SlideShare a Scribd company logo

A Brief Introduction to OpenChain - May 2020 - Update1

Download as PPTX, PDF
Shane Coughlan
Shane Coughlan

The OpenChain Project defines the key requirements of a quality open source compliance program to help organizations trust their open source supply chain. It establishes common processes, policies, and training for inbound, outbound, and upstream/downstream compliance activities. The OpenChain standard can be met through self-certification, independent compliance assessment, or third-party certification, giving customers and suppliers freedom of choice. The goal is to provide clear, shared best practices for managing open source code and supply chain risks.

1 of 29
How do I trust my open source supply chain?
Context 2 1400+ Members From 41 Countries 80% of Fortune 100 Tech & Telecom 35,000+ Developers Contributing Code 170+ Open Source Projects $16B Shared Value This is the Linux Foundation
Open Compliance Program Solutions Processes Bill of Materials Tooling https://compliance.linuxfoundation.org/ SPS SPDX Tools
4
The OpenChain Project defines the key requirements of a quality open source compliance program.
outbound upstream downstream inbound Training Policy Process OpenChain Defines Inflection Points
Result: Predictable B2B Compliance Activity
9 Example Conformant Organizations
• Main List (3,700+ participants) • GitHub (105+ participants) • Automotive (115+ participants) • Reference Tooling (160+ participants) • China (105+ participants) • Japan (190+ participants) • Korea (40+ participants) • Taiwan (40+ participants) • India (40+ participants) • Germany (30+ participants) Work Groups + Lists + GitHub
Our Online Self-Certification Questionnaire
12 Comprehensive Reference Material
13
14
Partner Program 15
Partner Program 16
Partner Program 17
Partner Program 18
Global Third-Party Certification
OpenChain in ISO – Formal Standardization The OpenChain Project has submitted our specification to ISO via Publicly Available Specification (PAS) in Joint Technical Committee 1 (JTC-1). The ISO submission is available at: • https://wiki.linuxfoundation.org/_media/openchain/openchainsp ec-2.1.draft.pdf Working in partnership with in partnership with Joint Development Foundation we expect to become a formal standard in Q3 2020.
The OpenChain standard can be met by: Self-Certification Independent Compliance Assessment Third Party Certification Freedom of Choice for Customers and Suppliers
Self-Certification is at the heart of the OpenChain industry standard. Companies can access a series of yes/no questions to determine if they have implemented the key requirements of a quality open source compliance program. These questions can be found here: https://certification.openchainproject.org Self-Certification
Independent Compliance Assessment works in the same was as the Independent Assessments in other standards. An independent party such as a law firm, consultancy or accounting firm reviews the product of an OpenChain Self-Assessment and offers guidance on whether they perceive it as complete. Independent Compliance Assessment
Third-Party Certification is a process whereby a certification authority guides a company through an OpenChain Conformance Process. The certification authority then issues a formal certification document. This activity maps precisely to the forms of third-party certification observed around automotive, infrastructure and similar fields. Third-Party Certification
The OpenChain industry standard has been carefully designed by user companies to identify the inflection points where a process, policy or training should be implemented in an open source compliance program. Our experience shows that self-certification is an effective method of reducing risk and increasing efficiency. That said, the choice of self-certification, independent compliance assessment or third-party certification depends on each business sector and customer base. We seek to provide freedom of choice.
OpenChain is run by user companies for user companies. This companies are collaborating to create clear, shared and effective approaches to managing open source code.
OpenChain is well positioned to support and improve supply chain management best practices applicable to vulnerability management. We currently have an active dialogue on how this can be accomplished and all parties are welcome to contribute.
Be Part of This Join our community: https://www.openchainproject.org/get-started Self-Certify or Health Check an organization: https://certification.openchainproject.org
scoughlan@linuxfoundation.org www.openchainproject.org

Recommended

A Brief Introduction to OpenChain - July 2020
A Brief Introduction to OpenChain - July 2020A Brief Introduction to OpenChain - July 2020
A Brief Introduction to OpenChain - July 2020
Shane Coughlan
 
