cars & 1.8 M Voter Info LeakedOpen Source Insight: Hub Detect & DevOps, OSS for Cars & 1.8 M Voter Info Leaked
Open Source Insight: Hub Detect & DevOps, OSS for Cars & 1.8 M Voter Info LeakedBlack Duck by Synopsys
 
gitopsthekubernetesway-201026090439.pdf
gitopsthekubernetesway-201026090439.pdfgitopsthekubernetesway-201026090439.pdf
gitopsthekubernetesway-201026090439.pdfsaraichiba2
 
Gitops: the kubernetes way
Gitops: the kubernetes wayGitops: the kubernetes way
Gitops: the kubernetes waysparkfabrik
 
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingOpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingShane Coughlan
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingShane Coughlan
 

More Related Content

Similar to OpenChain Mini-Summit May 2023

OpenChain Monthly Meeting North America - Europe - 2023-02-07
OpenChain Monthly Meeting North America - Europe - 2023-02-07OpenChain Monthly Meeting North America - Europe - 2023-02-07
OpenChain Monthly Meeting North America - Europe - 2023-02-07Shane Coughlan
 
OpenChain-Monthly-Meeting-2023-01-17
OpenChain-Monthly-Meeting-2023-01-17OpenChain-Monthly-Meeting-2023-01-17
OpenChain-Monthly-Meeting-2023-01-17Shane Coughlan
 
OpenChain Monthly Meeting - North America / Asia - 2023-03-21
OpenChain Monthly Meeting - North America / Asia - 2023-03-21OpenChain Monthly Meeting - North America / Asia - 2023-03-21
OpenChain Monthly Meeting - North America / Asia - 2023-03-21Shane Coughlan
 
Great Open Source Compliance For Everyone (Version 3)
Great Open Source Compliance For Everyone (Version 3)Great Open Source Compliance For Everyone (Version 3)
Great Open Source Compliance For Everyone (Version 3)Shane Coughlan
 
Complex Made Simple @ LF Energy Conference in Paris
Complex Made Simple @ LF Energy Conference in ParisComplex Made Simple @ LF Energy Conference in Paris
Complex Made Simple @ LF Energy Conference in ParisShane Coughlan
 
OpenChain @ OSPOlogy.live Sweden 2022
OpenChain @ OSPOlogy.live Sweden 2022OpenChain @ OSPOlogy.live Sweden 2022
OpenChain @ OSPOlogy.live Sweden 2022Shane Coughlan
 
ISC Cloud13 Sill - Crossing organizational boundaries in cloud computing
ISC Cloud13 Sill - Crossing organizational boundaries in cloud computingISC Cloud13 Sill - Crossing organizational boundaries in cloud computing
ISC Cloud13 Sill - Crossing organizational boundaries in cloud computingAlan Sill
 
FOSSLight Community Day 2023-11-30
FOSSLight Community Day 2023-11-30FOSSLight Community Day 2023-11-30
FOSSLight Community Day 2023-11-30Shane Coughlan
 
OpenChain Japan Work Group Meeting #28 - 2023-07-11
OpenChain Japan Work Group Meeting #28 - 2023-07-11OpenChain Japan Work Group Meeting #28 - 2023-07-11
OpenChain Japan Work Group Meeting #28 - 2023-07-11Shane Coughlan
 
Europace's journey to InnerSource
Europace's journey to InnerSourceEuropace's journey to InnerSource
Europace's journey to InnerSourceEnrico Hartung
 
OpenChain Automotive Work Group Meeting #2 - Lyon
OpenChain Automotive Work Group Meeting #2 - LyonOpenChain Automotive Work Group Meeting #2 - Lyon
OpenChain Automotive Work Group Meeting #2 - LyonShane Coughlan
 
The State of Open Source for Software Alliance Germany 2023-04-14
The State of Open Source for Software Alliance Germany 2023-04-14The State of Open Source for Software Alliance Germany 2023-04-14
The State of Open Source for Software Alliance Germany 2023-04-14Shane Coughlan
 
