Monthly Newsletter

Newsletter – Issue 19 – November 2018

The OpenChain Project has active bi-weekly calls and a central mailing list that provide the “nuts and bolts” of our community activity. These are joined by various releases of documents and announcements of OpenChain-related events throughout each month. We collect key developments in this newsletter once a month.

Introduction

November has continued an extremely high amount of activity around the OpenChain Project with respect to releases, events and localization. The most important development is that our review process for the OpenChain Specification 2.0 is fully active. This is an opportunity for all interested stakeholders to help shape the next generation of our standard.

Drafting OpenChain Specification 2.0

The OpenChain Project is preparing the next generation of our standard. This standard outlines the key requirements of a quality open source compliance program. The 2.0 version of OpenChain will build our the language of our currently deployed version – 1.2 – to improve ease of adoption. None of the requirements will change and all entities conformant to 1.2 will be conformant to 2.0:
https://www.openchainproject.org/news/2018/11/19/contribute-to-openchain-2-0-the-new-standard-for-compliance

New Conformant Organization

The OpenChain Project was delighted to welcome The Center for Research and Development Hong Kong (CRD-HK) to our community of conformance. CRD-HK focuses on the selection of Exceptional Research Projects in collaboration with Fellow Scholars, Principal Investigators and Universities with a goal of making outcomes accessible to a wide audience under the principles of Open Data:
https://www.openchainproject.org/news/2018/11/06/welcoming-the-center-for-research-and-development-hong-kong-crd-hk

OpenChain Specification in New Languages

The OpenChain Specification version 1.2 has been translated into German. This is an official translation with peer review. It is ready to be used for local conformance activities. The team behind this translation includes Miriam Ballhausen, Stefan Thanheiser, Jan Thielscher and Daniel Wulle. The reviewer of the translation was Stefanie Pors. The maintainer of this translation is Catharina Maracke:
https://www.openchainproject.org/news/2018/11/07/openchain-specification-in-german

The OpenChain Specification version 1.2 has been translated into Hindi. This is an official translation with peer review. It is ready to be used for local conformance activities. The team behind this translation includes Shuvajit Mitra at Infosys with review from Chandana Rao at Cognizant and Renjish Kumar at Wipro:
https://www.openchainproject.org/news/2018/11/08/openchain-specification-in-hindi

New Milestones in Japan

The OpenChain Japan Work Group has been planning a series of milestones for 2018 and 2019 via three new subgroups. These milestones include the creation of extensive guidance material regarding OpenChain adoption, inter-company communication, and open source policies. As with all OpenChain Curriculum material these documents are made available under CC-0 licensing for use, remixing and sharing for any purpose:
https://www.openchainproject.org/news/2018/11/04/openchain-japan-work-group-milestones-for-the-future

New Material Proposals

Moorcrofts law firm in the UK, one of our partner organizations, has stepped up with a potential “universal policy template.” We are seeking comments and feedback:
https://www.openchainproject.org/news/2018/11/14/draft-proposal-one-open-source-policy-template-to-rule-them-all

Gustavo G. Mármol Alioto has shared proposed localization of the OpenChain Curriculum Reference Training Slides for Argentina. This material is intended to help those located in Argentina with an interest in OpenChain adoption. The proposal is to add an “interchangeable or removable slide” to the OpenChain Curriculum Reference Training Slides for the OpenChain Specification 1.2. It would be added adjacent to Slide 8 in “Chapter 1: What is Intellectual Property?”. This new slide would be accompanied by an additional chart that compares aspects of US and Argentina Copyright Law to facilitate understanding:
https://www.openchainproject.org/news/2018/11/07/rfc-openchain-curriculum-argentina

Updated Material

The OpenChain Overview Slides have been updated, providing our latest (and best) introduction to the project, to our industry standard and to our educational material. These slides are available in PDF, PPTX and ODP formats under the CC Attribution-NoDerivatives 4.0 International license (you can share these slides freely). The PPTX and ODP versions contains extensive speaker notes:
https://www.openchainproject.org/news/2018/11/04/openchain-overview-slides-updated

The OpenChain Project announced an updated version of the Open Source Compliance Training Slides in Korean. These cover all the core topics needed to educate personnel involved in quality open source compliance programs. These slides formally support the OpenChain Specification 1.1 but can be used for any version of the OpenChain Specification and any open source training program:
https://www.openchainproject.org/news/2018/11/28/updated-openchain-open-source-compliance-training-slides-in-korean 