A Brief Introduction to OpenChain - June 2020
A Brief Introduction to OpenChain - June 2020A Brief Introduction to OpenChain - June 2020
A Brief Introduction to OpenChain - June 2020
Shane Coughlan
 
OpenChain at ISO WG21 2020 Plenary - 9th June
OpenChain at ISO WG21 2020 Plenary - 9th JuneOpenChain at ISO WG21 2020 Plenary - 9th June
OpenChain at ISO WG21 2020 Plenary - 9th June
Shane Coughlan
 
A Brief Introduction to OpenChain - May 2020
A Brief Introduction to OpenChain - May 2020A Brief Introduction to OpenChain - May 2020
A Brief Introduction to OpenChain - May 2020
Shane Coughlan
 
OpenChain as a Standard
OpenChain as a StandardOpenChain as a Standard
OpenChain as a Standard
Shane Coughlan
 
Processes Missing from OpenChain
Processes Missing from OpenChainProcesses Missing from OpenChain
Processes Missing from OpenChain
Shane Coughlan
 
Great Open Source Compliance For Everyone - Version 11
Great Open Source Compliance For Everyone - Version 11Great Open Source Compliance For Everyone - Version 11
Great Open Source Compliance For Everyone - Version 11
Shane Coughlan
 
COAC Presentation March 26 2015
COAC Presentation March 26 2015COAC Presentation March 26 2015
COAC Presentation March 26 2015
U.S. Consumer Product Safety Commission
 

Recommended

A Brief Introduction to OpenChain - July 2020
A Brief Introduction to OpenChain - July 2020A Brief Introduction to OpenChain - July 2020
A Brief Introduction to OpenChain - July 2020
Shane Coughlan
 
A Brief Introduction to OpenChain - June 2020
A Brief Introduction to OpenChain - June 2020A Brief Introduction to OpenChain - June 2020
A Brief Introduction to OpenChain - June 2020
Shane Coughlan
 
OpenChain at ISO WG21 2020 Plenary - 9th June
OpenChain at ISO WG21 2020 Plenary - 9th JuneOpenChain at ISO WG21 2020 Plenary - 9th June
OpenChain at ISO WG21 2020 Plenary - 9th June
Shane Coughlan
 
A Brief Introduction to OpenChain - May 2020
A Brief Introduction to OpenChain - May 2020A Brief Introduction to OpenChain - May 2020
A Brief Introduction to OpenChain - May 2020
Shane Coughlan
 
OpenChain as a Standard
OpenChain as a StandardOpenChain as a Standard
OpenChain as a Standard
Shane Coughlan
 
Processes Missing from OpenChain
Processes Missing from OpenChainProcesses Missing from OpenChain
Processes Missing from OpenChain
Shane Coughlan
 
Great Open Source Compliance For Everyone - Version 11
Great Open Source Compliance For Everyone - Version 11Great Open Source Compliance For Everyone - Version 11
Great Open Source Compliance For Everyone - Version 11
Shane Coughlan
 
COAC Presentation March 26 2015
COAC Presentation March 26 2015COAC Presentation March 26 2015
COAC Presentation March 26 2015
U.S. Consumer Product Safety Commission
 
Free and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainFree and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply Chain
Shane Coughlan
 
Open Source in ISO Building the First LF Standard in Fourteen Years and What ...
Open Source in ISO Building the First LF Standard in Fourteen Years and What ...Open Source in ISO Building the First LF Standard in Fourteen Years and What ...
Open Source in ISO Building the First LF Standard in Fourteen Years and What ...
Shane Coughlan
 
A Brief Introduction to OpenChain - February 2020
A Brief Introduction to OpenChain - February 2020A Brief Introduction to OpenChain - February 2020
A Brief Introduction to OpenChain - February 2020
Shane Coughlan
 
Whitepaper For Open Gp
Whitepaper For Open GpWhitepaper For Open Gp
Whitepaper For Open Gp
hansfrisvold
 
OpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case StudiesOpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case Studies
Shane Coughlan
 
OpenAthens Conference 2018 - Don Thibeau - OpenID Connect
OpenAthens Conference 2018 - Don Thibeau - OpenID ConnectOpenAthens Conference 2018 - Don Thibeau - OpenID Connect
OpenAthens Conference 2018 - Don Thibeau - OpenID Connect
OpenAthens
 