Complex Made Simple @ Bird&Birds OpenChain Seminar
Complex Made Simple @ Bird&Birds OpenChain SeminarComplex Made Simple @ Bird&Birds OpenChain Seminar
Complex Made Simple @ Bird&Birds OpenChain SeminarShane Coughlan
 
Free and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainFree and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainShane Coughlan
 
Primers or Reminders? The Effects of Existing Review Comments on Code Review
Primers or Reminders? The Effects of Existing Review Comments on Code ReviewPrimers or Reminders? The Effects of Existing Review Comments on Code Review
Primers or Reminders? The Effects of Existing Review Comments on Code ReviewDelft University of Technology
 
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptx
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptxFrom One Standard to a Family - Taiwan Work Group - 2023-08-15.pptx
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptxShane Coughlan
 
CHIPS Alliance_Object Automation Inc_workshop
CHIPS Alliance_Object Automation Inc_workshopCHIPS Alliance_Object Automation Inc_workshop
CHIPS Alliance_Object Automation Inc_workshopObject Automation
 
Open Source Insight: Hub Detect & DevOps, OSS for Cars & 1.8 M Voter Info Leaked
Open Source Insight: Hub Detect & DevOps, OSS for Cars & 1.8 M Voter Info LeakedOpen Source Insight: Hub Detect & DevOps, OSS for Cars & 1.8 M Voter Info Leaked
Open Source Insight: Hub Detect & DevOps, OSS for Cars & 1.8 M Voter Info LeakedBlack Duck by Synopsys
 
gitopsthekubernetesway-201026090439.pdf
gitopsthekubernetesway-201026090439.pdfgitopsthekubernetesway-201026090439.pdf
gitopsthekubernetesway-201026090439.pdfsaraichiba2
 
Gitops: the kubernetes way
Gitops: the kubernetes wayGitops: the kubernetes way
Gitops: the kubernetes waysparkfabrik
 

Similar to OpenChain Mini-Summit May 2023 (20)

OpenChain Monthly Meeting North America - Europe - 2023-02-07
OpenChain Monthly Meeting North America - Europe - 2023-02-07OpenChain Monthly Meeting North America - Europe - 2023-02-07
OpenChain Monthly Meeting North America - Europe - 2023-02-07
 
OpenChain-Monthly-Meeting-2023-01-17
OpenChain-Monthly-Meeting-2023-01-17OpenChain-Monthly-Meeting-2023-01-17
OpenChain-Monthly-Meeting-2023-01-17
 
OpenChain Monthly Meeting - North America / Asia - 2023-03-21
OpenChain Monthly Meeting - North America / Asia - 2023-03-21OpenChain Monthly Meeting - North America / Asia - 2023-03-21
OpenChain Monthly Meeting - North America / Asia - 2023-03-21
 
Great Open Source Compliance For Everyone (Version 3)
Great Open Source Compliance For Everyone (Version 3)Great Open Source Compliance For Everyone (Version 3)
Great Open Source Compliance For Everyone (Version 3)
 
Complex Made Simple @ LF Energy Conference in Paris
Complex Made Simple @ LF Energy Conference in ParisComplex Made Simple @ LF Energy Conference in Paris
Complex Made Simple @ LF Energy Conference in Paris
 
OpenChain @ OSPOlogy.live Sweden 2022
OpenChain @ OSPOlogy.live Sweden 2022OpenChain @ OSPOlogy.live Sweden 2022
OpenChain @ OSPOlogy.live Sweden 2022
 
ISC Cloud13 Sill - Crossing organizational boundaries in cloud computing
ISC Cloud13 Sill - Crossing organizational boundaries in cloud computingISC Cloud13 Sill - Crossing organizational boundaries in cloud computing
ISC Cloud13 Sill - Crossing organizational boundaries in cloud computing
 
FOSSLight Community Day 2023-11-30
FOSSLight Community Day 2023-11-30FOSSLight Community Day 2023-11-30
FOSSLight Community Day 2023-11-30
 
OpenChain Japan Work Group Meeting #28 - 2023-07-11
OpenChain Japan Work Group Meeting #28 - 2023-07-11OpenChain Japan Work Group Meeting #28 - 2023-07-11
OpenChain Japan Work Group Meeting #28 - 2023-07-11
 
