Skip to main content
Category

Featured

OpenChain Webinar #3: Contribution Policies + OpenChain in M&A – Coming May 4th

By Featured, News

The OpenChain Project has launched a series of bi-weekly free webinars that provide access to people and knowledge that we would otherwise obtain at events. We hold our third meeting on Monday the 4th of May at 9am Pacific with four guest speakers.

Tobie Langel will speak about ‘Open Source Contribution Policies That Don’t Suck.’ In his own words: Open source contribution policies are long, boring, overlooked documents, that generally suck. They’re designed to protect the company at all costs. But in the process, end up hurting engineering productivity, and morale. Sometimes they even unknowingly put corporate IP at risk. But that’s not inevitable. It’s possible to write open source contribution policies that make engineers lives easier, boost morale and productivity, reduce attrition, and attract new talent. And it’s possible to do so while reducing the company’s IP risk, not increasing it.

Leon Schwartz and Tony Decicco from GTC Law will provide an overview of open source-related topics in the context of mergers, acquisitions, financings, investments, IPOs, divestitures, loans, customer license agreements, rep and warranty insurance and other transactions.  This will span:

  • Types of open source risk
  • open source due diligence as part of transactions
  • open source-related terms in agreements
  • The strategic use of open source in transactions

Andrew Katz will present a due diligence questionnaire and sample warranties based on the the OpenChain specification, and will explain how adoption of this framework will drive further adoption of the standard. This builds on the observation that the OpenChain specification provides a great framework for due diligence and share purchase agreement warranties, even where the target is a software company which is not OpenChain compliant.

Each talk will run for 10~15 minutes and there will be plenty of time for questions, comments and suggestions. As with all OpenChain Project activities, our goal is to facilitate knowledge-sharing between peers.

Everyone is invited to join this free webinar via zoom. It will also be recorded and made available later on our website.

Join Our Zoom Meeting

Password *

  • 123456

One Tap Telephone (no screensharing)

  • +358 9 4245 1488,,9990120120# Finland
  • +33 7 5678 4048,,9990120120# France
  • +49 69 7104 9922,,9990120120# Germany
  • +852 5808 6088,,9990120120# Hong Kong
  • +39 069 480 6488,,9990120120# Italy
  • +353 6 163 9031,,9990120120# Ireland
  • +81 524 564 439,,9990120120# Japan
  • +82 2 6105 4111,,9990120120# Korea
  • +34 917 873 431,,9990120120# Spain
  • +46 850 539 728,,9990120120# Sweden
  • +41 43 210 71 08,,9990120120# Switzerland
  • +44 330 088 5830,,9990120120# UK
  • +16699006833,,9990120120# US (San Jose)
  • +12532158782,,9990120120# US

Find your local number: https://zoom.us/u/abeUqy3kYQ
Not all countries have available numbers.

After dialing the local number enter 9990120120#

OpenChain Webinar #2 – China Update + Facebook Case Study – Full Recording

By Featured, News, Webinar

The OpenChain Project has launched a series of bi-weekly free webinars that provide access to people and knowledge that we would otherwise obtain at events. You can join us every month on the First Monday (9am Pacific) and Third Monday (5pm Pacific).

Who Presented in Webinar #2?

Maggie Wang spoke about OpenChain in China. Maggie’s background ranges from working as an in-house at Huawei to acting as the China representative for Ladas and Parry. Her unique experience in-house and as outside counsel positions her perfectly to help contextualize where we are with regards compliance, standardization and business reality in one of our most important markets.

Michael Cheng spoke about OpenChain at Facebook, a topic that ranges from adoption activity and broader leadership in the compliance space by the company. His perspective will provide added value given the simultaneous decision by Facebook, Google and Uber to join OpenChain as Platinum Members in late 2018, and plenty of runway for our audience to ask questions about real-life lessons learned.

Learn More About Our Webinars

OSSライセンスに関するFAQサブグループのご紹介

By Featured, News

こんにちは。富士通株式会社の大内です。
Advent Calendar 4日目は、FAQサブグループの活動を紹介します。

活動成果

 FAQサブグループでは、「OSSライセンス関連でよくある誤解」というタイトルのFAQを作成して公開しています。今年の7月に公開したバージョン3では、20個のQAを掲載しています。
 下記URLの「成果物 / Outcomes」から「FAQ」をご参照ください。
  https://wiki.linuxfoundation.org/openchain/jwg_outcomes_page