Business Process Analysis and Insights COPIS
Business Process Analysis and Insights COPISBusiness Process Analysis and Insights COPIS
Business Process Analysis and Insights COPIS
Arthur L. Burris, Jr, MBA, BB
 
451 Sugarcrm Aslett
451 Sugarcrm Aslett451 Sugarcrm Aslett
451 Sugarcrm Aslett
Matthew Aslett
 
OpenChain 2.0 specification in a nutshell
OpenChain 2.0 specification in a nutshellOpenChain 2.0 specification in a nutshell
OpenChain 2.0 specification in a nutshell
SZ Lin
 
Colombia The Open Group
Colombia The Open GroupColombia The Open Group
Colombia The Open Group
Leonardo Octavio Ramirez Gonzalez
 
Great Open Source Compliance for Everyone - Version 6
Great Open Source Compliance for Everyone - Version 6Great Open Source Compliance for Everyone - Version 6
Great Open Source Compliance for Everyone - Version 6
Shane Coughlan
 
OpenChain: Great Open Source Compliance for Everyone (Version 7)
OpenChain: Great Open Source Compliance for Everyone (Version 7)OpenChain: Great Open Source Compliance for Everyone (Version 7)
OpenChain: Great Open Source Compliance for Everyone (Version 7)
Shane Coughlan
 
Top Software panies to Outsource.pdfTesting Com
Top Software panies to Outsource.pdfTesting ComTop Software panies to Outsource.pdfTesting Com
Top Software panies to Outsource.pdfTesting Com
Mindfire LLC
 
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
Paris Open Source Summit
 
Robotic Process Automation
Robotic Process AutomationRobotic Process Automation
Robotic Process Automation
Next Space Pvt. Ltd
 
'Using OpenChain as a framework for M&A transactions'
'Using OpenChain as a framework for M&A transactions''Using OpenChain as a framework for M&A transactions'
'Using OpenChain as a framework for M&A transactions'
Shane Coughlan
 
OpenChain Germany Work Group Meeting 1
OpenChain Germany Work Group Meeting 1OpenChain Germany Work Group Meeting 1
OpenChain Germany Work Group Meeting 1
Shane Coughlan
 
Agile Practices for Transitioning to SAP S/4HANA®
Agile Practices for Transitioning to SAP S/4HANA® Agile Practices for Transitioning to SAP S/4HANA®
Agile Practices for Transitioning to SAP S/4HANA®
panayaofficial
 
OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17
Shane Coughlan
 
Procurement Exchange - An australian innovation
Procurement Exchange - An australian innovationProcurement Exchange - An australian innovation
Procurement Exchange - An australian innovation
Glenn Turley
 
openEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain SecurityopenEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain Security
Shane Coughlan
 
OpenChain @ LF Japan Executive Briefing - May 2024
OpenChain @ LF Japan Executive Briefing - May 2024OpenChain @ LF Japan Executive Briefing - May 2024
OpenChain @ LF Japan Executive Briefing - May 2024
Shane Coughlan
 

More Related Content

Similar to A Brief Introduction to OpenChain - May 2020 - Update1

Free and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainFree and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply Chain
Shane Coughlan
 
Open Source in ISO Building the First LF Standard in Fourteen Years and What ...
Open Source in ISO Building the First LF Standard in Fourteen Years and What ...Open Source in ISO Building the First LF Standard in Fourteen Years and What ...
Open Source in ISO Building the First LF Standard in Fourteen Years and What ...
Shane Coughlan
 
A Brief Introduction to OpenChain - February 2020
A Brief Introduction to OpenChain - February 2020A Brief Introduction to OpenChain - February 2020
A Brief Introduction to OpenChain - February 2020
Shane Coughlan
 
Whitepaper For Open Gp
Whitepaper For Open GpWhitepaper For Open Gp
Whitepaper For Open Gp
hansfrisvold
 
OpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case StudiesOpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case Studies
Shane Coughlan
 