Europace's journey to InnerSource
Europace's journey to InnerSourceEuropace's journey to InnerSource
Europace's journey to InnerSource
 
OpenChain Automotive Work Group Meeting #2 - Lyon
OpenChain Automotive Work Group Meeting #2 - LyonOpenChain Automotive Work Group Meeting #2 - Lyon
OpenChain Automotive Work Group Meeting #2 - Lyon
 
The State of Open Source for Software Alliance Germany 2023-04-14
The State of Open Source for Software Alliance Germany 2023-04-14The State of Open Source for Software Alliance Germany 2023-04-14
The State of Open Source for Software Alliance Germany 2023-04-14
 
Complex Made Simple @ Bird&Birds OpenChain Seminar
Complex Made Simple @ Bird&Birds OpenChain SeminarComplex Made Simple @ Bird&Birds OpenChain Seminar
Complex Made Simple @ Bird&Birds OpenChain Seminar
 
Free and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainFree and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply Chain
 
Primers or Reminders? The Effects of Existing Review Comments on Code Review
Primers or Reminders? The Effects of Existing Review Comments on Code ReviewPrimers or Reminders? The Effects of Existing Review Comments on Code Review
Primers or Reminders? The Effects of Existing Review Comments on Code Review
 
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptx
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptxFrom One Standard to a Family - Taiwan Work Group - 2023-08-15.pptx
From One Standard to a Family - Taiwan Work Group - 2023-08-15.pptx
 
CHIPS Alliance_Object Automation Inc_workshop
CHIPS Alliance_Object Automation Inc_workshopCHIPS Alliance_Object Automation Inc_workshop
CHIPS Alliance_Object Automation Inc_workshop
 
Open Source Insight: Hub Detect & DevOps, OSS for Cars & 1.8 M Voter Info Leaked
Open Source Insight: Hub Detect & DevOps, OSS for Cars & 1.8 M Voter Info LeakedOpen Source Insight: Hub Detect & DevOps, OSS for Cars & 1.8 M Voter Info Leaked
Open Source Insight: Hub Detect & DevOps, OSS for Cars & 1.8 M Voter Info Leaked
 
gitopsthekubernetesway-201026090439.pdf
gitopsthekubernetesway-201026090439.pdfgitopsthekubernetesway-201026090439.pdf
gitopsthekubernetesway-201026090439.pdf
 
Gitops: the kubernetes way
Gitops: the kubernetes wayGitops: the kubernetes way
Gitops: the kubernetes way
 

More from Shane Coughlan

OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingOpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingShane Coughlan
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingShane Coughlan
 
OpenChain Monthly Meeting North America and Asia - 2024-03-19
OpenChain Monthly Meeting North America and Asia - 2024-03-19OpenChain Monthly Meeting North America and Asia - 2024-03-19
OpenChain Monthly Meeting North America and Asia - 2024-03-19Shane Coughlan
 
OpenChain Webinar: Universal CVSS Calculator
OpenChain Webinar: Universal CVSS CalculatorOpenChain Webinar: Universal CVSS Calculator
OpenChain Webinar: Universal CVSS CalculatorShane Coughlan
 
openEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scaleopenEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scaleShane Coughlan
 
OpenChain AI Study Group - North America and Europe - 2024-02-20
OpenChain AI Study Group - North America and Europe - 2024-02-20OpenChain AI Study Group - North America and Europe - 2024-02-20
OpenChain AI Study Group - North America and Europe - 2024-02-20Shane Coughlan
 
AI Study Group North America - Europe 2024-02-06
AI Study Group North America - Europe 2024-02-06AI Study Group North America - Europe 2024-02-06
AI Study Group North America - Europe 2024-02-06Shane Coughlan
 
OpenChain Monthly North America / Europe Call - 2024-02-06
OpenChain Monthly North America / Europe Call - 2024-02-06OpenChain Monthly North America / Europe Call - 2024-02-06
OpenChain Monthly North America / Europe Call - 2024-02-06Shane Coughlan
 