 今回は、このサブグループを立ち上げたきっかけや、活動内容を紹介したいと思います。

きっかけ

 私は知財部門に所属しており、OSSに関しては、ライセンス条件を遵守するためのガイドラインや教材等を作成して、社内の開発部門を支援しています。

 ある時、1年間程、一緒に活動していたプロジェクトの営業さんと、立ち話しでライセンスのことを話していたところ、
「製品の使用許諾書には、改変したり、配布したりしてはいけないって書いてあるからできないけど、OSSは禁止って書いてないから、自由に改変したり、配布したりできるってことですよね。」
と言われました。

 「エッ!、そこが分かってなかったの?」
 「禁止って書いてなくても、やっていいって書いてなかったら、改変したり、コピーしたものをお客様へ配布したりできないんですよ!!」

 インターネットから無償でダウンロードできるソフトウェアには、OSS以外にも様々な条件のものがあるため、著作権の基本事項がきちんと分かっていないと間違いを起こしてしまいます。
 社内教育では著作権の基本事項を説明していますが、技術者の中にも、OSSを利用する際、著作権がどのような場面で関係してくるのか、きちんと理解できていない人がいるかもしれません。
 そこで、社内外のセミナーでよくある質問や、開発者が誤解してそうな内容を簡単にまとめて紹介したら面白いかなと思い、いくつかのQAを作成してみました。

 このQAをOpenChain Japan WGの全体会合で紹介したところ、「各社に共通する内容だ!」と共感してもらいました。そしてサブグループを立ち上げてQAを更新、ブラッシュアップしていくことになりました。
 2018年10月18日にキックオフを行い、現在、26名が参加しています。

活動方針

 QAの作成は、以下の方針としました。

 1. 対象者は、著作権やOSSライセンスにあまり詳しくない技術者とする。
 2. 各社に共通する一般的な内容を作成する。
 3. ビジネスの背景により判断が分かれる内容は記載しない。
 4. IPA、SOFTIC、OSSコミュニティ等から関連するドキュメントやサイトが公開されている場合は、本QAでの詳細説明は行わず、参照するドキュメントを記載する。
 5. 公開する前に弁護士レビューを受ける。

 また、サブグループのメンバーは、様々な会社の人から構成されており、経験しているビジネスも異なるため、本音で会話できるようにChatham House Rule(会話した内容は利用できるが、誰が言ったかは口外しない)を採用することにしました。

FAQフォーマット

 技術者は、開発に忙しいですし、法律っぽい解説書にはあまり興味を持ってもらえません。そこで、簡単にポイントが分かるように、QAのフォーマットを以下の構成とし、PowerPointにまとめることにしました。
 (1)タイトル
 (2)質問
 (3)はい/いいえの回答
 (4)解説

image.png

 FAQを公開する際のライセンスは、CC0-1.0(パブリックドメイン)ですので、各社が自社のビジネスに合わせて自由に複製、改変して教育等で利用することもできます。

コミュニケーション

 サブグループでのQAの検討は、OpenChain JAPAN WGとは別にSLACKを立ち上げ、QAの候補案を集め、参加者がコメントする運用としました。

しかし、実際に開始してみると、コメントが出るタイミングがバラバラのため、QAがいつFIXしたかを判断するのが難しく、また、QAが出された背景を共通認識していないとポイントがズレてしまうということが分かりました。
 そこで、現在は、SLACKでコメントを出し合った後、オフ会で最終レビューする運用としています。

オフ会を開催してみると、参加者が経験しているビジネス分野が異なるため、自分が想定していなかった経験談を聞いて新たな気付きがあったり、技術と絡めたライセンスの解釈を聞くことができたりして、とても勉強になります。何より、ライセンス遵守という共通課題を持ったメンバーと会話するのは、とにかく面白いです。

 先日もオフ会を開催し、近日中にバージョン4を公開する予定ですので、ぜひ、ご活用ください。また、掲載希望のQAがありましたら、ご連絡願います。

参加のお誘い

 OSSライセンスについて勉強したい、あるいはライセンス条件を遵守するための活動に貢献したいという人は、ぜひ、FAQサブグループにご参加いただけますと幸いです。

参考

 FAQサブグループは、オープンソースライセンス研究所とコラボしています。
 こちらの研究所からは、一般的なQAに加えて、著名なライセンスに関するQAも公開していますので、こちらもご活用ください。

 ・下記URLの「公開資料」から「OSSライセンス簡単FAQ」を参照
  https://www.osll.jp/outline/reference/#_33

明日のテーマは

 明日のテーマは、「Toolingサブワークグループの活動紹介」です。
 担当は、いつも元気に分かりやすくツールの説明をしてくださる小林さんです。
 どんなツールがあるのか、楽しみです。

OpenChain Japan Work Group – Online Meeting – April 23rd at 1pm Tokyo Time

By Featured, News

The OpenChain Japan Work Group will host an online meeting on the 23rd of April. This meeting will feature reports from six of the sub-groups and will have plenty of time for questions or comments. This meeting will be held in the Japanese language and is open to everyone.