OpenAthens Conference 2018 - Don Thibeau - OpenID Connect
OpenAthens Conference 2018 - Don Thibeau - OpenID ConnectOpenAthens Conference 2018 - Don Thibeau - OpenID Connect
OpenAthens Conference 2018 - Don Thibeau - OpenID Connect
OpenAthens
 
Business Process Analysis and Insights COPIS
Business Process Analysis and Insights COPISBusiness Process Analysis and Insights COPIS
Business Process Analysis and Insights COPIS
Arthur L. Burris, Jr, MBA, BB
 
451 Sugarcrm Aslett
451 Sugarcrm Aslett451 Sugarcrm Aslett
451 Sugarcrm Aslett
Matthew Aslett
 
OpenChain 2.0 specification in a nutshell
OpenChain 2.0 specification in a nutshellOpenChain 2.0 specification in a nutshell
OpenChain 2.0 specification in a nutshell
SZ Lin
 
Colombia The Open Group
Colombia The Open GroupColombia The Open Group
Colombia The Open Group
Leonardo Octavio Ramirez Gonzalez
 
Great Open Source Compliance for Everyone - Version 6
Great Open Source Compliance for Everyone - Version 6Great Open Source Compliance for Everyone - Version 6
Great Open Source Compliance for Everyone - Version 6
Shane Coughlan
 
OpenChain: Great Open Source Compliance for Everyone (Version 7)
OpenChain: Great Open Source Compliance for Everyone (Version 7)OpenChain: Great Open Source Compliance for Everyone (Version 7)
OpenChain: Great Open Source Compliance for Everyone (Version 7)
Shane Coughlan
 
Top Software panies to Outsource.pdfTesting Com
Top Software panies to Outsource.pdfTesting ComTop Software panies to Outsource.pdfTesting Com
Top Software panies to Outsource.pdfTesting Com
Mindfire LLC
 
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
Paris Open Source Summit
 
Robotic Process Automation
Robotic Process AutomationRobotic Process Automation
Robotic Process Automation
Next Space Pvt. Ltd
 
'Using OpenChain as a framework for M&A transactions'
'Using OpenChain as a framework for M&A transactions''Using OpenChain as a framework for M&A transactions'
'Using OpenChain as a framework for M&A transactions'
Shane Coughlan
 
OpenChain Germany Work Group Meeting 1
OpenChain Germany Work Group Meeting 1OpenChain Germany Work Group Meeting 1
OpenChain Germany Work Group Meeting 1
Shane Coughlan
 
Agile Practices for Transitioning to SAP S/4HANA®
Agile Practices for Transitioning to SAP S/4HANA® Agile Practices for Transitioning to SAP S/4HANA®
Agile Practices for Transitioning to SAP S/4HANA®
panayaofficial
 
OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17
Shane Coughlan
 
Procurement Exchange - An australian innovation
Procurement Exchange - An australian innovationProcurement Exchange - An australian innovation
Procurement Exchange - An australian innovation
Glenn Turley
 

Similar to A Brief Introduction to OpenChain - May 2020 - Update1 (20)

Free and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainFree and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply Chain
 
Open Source in ISO Building the First LF Standard in Fourteen Years and What ...
Open Source in ISO Building the First LF Standard in Fourteen Years and What ...Open Source in ISO Building the First LF Standard in Fourteen Years and What ...
Open Source in ISO Building the First LF Standard in Fourteen Years and What ...
 
A Brief Introduction to OpenChain - February 2020
A Brief Introduction to OpenChain - February 2020A Brief Introduction to OpenChain - February 2020
A Brief Introduction to OpenChain - February 2020
 
Whitepaper For Open Gp
Whitepaper For Open GpWhitepaper For Open Gp
Whitepaper For Open Gp
 
OpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case StudiesOpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case Studies
 
OpenAthens Conference 2018 - Don Thibeau - OpenID Connect
OpenAthens Conference 2018 - Don Thibeau - OpenID ConnectOpenAthens Conference 2018 - Don Thibeau - OpenID Connect
OpenAthens Conference 2018 - Don Thibeau - OpenID Connect
 