OpenChain Export Control Work Group 2024-01-09
OpenChain Export Control Work Group 2024-01-09OpenChain Export Control Work Group 2024-01-09
OpenChain Export Control Work Group 2024-01-09Shane Coughlan
 
OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17Shane Coughlan
 
Openchain AI Study Group 2024-01-23.pptx
Openchain AI Study Group 2024-01-23.pptxOpenchain AI Study Group 2024-01-23.pptx
Openchain AI Study Group 2024-01-23.pptxShane Coughlan
 
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...Shane Coughlan
 
Maturity Models - Open Compliance Summit 2023
Maturity Models - Open Compliance Summit 2023Maturity Models - Open Compliance Summit 2023
Maturity Models - Open Compliance Summit 2023Shane Coughlan
 
OpenChain Annual Report 2023 - Key Metrics Slides
OpenChain Annual Report 2023 - Key Metrics SlidesOpenChain Annual Report 2023 - Key Metrics Slides
OpenChain Annual Report 2023 - Key Metrics SlidesShane Coughlan
 
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27Shane Coughlan
 
OpenChain Webinar #56: Generative AI and Your Code
OpenChain Webinar #56: Generative AI and Your CodeOpenChain Webinar #56: Generative AI and Your Code
OpenChain Webinar #56: Generative AI and Your CodeShane Coughlan
 
OpenChain Legal Work Group - 2023-06-29
OpenChain Legal Work Group - 2023-06-29OpenChain Legal Work Group - 2023-06-29
OpenChain Legal Work Group - 2023-06-29Shane Coughlan
 
OpenChain Webinar #53 – OpenSCA
OpenChain Webinar #53 – OpenSCAOpenChain Webinar #53 – OpenSCA
OpenChain Webinar #53 – OpenSCAShane Coughlan
 
OpenChain Korea Work Group Meeting #18
OpenChain Korea Work Group Meeting #18OpenChain Korea Work Group Meeting #18
OpenChain Korea Work Group Meeting #18Shane Coughlan
 
TODO_Japan_Meetup_#7_en
TODO_Japan_Meetup_#7_enTODO_Japan_Meetup_#7_en
TODO_Japan_Meetup_#7_enShane Coughlan
 

More from Shane Coughlan (20)

OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingOpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
 
OpenChain Monthly Meeting North America and Asia - 2024-03-19
OpenChain Monthly Meeting North America and Asia - 2024-03-19OpenChain Monthly Meeting North America and Asia - 2024-03-19
OpenChain Monthly Meeting North America and Asia - 2024-03-19
 
OpenChain Webinar: Universal CVSS Calculator
OpenChain Webinar: Universal CVSS CalculatorOpenChain Webinar: Universal CVSS Calculator
OpenChain Webinar: Universal CVSS Calculator
 
openEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scaleopenEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scale
 
OpenChain AI Study Group - North America and Europe - 2024-02-20
OpenChain AI Study Group - North America and Europe - 2024-02-20OpenChain AI Study Group - North America and Europe - 2024-02-20
OpenChain AI Study Group - North America and Europe - 2024-02-20
 
AI Study Group North America - Europe 2024-02-06
AI Study Group North America - Europe 2024-02-06AI Study Group North America - Europe 2024-02-06
AI Study Group North America - Europe 2024-02-06
 
OpenChain Monthly North America / Europe Call - 2024-02-06
OpenChain Monthly North America / Europe Call - 2024-02-06OpenChain Monthly North America / Europe Call - 2024-02-06
OpenChain Monthly North America / Europe Call - 2024-02-06
 
OpenChain Export Control Work Group 2024-01-09
OpenChain Export Control Work Group 2024-01-09OpenChain Export Control Work Group 2024-01-09
OpenChain Export Control Work Group 2024-01-09
 
OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17
 
Openchain AI Study Group 2024-01-23.pptx
Openchain AI Study Group 2024-01-23.pptxOpenchain AI Study Group 2024-01-23.pptx
Openchain AI Study Group 2024-01-23.pptx
 
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
 
Maturity Models - Open Compliance Summit 2023
Maturity Models - Open Compliance Summit 2023Maturity Models - Open Compliance Summit 2023
Maturity Models - Open Compliance Summit 2023
 