The OpenChain Project has received a contribution of our reference training slides in MarkDown format from Taniguichi San of NEC. This experimental format works in Chrome browsers and is an example of OpenChain material being freely remixed:
https://www.openchainproject.org/news/2018/11/30/experience-the-openchain-reference-training-slides-online

Events

The OpenChain Japan Work Group held its sixth meeting on the 31st of December at the Toshiba / Lazona Kawasaki Building. This meeting featured 49 participants from 24 organizations, continuing our tradition of building out a broad and active local community. It was also the first meeting dedicated to the new subgroups and milestones for 2019:
https://www.openchainproject.org/news/2018/11/04/openchain-japan-work-group-sixth-meeting-31st-october

The OpenChain Project was represented at the Kansai Open Forum on the 10th of November by Tomo Dote of Micware. Dote San provided a keynote covering both OpenChain and our sister project SPDX, and he held a booth exhibit to showcase the practical adoption of both projects throughout the event:
https://www.openchainproject.org/news/2018/11/20/openchain-kansai-open-forum-10th-november

Software Compliance Academy, one of OpenChain’s pilot program partners, hosted an open source seminar on the 16th of November in Munich. This event included information on OpenChain and provided a suitable onboarding point for organizations interested in participation:
https://www.openchainproject.org/news/2018/11/04/openchain-software-compliance-academy-seminar-16th-november

The OpenChain Project was featured at the monthly meeting of the Intellectual Property Owners Association open source committee on the 19th of November. Shane Coughlan, OpenChain General Manager, provided a recap of the OpenChain Project goals and proceeded to outline recent and projected future developments:
https://www.openchainproject.org/news/2018/11/19/openchain-intellectual-property-owners-association

The OpenChain Japan Work Group held an ad hoc meeting at the Denso Ten Kobe offices on the 20th November. The purpose of this meeting was to discuss practical OpenChain adoption for suppliers:
https://www.openchainproject.org/news/2018/11/15/openchain-japan-work-group-ad-hoc-meeting-20th-november

The OpenChain Project was discussed at two events hosted by Grey Matter Ltd. in the UK. Martin Callinan from Source Code Control, an OpenChain Partner, presented our project and goals to diverse audiences. The first took place in Manchester on the 27th and the second in London on the 29th November:
https://www.openchainproject.org/news/2018/11/30/openchain-greymatter-real-world-devops

On the 29th of November Masato Endo from Toyota delivered a presentation to introduce the OpenChain Project to KAMA-JAMA-VDA-AAM members. This marks the beginning of a dialogue about how OpenChain can support the global automotive industry with managing open source compliance in the supply chain:
https://www.openchainproject.org/news/2018/11/30/openchain-the-nama-meeting

KPMG announced they will host an event on the 5th of December to explore Technology Mergers & Acquisitions involving open source for buy and sell side entities. This reflects the way that open source licensing and security issues could potentially impact overall deal success if not effectively addressed. The panel will features experts from KPMG, Flexera, Adobe, O’Melveny & Myer, Wind River and the Linux Foundation’s OpenChain Project in a lively discussion around OSS management programs, legal and security issues, common pitfalls and leading practices around OSS usage:
https://www.openchainproject.org/news/2018/11/14/openchain-ma-kpmg

The OpenChain Survey

The project launched an OpenChain usability survey for Q4. It was intended to provide a platform for everyone interested in open source compliance to let us know how we are doing / what can be improved in the future. The survey covered general interaction with the project, conformance and internationalization. It ran from the 6th to the 30th of November:
https://www.openchainproject.org/news/2018/11/06/the-openchain-q4-2018-survey-tell-your-friends

Summary

October was our busiest month yet…until November. We continue to put in place activities and releases that will support our work towards formal standardization in 2019/2020. We expect to end the year with significant updates on Membership and Conformance. Everything, as always, is due to our excellent volunteer community.

License and Trademarks

Copyright 2018 The Linux Foundation. This newsletter is licensed under the Creative Commons Attribution-NoDerivs 2.0 Generic (CC BY-ND 2.0). Please feel free to share it onwards! OpenChain is a trademark of The Linux Foundation. It may be used according to The Linux Foundation Trademark Policy and the OpenChain Terms of Use. All other trademarks belong to their respective owners.