Business Process Analysis and Insights COPIS
Business Process Analysis and Insights COPISBusiness Process Analysis and Insights COPIS
Business Process Analysis and Insights COPIS
 
451 Sugarcrm Aslett
451 Sugarcrm Aslett451 Sugarcrm Aslett
451 Sugarcrm Aslett
 
OpenChain 2.0 specification in a nutshell
OpenChain 2.0 specification in a nutshellOpenChain 2.0 specification in a nutshell
OpenChain 2.0 specification in a nutshell
 
Colombia The Open Group
Colombia The Open GroupColombia The Open Group
Colombia The Open Group
 
Great Open Source Compliance for Everyone - Version 6
Great Open Source Compliance for Everyone - Version 6Great Open Source Compliance for Everyone - Version 6
Great Open Source Compliance for Everyone - Version 6
 
OpenChain: Great Open Source Compliance for Everyone (Version 7)
OpenChain: Great Open Source Compliance for Everyone (Version 7)OpenChain: Great Open Source Compliance for Everyone (Version 7)
OpenChain: Great Open Source Compliance for Everyone (Version 7)
 
Top Software panies to Outsource.pdfTesting Com
Top Software panies to Outsource.pdfTesting ComTop Software panies to Outsource.pdfTesting Com
Top Software panies to Outsource.pdfTesting Com
 
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
 
Robotic Process Automation
Robotic Process AutomationRobotic Process Automation
Robotic Process Automation
 
'Using OpenChain as a framework for M&A transactions'
'Using OpenChain as a framework for M&A transactions''Using OpenChain as a framework for M&A transactions'
'Using OpenChain as a framework for M&A transactions'
 
OpenChain Germany Work Group Meeting 1
OpenChain Germany Work Group Meeting 1OpenChain Germany Work Group Meeting 1
OpenChain Germany Work Group Meeting 1
 
Agile Practices for Transitioning to SAP S/4HANA®
Agile Practices for Transitioning to SAP S/4HANA® Agile Practices for Transitioning to SAP S/4HANA®
Agile Practices for Transitioning to SAP S/4HANA®
 
OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17OpenChain Legal Work Group - 2024-01-17
OpenChain Legal Work Group - 2024-01-17
 
Procurement Exchange - An australian innovation
Procurement Exchange - An australian innovationProcurement Exchange - An australian innovation
Procurement Exchange - An australian innovation
 

More from Shane Coughlan

openEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain SecurityopenEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain Security
Shane Coughlan
 
OpenChain @ LF Japan Executive Briefing - May 2024
OpenChain @ LF Japan Executive Briefing - May 2024OpenChain @ LF Japan Executive Briefing - May 2024
OpenChain @ LF Japan Executive Briefing - May 2024
Shane Coughlan
 
OpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCAOpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCA
Shane Coughlan
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
Shane Coughlan
 
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingOpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
Shane Coughlan
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
Shane Coughlan
 
OpenChain Monthly Meeting North America and Asia - 2024-03-19
OpenChain Monthly Meeting North America and Asia - 2024-03-19OpenChain Monthly Meeting North America and Asia - 2024-03-19
OpenChain Monthly Meeting North America and Asia - 2024-03-19
Shane Coughlan
 
OpenChain Webinar: Universal CVSS Calculator
OpenChain Webinar: Universal CVSS CalculatorOpenChain Webinar: Universal CVSS Calculator
OpenChain Webinar: Universal CVSS Calculator
Shane Coughlan
 
openEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scaleopenEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scale
Shane Coughlan
 
OpenChain AI Study Group - North America and Europe - 2024-02-20
OpenChain AI Study Group - North America and Europe - 2024-02-20OpenChain AI Study Group - North America and Europe - 2024-02-20
OpenChain AI Study Group - North America and Europe - 2024-02-20
Shane Coughlan
 
AI Study Group North America - Europe 2024-02-06
AI Study Group North America - Europe 2024-02-06AI Study Group North America - Europe 2024-02-06
AI Study Group North America - Europe 2024-02-06
Shane Coughlan
 