OpenChain Annual Report 2023 - Key Metrics Slides
OpenChain Annual Report 2023 - Key Metrics SlidesOpenChain Annual Report 2023 - Key Metrics Slides
OpenChain Annual Report 2023 - Key Metrics Slides
 
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
 
OpenChain Webinar #56: Generative AI and Your Code
OpenChain Webinar #56: Generative AI and Your CodeOpenChain Webinar #56: Generative AI and Your Code
OpenChain Webinar #56: Generative AI and Your Code
 
OpenChain Legal Work Group - 2023-06-29
OpenChain Legal Work Group - 2023-06-29OpenChain Legal Work Group - 2023-06-29
OpenChain Legal Work Group - 2023-06-29
 
OpenChain Webinar #53 – OpenSCA
OpenChain Webinar #53 – OpenSCAOpenChain Webinar #53 – OpenSCA
OpenChain Webinar #53 – OpenSCA
 
OpenChain Korea Work Group Meeting #18
OpenChain Korea Work Group Meeting #18OpenChain Korea Work Group Meeting #18
OpenChain Korea Work Group Meeting #18
 
TODO_Japan_Meetup_#7_en
TODO_Japan_Meetup_#7_enTODO_Japan_Meetup_#7_en
TODO_Japan_Meetup_#7_en
 

Recently uploaded

Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsJheuzeDellosa
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyFrank van der Linden
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfkalichargn70th171
 
Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Intelisync
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...aditisharan08
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 

Recently uploaded (20)

Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The Ugly
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
 
Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 

OpenChain Mini-Summit May 2023

  • 1. The OpenChain Project Mini-Summit - 2023-05-09 14:30 PDT
  • 2. Keeping Things Fun For The Community Swag and Mascots
  • 3. AGENDA • 14:30: Introduction: The OpenChain License Compliance and Security Assurance Standards in 2023 • 14:50: Keynote: Moving Down The Pyramid - SBOMs in 2023 • 15:10 - Break • 15:20: Keynote: Moving Down The Pyramid - “State of the Tooling” in Open Source Automation, Helio Chissini de Castro, CARIAD • 15:40: Special Keynote: FOSSLight - Next Generation Open Source Automation for Compliance and Security, Kyoungae Kim and Soim Kim, LG Electronics • 16:00 - Break • 16:10: Roundtable Session - Process Standards • 16:25: Roundtable Session - SBOMs • 16:45: Roundtable Session - Automation • 17:00 - Close
  • 4. The OpenChain License Compliance and Security Assurance Standards in 2023
  • 5. OpenChain Membership – New (old) Faces! (not an official VW ID.4)
  • 7. Members Represent Over 5.9 Trillion USD In Market Value https://docs.google.com/spreadsheets/d/1HllBIFRkqiUc-6nnJWRkPd1VmiajeRknDIH6EnWYYLE/edit?usp=sharing
  • 8. Platinum Member / Conformance Pending ISO/IEC 5230 + DIS 18974 Conformant Platinum Member + ISO/IEC 5230 Conformant Automotive Banking Cloud Consumer Industrial SaaS Service Silicon Telco Example Verticals Impacted by OpenChain This is a snapshot based on membership and select conformant organizations currently listed on our website. Total conformant numbers are far higher. Example: PwC Survey shows 20% of companies in Germany with over 2,000 employees already used ISO/IEC 5230.
  • 9. Snapshoot Represents Over 7.5 Trillion USD In Market Value https://docs.google.com/spreadsheets/d/1HllBIFRkqiUc-6nnJWRkPd1VmiajeRknDIH6EnWYYLE/edit?usp=sharing
  • 10. Trillions More In Market Value Touched (Lockheed co-chairs our spec development) This is a non-exhaustive list of participants on some of our community lists
  • 11. OpenChain Has 12 Official Tooling Vendors
  • 12. OpenChain Has 11 Official Third-Party Certifiers CESI
  • 13. OpenChain Has 27 Official Service Providers
  • 14. OpenChain Has 22 Official Legal Providers
  • 17. Overview ● We expect to complete the Draft International Standard (DIS) process via JTC-1 at the end of June. ● There will be an editorial period after this. ● According to Seth from Joint Development Foundation: “We will most likely end up passing with edits. We will clean up the editorial things but nothing technically normative and send it back. They will spend another month transposing the final version and give us the ISO number.” Questions?
  • 18. Conformance Continues With De-Facto Standard
  • 20. OpenChain Has 98 ISO/IEC 5230 Conformant Orgs Listed On Our Website (totals are higher) Total conformant numbers are far higher. Example: PwC Survey shows 20% of companies in Germany with over 2,000 employees already used ISO/IEC 5230.
  • 21. Recent Significant ISO/IEC 5230 Conformance
  • 23. What Else Is Happening?
  • 24. General Community News: Project Improvements
  • 25. General Community News: Project Improvements
  • 26. General Community News: Project Improvements
  • 27. General Community News: Project Activities
  • 30. General Community News: Publications
  • 31. General Community News: Asking Questions
  • 33. Licensing and Security Specification Editing ● The editing process is continuing as expected, with solid feedback on issues, and changes heading in the direction of improved clarity. ● The open and closed issues are tracked via GitHub: Licensing: https://github.com/OpenChain-Project/License-Compliance-Specification/issues Security: https://github.com/OpenChain-Project/Security-Assurance-Specification/issues ● The draft next generation specifications are also hosted on GitHub: Licensing: https://github.com/OpenChain-Project/License-Compliance- Specification/blob/master/3.0/en/openchain-license-compliance-3.0.md Security: https://github.com/OpenChain-Project/Security-Assurance-Specification/blob/main/Security-Assurance- Specification/2.0/en/openchain-security-specification-2.0.md ● As are the slides used for every meeting (two meetings per month): https://github.com/OpenChain-Project/Meeting-Minutes/tree/main/Slides
  • 34. Model Language For Procurement ● The first meeting of the Legal Work Group took place on the 25th of April 2023. ● We explored model provisions for including OpenChain ISO/IEC 5230 and OpenChain ISO/IEC DIS 18974 (and potentially other standards) in procurement contracts or similar material. The goal is to ensure people can understand options. We will not be prescriptive, and these model provisions will remain part of the OpenChain reference material. They will not be included in the standards themselves. ○ The call started by looking at model provisions done before via the Risk Grid. ○ The document, under public domain, has been moved to the OpenChain GitHub for ease of access and editing. ● Our outcome was to use this basic format to structure our first round of model provisions, and to have the option of merging the documents in the future.
  • 35. Moving Down The Pyramid - SBOMs in 2023
  • 36. One More Thing… ● Today (2023-05-09) we are releasing the first draft case studies created by ChatGPT on our GitHub. ● These are not intended to replace our community contributions, but to make it fast for people to add ideas and adjustments. ● This will specifically address one of the greatest challenges in creating new material: the initial time spent for drafting. Our community usually enjoys commenting and adjusting more than drafting. ● It took ChatGPT less than ten minutes to create eight case studies: https://github.com/OpenChain-Project/Reference-Material/tree/master/Adoption-Case-Studies/Official/en/ChatGPT
  • 37. Moving Down The Pyramid - SBOMs in 2023
  • 38. We Just Talked About SPDX 3.0
  • 39. OpenChain Supports Both NTIA + CISA SBOM ● ISO/IEC 5230 and ISO/IEC DIS 18974 both require the existence of an SBOM as part of the key requirements of either a quality license compliance or security assurance program. ● We inherently match the guidance provided by NTIA and CISA. ● We are non-prescriptive on the actual SBOM format used, allowing our community the freedom to choose SPDX, CycloneDX or SWID as appropriate to meet their needs. ● We have been positioning the supply chain to meeting The Minimum Elements For a Software Bill of Materials (SBOM) since our inception.
  • 41. Moving Down The Pyramid - “State of the Tooling” in Open Source Automation Helio Chissini de Castro, CARIAD
  • 42. FOSSLight - Next Generation Open Source Automation for Compliance and Security Kyoungae Kim and Soim Kim, LG Electronics