Newsletter – Issue 18 – October 2018

Context

The OpenChain Project has active bi-weekly calls and a central mailing list that provide the “nuts and bolts” of our community activity. These are joined by various releases of documents and announcements of OpenChain-related events throughout each month. We collect key developments in this newsletter once a month.

Introduction

October was an incredible month for the OpenChain Project. We had more outreach, more collaboration and more announcements than ever before. Key items include new membership from Toshiba, new conformance from SUSE, and the release of beta documents to help with initiating and tracking OpenChain Conformance.

New Member

The OpenChain Project, which builds trust in open source by making open source license compliance simpler and more consistent, announced Toshiba has become a Platinum Member. Toshiba has long been a driving force in the OpenChain Japan Work Group, and their new Platinum membership will enable the company to contribute even more to the global adoption of the OpenChain standard.

“OpenChain is not just a project for OSS license compliance, it also helps to improve mutual trust and effective communication between open source developers and users,” says Tetsuji Fukaya, Director of the Corporate Software Engineering and Technology Center of Toshiba Corporation. “Open source is publicly recognized as an essential part of digital transformation and widely used in numerous products. In order to use open source appropriately, we think that license compliance alone is not enough. Mutual trust between developers and users is also essential. OpenChain will be key to achieve both. For that reason, we feel proud of being part of the OpenChain Project.”

Learn more:
https://www.openchainproject.org/news/2018/10/23/toshiba-joins-the-openchain-project-as-a-platinum-member

New Conformant Organization

The OpenChain Project announced it has welcomed SUSE to its community of conformance. Conformance with the OpenChain Specification confirms that an organization follows the key requirements of a quality open source compliance program, and builds trust between organizations in the supply chain. SUSE is the first enterprise Linux distributor to earn conformance with the OpenChain Project Specification.

“For more than 25 years, SUSE has created and engaged with open source communities as a foundation for its enterprise solutions,” said Thomas Di Giacomo, SUSE CTO. “We always engage with the community to better meet customer needs, and our OpenChain certification is another indication to enterprises that we are committed to making their experience with open source software more reliable and cost effective.”

Learn more:
https://www.openchainproject.org/news/2018/10/23/suse-joins-the-openchain-community-of-conformance

Media

We began October with an interview from the EFY Group covering the key requirements of quaility open source compliance programs. Find out more here:
https://www.openchainproject.org/news/2018/10/01/interview-openchain-project-managing-open-source-compliance-across-the-software-supply-chain

We continued with a Flexera Webinar designed to highlight OpenChain as a great starting point for any organization seeking to adopt the key processes of a quality open source compliance program. Learn more here:
https://www.openchainproject.org/news/2018/10/02/openchain-explained-on-a-forthcoming-flexera-webinar

Events

The OpenChain Project announced a a Birds of a Feather (BoF) at 6pm on Monday the 22nd of October at Open Source Summit Europe. This BoF was designed to provide a “ground level” introduction to what we are doing, how we are doing it, and why you should be part of this. Learn more:
https://www.openchainproject.org/news/2018/10/16/openchain-bof-open-source-summit-europe-22nd-october

The OpenChain Project announced a workshop co-located with the Open Source Summit Europe in Edinburgh on the 23rd of October. This provided a deeper dive into OpenChain then the BoF held the previous day. Learn more here:
https://www.openchainproject.org/news/2018/10/10/openchain-workshop-open-source-summit-europe-23rd-october

The OpenChain Project was featured at the Software IP event hosted by IAM and located at Golden Gate Club at the Presidio, San Francisco on the 30th of October. The project was represented by Hung Chang, Senior Product Counsel at Workday, and one of the founders of the OpenChain Project. Learn more:
https://www.openchainproject.org/news/2018/10/30/openchain-featured-software-ip-an-iam-event

The OpenChain Japan Work Group held its sixth meeting on the 31st of October between 2pm and 4:45pm at Toshiba Smart Community Center in Kanazawa. As with the previous five OpenChain Japan Work Group meetings the discussion included a mix of structured reports, activity planning and case studies. Learn more:
https://www.openchainproject.org/news/2018/10/31/openchain-japan-work-group-meeting-6