OpenChain Monthly North America / Europe Call - 2024-02-06
OpenChain Monthly North America / Europe Call - 2024-02-06OpenChain Monthly North America / Europe Call - 2024-02-06
OpenChain Monthly North America / Europe Call - 2024-02-06
Shane Coughlan
 
OpenChain Export Control Work Group 2024-01-09
OpenChain Export Control Work Group 2024-01-09OpenChain Export Control Work Group 2024-01-09
OpenChain Export Control Work Group 2024-01-09
Shane Coughlan
 
Openchain AI Study Group 2024-01-23.pptx
Openchain AI Study Group 2024-01-23.pptxOpenchain AI Study Group 2024-01-23.pptx
Openchain AI Study Group 2024-01-23.pptx
Shane Coughlan
 
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
Shane Coughlan
 
Maturity Models - Open Compliance Summit 2023
Maturity Models - Open Compliance Summit 2023Maturity Models - Open Compliance Summit 2023
Maturity Models - Open Compliance Summit 2023
Shane Coughlan
 
OpenChain Annual Report 2023 - Key Metrics Slides
OpenChain Annual Report 2023 - Key Metrics SlidesOpenChain Annual Report 2023 - Key Metrics Slides
OpenChain Annual Report 2023 - Key Metrics Slides
Shane Coughlan
 
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
Shane Coughlan
 
FOSSLight Community Day 2023-11-30
FOSSLight Community Day 2023-11-30FOSSLight Community Day 2023-11-30
FOSSLight Community Day 2023-11-30
Shane Coughlan
 
OpenChain Webinar #56: Generative AI and Your Code
OpenChain Webinar #56: Generative AI and Your CodeOpenChain Webinar #56: Generative AI and Your Code
OpenChain Webinar #56: Generative AI and Your Code
Shane Coughlan
 

More from Shane Coughlan (20)

openEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain SecurityopenEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain Security
 
OpenChain @ LF Japan Executive Briefing - May 2024
OpenChain @ LF Japan Executive Briefing - May 2024OpenChain @ LF Japan Executive Briefing - May 2024
OpenChain @ LF Japan Executive Briefing - May 2024
 
OpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCAOpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCA
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingOpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
 
OpenChain Monthly Meeting North America and Asia - 2024-03-19
OpenChain Monthly Meeting North America and Asia - 2024-03-19OpenChain Monthly Meeting North America and Asia - 2024-03-19
OpenChain Monthly Meeting North America and Asia - 2024-03-19
 
OpenChain Webinar: Universal CVSS Calculator
OpenChain Webinar: Universal CVSS CalculatorOpenChain Webinar: Universal CVSS Calculator
OpenChain Webinar: Universal CVSS Calculator
 
openEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scaleopenEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scale
 
OpenChain AI Study Group - North America and Europe - 2024-02-20
OpenChain AI Study Group - North America and Europe - 2024-02-20OpenChain AI Study Group - North America and Europe - 2024-02-20
OpenChain AI Study Group - North America and Europe - 2024-02-20
 
AI Study Group North America - Europe 2024-02-06
AI Study Group North America - Europe 2024-02-06AI Study Group North America - Europe 2024-02-06
AI Study Group North America - Europe 2024-02-06
 
OpenChain Monthly North America / Europe Call - 2024-02-06
OpenChain Monthly North America / Europe Call - 2024-02-06OpenChain Monthly North America / Europe Call - 2024-02-06
OpenChain Monthly North America / Europe Call - 2024-02-06
 
OpenChain Export Control Work Group 2024-01-09
OpenChain Export Control Work Group 2024-01-09OpenChain Export Control Work Group 2024-01-09
OpenChain Export Control Work Group 2024-01-09
 
Openchain AI Study Group 2024-01-23.pptx
Openchain AI Study Group 2024-01-23.pptxOpenchain AI Study Group 2024-01-23.pptx
Openchain AI Study Group 2024-01-23.pptx
 
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
OpenChain Webinar #58 - FOSS License Management through aliens4friends in Ecl...
 