開催日: 2020年4月23日(木)
場所:  Zoom(SocioNextさんのご厚意にて利用予定)
https://socionext.zoom.us/j/99975267803?pwd=M25XMnJLaWlYRi9hWkxESVFleWp5UT09
時間:  午後1時~3時30分(暫定)を予定。
内容:  各サブグループの活動内容紹介
     Promotion subgroup
     FAQ subgroup
     Leaflet subgroup
     Education subgroup
     License Info subgroup
     Tooling subgroup
     説明15分、QA5分程度を予定しています。

OSS Engineering Consultants is the Latest OpenChain Partner

By Featured, News

SAN FRANCISCO, APRIL 20, 2020 – The OpenChain Project is excited to announce OSS Engineering Consultants (OSSEC) as our latest partner organization. A consulting firm based in North America, OSSEC provides a unique and proven solution for managing OSS use for organizations with complex software supply chains.

OSSEC (www.ossengineeringconsultants.com) focuses on helping organizations looking to implement an efficient and holistic governance structure to empower developers and promote collaboration. OSSEC’s goal is to improve developers’ efficiencies and productivity within the organization by building a thorough and compliant OSS process, all while managing risk.

Prior to starting OSS Engineering Consultants (OSSEC), Russ Eling spent over 20 years in several engineering and systems engineering roles at General Motors, one of the largest automotive OEMs in the world. Russ developed a successful OSS program at General Motors in 2013, which is now regarded as the most comprehensive program in the automotive industry. He designed and implemented a process and system for managing OSS use and compliance in every GM vehicle across the globe. This process is still in use today.

“The automotive industry has one of the most intricate and complex supply chains in existence,” says Russ Eling, CEO and Founder, “Despite these challenges, we were able to implement a simplified process and unified system to bring it all together. We developed a method that simplifies complexities and mitigates risk, and we look forward to helping other organizations that face similar challenges, regardless of their industry.”

“The key to successful deployment in complex industries like automotive is having great processes in place,” says Shane Coughlan, OpenChain General Manager. “The creation and implementation of these processes requires standards such as OpenChain to provide a framework, as well as the institutional knowledge and experience of parties in that field. Russ is tremendously experienced in compliance process management and we will be working closely with him in ensuring companies and suppliers of all sizes can effectively engage with our industry standard for compliance.”

About OSS Engineering Consultants

OSS Engineering Consultants (www.ossengineeringconsultants.com) is a global consulting firm providing flexible end-to-end OSS system ideation, implementation, and execution solutions. Based just outside of Detroit, MI, USA, OSSEC has over 20 years of successful experience in automotive engineering, including extensive experience and community contacts in the open source compliance industry.

About the OpenChain Project

The OpenChain Project builds trust in open source by making open source license compliance simpler and more consistent. The OpenChain Specification defines a core set of requirements every quality compliance program must satisfy. The OpenChain Curriculum provides the educational foundation for open source processes and solutions, whilst meeting a key requirement of the OpenChain Specification. OpenChain Conformance allows organizations to display their adherence to these requirements. The result is that open source license compliance becomes more predictable, understandable and efficient for participants of the software supply chain. More information can be found at . 

About The Linux Foundation

The Linux Foundation is the organization of choice for the world’s top developers and companies to build ecosystems that accelerate open technology development and industry adoption. Together with the worldwide open source community, it is solving the hardest technology problems by creating the largest shared technology investment in history. Founded in 2000, The Linux Foundation today provides tools, training and events to scale any open source project, which together deliver an economic impact not achievable by any one company. More information can be found at .

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: . 

Linux is a registered trademark of Linus Torvalds.

Media Contacts: 

OpenChain Project
Shane Coughlan
+818040358083

OSS Engineering Consultants
Russ Eling
+1 313-730-4677
russ@ossengineeringconsultants.com

FOSSID Webinar: OpenChain, Standardization and Real World Deployment – April 29th @ 2pm Pacific

By Featured, News

Max Gnipping of FOSSID and Shane Coughlan of OpenChain will co-host a free, interactive webinar to discuss OpenChain, standardization and the path to real world utilization. This is an event hosted by our partners at FOSSID and is open to everyone. It is a great way to get started with our industry standard or to explore cross-division adoption.

