The OpenChain project, supported by the Linux Foundation, establishes a standardized compliance framework for organizations utilizing open source software. It offers flexible processes, self-certification options, and reference materials to aid firms in achieving conformance, promoting community engagement. Key developments include international partnerships, notable board member additions, and a move towards formal standardization.

1. Great Open Source Compliance For Everyone
OpenChain Project - The Linux Foundation
Available under the CC Attribution-NoDerivatives 4.0 International license.

4. Compliance – A gateway to access

5. How do I trust my open source supply chain?

6. The OpenChain Project defines the key requirements
for a quality compliance program.

7. OpenChain is a simple, effective standard for
organizations of all sizes in all markets.

8. Training
Policy
Process
Inbound Outbound

9. Companies have the flexibility to decide the content of
each specific process, policies and training.

10. OpenChain is run by users companies for user
companies.

11. 11

12. 12
Publicly Announced Conformant Programs

14. Our New Responsive Self-Certification App

15. Self-Certify or “Health Check” for free and in private:
https://certification.openchainproject.org

16. 45% of organizations access the web app for
conformance, 45% access it for health checks.

17. If a company can answer “Yes” to each question they
are OpenChain Conformant.

18. Audited Certification is an Option

19. OpenChain is Community First

20. The OpenChain Project provides reference material to
help with conformance.

23. 23

24. Work Teams supporting OpenChain:
1. Specification - Chaired by Mark Gisi (Wind River)
2. Conformance - Chaired by Miriam Ballhausen (SCA)
3. Curriculum - Chaired by Alexios Zavros (Intel)
4. Onboarding - Chaired by Nathan Kumagai (Qualcomm)

25. 25

26. Recent Progress
1. International Partners - from law firms to certification authorities
in Europe, Asia and the Americas
2. Significant new board members like Toshiba, Facebook, Google,
Uber and Microsoft
3. A move towards formal standardization via the PAS process for ISO
with ETA Q1 2020

27. Meetings in Japan
0
10
20
30
40
50
60
70
2017/Dec/27 2018/Feb/22 2018/Apr/19 2018/Jun/13 2018/Aug/31 2018/Oct/31 2018/Nov/20 2018/Dec/5 2019/Feb/28 2019/Apr/xx
Num. of attendees Num. of entities Linear (Num. of attendees) Linear (Num. of entities)
Sub Group活動開始

28. Japanese Mailing List
14
22
34
75
90
97
108
8
13
18
37
40
42
48
0
20
40
60
80
100
120
2/6/2018 3/6/2018 4/6/2018 5/6/2018 6/6/2018 7/6/2018 8/6/2018 9/6/2018 10/6/2018 11/6/2018 12/6/2018 1/6/2019 2/6/2019
Japan WG ML registration
Person Entity

29. OpenChain: raising all the boats for the benefit of all.

30. This is how we address software in the supply chain.

31. Be part of this
Join the community:
https://www.openchainproject.org/community
Self-certify or Health Check an organization:
https://certification.openchainproject.org

32. coughlan@linux.com