Maturity Models - Open Compliance Summit 2023
Maturity Models - Open Compliance Summit 2023Maturity Models - Open Compliance Summit 2023
Maturity Models - Open Compliance Summit 2023
 
OpenChain Annual Report 2023 - Key Metrics Slides
OpenChain Annual Report 2023 - Key Metrics SlidesOpenChain Annual Report 2023 - Key Metrics Slides
OpenChain Annual Report 2023 - Key Metrics Slides
 
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
OpenChain Webinar 57 - The Open Source Initiative - 2023-11-27
 
FOSSLight Community Day 2023-11-30
FOSSLight Community Day 2023-11-30FOSSLight Community Day 2023-11-30
FOSSLight Community Day 2023-11-30
 
OpenChain Webinar #56: Generative AI and Your Code
OpenChain Webinar #56: Generative AI and Your CodeOpenChain Webinar #56: Generative AI and Your Code
OpenChain Webinar #56: Generative AI and Your Code
 

Recently uploaded

Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j
 
Top Benefits of Using Salesforce Healthcare CRM for Patient Management.pdf
Top Benefits of Using Salesforce Healthcare CRM for Patient Management.pdfTop Benefits of Using Salesforce Healthcare CRM for Patient Management.pdf
Top Benefits of Using Salesforce Healthcare CRM for Patient Management.pdf
VALiNTRY360
 
Using Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query PerformanceUsing Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query Performance
Grant Fritchey
 
What is Master Data Management by PiLog Group
What is Master Data Management by PiLog GroupWhat is Master Data Management by PiLog Group
What is Master Data Management by PiLog Group
aymanquadri279
 
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CDKuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
rodomar2
 
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, FactsALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
Green Software Development
 
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of CodeA Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
Aftab Hussain
 
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
mz5nrf0n
 
GreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-JurisicGreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-Jurisic
Green Software Development
 
Graspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code AnalysisGraspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code Analysis
Aftab Hussain
 
Webinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for EmbeddedWebinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for Embedded
ICS
 
E-commerce Development Services- Hornet Dynamics
E-commerce Development Services- Hornet DynamicsE-commerce Development Services- Hornet Dynamics
E-commerce Development Services- Hornet Dynamics
Hornet Dynamics
 
Microservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we workMicroservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we work
Sven Peters
 
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdfVitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke
 
Unveiling the Advantages of Agile Software Development.pdf
Unveiling the Advantages of Agile Software Development.pdfUnveiling the Advantages of Agile Software Development.pdf
Unveiling the Advantages of Agile Software Development.pdf
brainerhub1
 
Oracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptxOracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptx
Remote DBA Services
 
Odoo ERP Vs. Traditional ERP Systems – A Comparative Analysis
Odoo ERP Vs. Traditional ERP Systems – A Comparative AnalysisOdoo ERP Vs. Traditional ERP Systems – A Comparative Analysis
Odoo ERP Vs. Traditional ERP Systems – A Comparative Analysis
Envertis Software Solutions
 
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian CompaniesE-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
Quickdice ERP
 
How to write a program in any programming language
How to write a program in any programming languageHow to write a program in any programming language
How to write a program in any programming language
Rakesh Kumar R
 
WWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders AustinWWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders Austin
Patrick Weigel
 

Recently uploaded (20)

Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
 
Top Benefits of Using Salesforce Healthcare CRM for Patient Management.pdf
Top Benefits of Using Salesforce Healthcare CRM for Patient Management.pdfTop Benefits of Using Salesforce Healthcare CRM for Patient Management.pdf
Top Benefits of Using Salesforce Healthcare CRM for Patient Management.pdf
 
Using Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query PerformanceUsing Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query Performance
 
What is Master Data Management by PiLog Group
What is Master Data Management by PiLog GroupWhat is Master Data Management by PiLog Group
What is Master Data Management by PiLog Group
 
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CDKuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
 
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, FactsALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
 
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of CodeA Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
 
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
 
GreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-JurisicGreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-Jurisic
 
Graspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code AnalysisGraspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code Analysis
 
Webinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for EmbeddedWebinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for Embedded
 
E-commerce Development Services- Hornet Dynamics
E-commerce Development Services- Hornet DynamicsE-commerce Development Services- Hornet Dynamics
E-commerce Development Services- Hornet Dynamics
 
Microservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we workMicroservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we work
 
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdfVitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdf
 
Unveiling the Advantages of Agile Software Development.pdf
Unveiling the Advantages of Agile Software Development.pdfUnveiling the Advantages of Agile Software Development.pdf
Unveiling the Advantages of Agile Software Development.pdf
 
Oracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptxOracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptx
 
Odoo ERP Vs. Traditional ERP Systems – A Comparative Analysis
Odoo ERP Vs. Traditional ERP Systems – A Comparative AnalysisOdoo ERP Vs. Traditional ERP Systems – A Comparative Analysis
Odoo ERP Vs. Traditional ERP Systems – A Comparative Analysis
 
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian CompaniesE-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
 
How to write a program in any programming language
How to write a program in any programming languageHow to write a program in any programming language
How to write a program in any programming language
 
WWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders AustinWWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders Austin
 

A Brief Introduction to OpenChain - May 2020 - Update1

  • 1. How do I trust my open source supply chain?
  • 2. Context 2 1400+ Members From 41 Countries 80% of Fortune 100 Tech & Telecom 35,000+ Developers Contributing Code 170+ Open Source Projects $16B Shared Value This is the Linux Foundation
  • 3. Open Compliance Program Solutions Processes Bill of Materials Tooling https://compliance.linuxfoundation.org/ SPS SPDX Tools
  • 4. 4
  • 5. The OpenChain Project defines the key requirements of a quality open source compliance program.
  • 7. Result: Predictable B2B Compliance Activity
  • 8.
  • 10. • Main List (3,700+ participants) • GitHub (105+ participants) • Automotive (115+ participants) • Reference Tooling (160+ participants) • China (105+ participants) • Japan (190+ participants) • Korea (40+ participants) • Taiwan (40+ participants) • India (40+ participants) • Germany (30+ participants) Work Groups + Lists + GitHub
  • 13. 13
  • 14. 14
  • 20. OpenChain in ISO – Formal Standardization The OpenChain Project has submitted our specification to ISO via Publicly Available Specification (PAS) in Joint Technical Committee 1 (JTC-1). The ISO submission is available at: • https://wiki.linuxfoundation.org/_media/openchain/openchainsp ec-2.1.draft.pdf Working in partnership with in partnership with Joint Development Foundation we expect to become a formal standard in Q3 2020.
  • 21. The OpenChain standard can be met by: Self-Certification Independent Compliance Assessment Third Party Certification Freedom of Choice for Customers and Suppliers
  • 22. Self-Certification is at the heart of the OpenChain industry standard. Companies can access a series of yes/no questions to determine if they have implemented the key requirements of a quality open source compliance program. These questions can be found here: https://certification.openchainproject.org Self-Certification
  • 23. Independent Compliance Assessment works in the same was as the Independent Assessments in other standards. An independent party such as a law firm, consultancy or accounting firm reviews the product of an OpenChain Self-Assessment and offers guidance on whether they perceive it as complete. Independent Compliance Assessment
  • 24. Third-Party Certification is a process whereby a certification authority guides a company through an OpenChain Conformance Process. The certification authority then issues a formal certification document. This activity maps precisely to the forms of third-party certification observed around automotive, infrastructure and similar fields. Third-Party Certification
  • 25. The OpenChain industry standard has been carefully designed by user companies to identify the inflection points where a process, policy or training should be implemented in an open source compliance program. Our experience shows that self-certification is an effective method of reducing risk and increasing efficiency. That said, the choice of self-certification, independent compliance assessment or third-party certification depends on each business sector and customer base. We seek to provide freedom of choice.
  • 26. OpenChain is run by user companies for user companies. This companies are collaborating to create clear, shared and effective approaches to managing open source code.
  • 27. OpenChain is well positioned to support and improve supply chain management best practices applicable to vulnerability management. We currently have an active dialogue on how this can be accomplished and all parties are welcome to contribute.
  • 28. Be Part of This Join our community: https://www.openchainproject.org/get-started Self-Certify or Health Check an organization: https://certification.openchainproject.org