Register for this Free Event

Siemens Announces OpenChain 2.0 Conformance

By Featured, News

Siemens, an OpenChain Platinum Member and pioneer of adoption around our standard, has announced OpenChain 2.0 conformance. This builds on their previous public work in describing their journey and announcing 1.1 conformance in April 2017.

“The adoption of OpenChain 2.0 by Siemens continues their leadership in the space of open source compliance,” says Shane Coughlan, OpenChain General Manager. “This version of our standard is functionally identical to our ISO submission, positioning Siemens to become one of the first companies to adhere to our ISO release later in 2020. My congratulations to Oliver and all the team. I look forward to taking next steps together.”

OpenChain Reference Tooling Work Group – Meeting #13 – Presentation Slides

By Featured, News

The OpenChain Reference Tooling Work Group held its 13th meeting on the 8th of April.

You can find the recordings of Scot Petersons presentation as well as his presentations slides here:

https://github.com/Open-Source-Compliance/Sharing-creates-value/tree/master/Tooling-Landscape/Meeting-Material/Meeting-20200408

Catch up on minutes from all previous meetings

OpenChain Webinar #2: OpenChain in China (Maggie) and OpenChain at Facebook (Michael) – Coming April 20th

By Featured, News

The OpenChain Project has launched a series of bi-weekly free webinars that provide access to people and knowledge that we would otherwise obtain at events. We hold our second meeting on Monday the 20th of April at 5pm Pacific (8am Tuesday in Beijing and Taipei, 9am Tuesday in Seoul and Tokyo) with two guest speakers.

Maggie Wang will speak about OpenChain in China. Maggie’s background ranges from working as an in-house at Huawei to acting as the China representative for Ladas and Parry. Her unique experience in-house and as outside counsel positions her perfectly to help contextualize where we are with regards compliance, standardization and business reality in one of our most important markets.

Michael Cheng will speak about OpenChain at Facebook, a topic that ranges from adoption activity and broader leadership in the compliance space by the company. His perspective will provide added value given the simultaneous decision by Facebook, Google and Uber to join OpenChain as Platinum Members in late 2018, and plenty of runway for our audience to ask questions about real-life lessons learned.

Each talk will run for 10~15 minutes and there will be plenty of time for questions, comments and suggestions. As with all OpenChain Project activities, our goal is to facilitate knowledge-sharing between peers.

Everyone is invited to join this free webinar via zoom. It will also be recorded and made available later on our website.

Join Our Zoom Meeting

Password *

  • 123456

One Tap Telephone (no screensharing)

  • +358 9 4245 1488,,9990120120# Finland
  • +33 7 5678 4048,,9990120120# France
  • +49 69 7104 9922,,9990120120# Germany
  • +852 5808 6088,,9990120120# Hong Kong
  • +39 069 480 6488,,9990120120# Italy
  • +353 6 163 9031,,9990120120# Ireland
  • +81 524 564 439,,9990120120# Japan
  • +82 2 6105 4111,,9990120120# Korea
  • +34 917 873 431,,9990120120# Spain
  • +46 850 539 728,,9990120120# Sweden
  • +41 43 210 71 08,,9990120120# Switzerland
  • +44 330 088 5830,,9990120120# UK
  • +16699006833,,9990120120# US (San Jose)
  • +12532158782,,9990120120# US

Find your local number: https://zoom.us/u/abeUqy3kYQ
Not all countries have available numbers.

After dialing the local number enter 9990120120#

OpenChain Webinar #1 – Supply Chain Governance + Container Compliance – Full Recording

By Featured, News, Webinar

The OpenChain Project has launched a series of bi-weekly free webinars that provide access to people and knowledge that we would otherwise obtain at events. We kicked off on Monday the 6th of April with speakers on Supply Chain Governance and Container Compliance.

Who Presented in Webinar #1?

Dr. Nikolay Harutyunyan spoke about ‘Corporate Open Source Governance of Software Supply Chains’, a talk based on recently published research constituting material from a literature review of 87 publications, a qualitative survey of 20 primary materials and 21 expert interviews at 15 companies. This bridged into a 2.5-year longitudinal study into a company that was just getting started with open source governance and following their evolution.

Armijn Hemel, MSc spoke about Docker container compliance. He has an extensive background as an internationally recognized expert in the field of GPL license compliance engineering with a particular focus on practical solutions to real-world product and service challenges. While best known for his work in embedded technology, Armijn has been exploring the topic of container compliance in recent years, and has been at the forefront of defining best practices in this space.

Learn More About Our Webinars