It was announced that the OpenChain Project will be featured at a forthcoming Bird & Bird event on the 20th of November in Frankfurt, Germany. Learn more:
https://www.openchainproject.org/news/2018/10/10/openchain-bird-bird-event-20th-november

Emerging Internal Services

The OpenChain Project previously maintained a document for “manual OpenChain Conformance.” The idea was that companies could download, print and/or the document to suit workflows beyond our online conformance web app. You can find a version of that document here:

• https://wiki.linuxfoundation.org/_media/openchain/openchain_conformance_conformance_check_1.1.pdfhttps://wiki.linuxfoundation.org/_media/openchain/openchain_conformance_conformance_check_1.1.pdf

Gary O’Neall from our Conformance Work Team has been doing some exciting work to make it quicker and faster to create a manual conformance document. He is automating the creation from inside the conformance web app. Check it out here:

• https://github.com/OpenChain-Project/conformance-questionnaire/blob/master/docs/questionnaire.pdf

We also announced the public Beta of a new Web App for benchmarking OpenChain Conformance. The idea is to provide a quick, simple and attractive way for companies to check their status regarding meeting the OpenChain standard. This project is being managed by our good friends at Source Code Control. Learn more:
https://www.openchainproject.org/news/2018/10/04/new-in-beta-web-app-for-benchmarking-openchain-conformance

We are seeking feedback on the current offering regarding:

1. Ease of use
2. If it helps solves friction around conformance
3. How complementary it is to our Conformance Web App

Emerging External Services

TÜV SÜD Japan have launched an OpenChain Certification Program. This is the first such program and foreshadows a series of announcements over the coming months. The core of the OpenChain Project is our specification (standard) and our simple, free process for self-certification. Commercial activities adjacent to this by TÜV SÜD Japan and other organizations are complementary, providing an avenue for verified/audited certification for entities that want to have this level of assurance. Learn more here:
https://www.openchainproject.org/news/2018/10/02/tuv-sud-japan-announces-openchain-certification-program

Project Collaboration

There is a lot of cross-pollination between Linux Foundation open source projects. The latest is a contribution from Fukuchi-San, a driving force in the OpenChain Japan WG, to SPDX. Motivated by a suggestion from Thomas Steenbergen at Open Source Summit Europe 2017 he has prepared a Japanese translation of the SPDX Specification. The draft document is available for comments, suggestions and improvements here:

• https://github.com/hfukuchi/SPDX_specification/tree/master/chapters

Learn more:
https://www.openchainproject.org/news/2018/10/29/openchain-♥-spdx

Summary

This was easily our busiest month yet, with a rocket-ship launch into Q4, and providing a strong foundation for our next steps towards formal standardization in 2019/2020. Of particular note is that we are building out membership, conformance and awareness. This will continue through November and the end of the year. Watch this space!

License and Trademarks

Copyright 2018 The Linux Foundation. This newsletter is licensed under the Creative Commons Attribution-NoDerivs 2.0 Generic (CC BY-ND 2.0). Please feel free to share it onwards! OpenChain is a trademark of The Linux Foundation. It may be used according to The Linux Foundation Trademark Policy and the OpenChain Terms of Use. All other trademarks belong to their respective owners.

Newsletter – Issue 17 – September 2018

Introduction

The OpenChain Project has active bi-weekly calls and a great mailing list that provide the “nuts and bolts” of our community activity. These are joined by various releases of documents and announcements of OpenChain-related events throughout each month. In September the big news was the appointment of our first Community Representative to our Steering Committee and a terrific, exceptional series of educational case studies in English and Japanese from our Japan Work Group.

Community

We are delighted to announce that Indira Bhatt acted as our OpenChain Community Representative during our inaugural Steering Committee meeting. Indira is a Manager in KPMG’s San Francisco Advisory practice with nearly 10 years of experience in the area of Free and Open Source Software (FOSS) due diligence. She has extensive experience in setting up FOSS compliance teams including leading, training and mentoring junior and senior analysts. Indira has helped various organizations successfully contribute code to the open source community and establish FOSS review boards by either defining or refining existing governance and usage and approval policies and procedures.
https://www.openchainproject.org/news/2018/09/11/openchain-announces-our-first-community-representative-on-the-steering-committee

Indira will represent the community in our second Steering Committee scheduled for late October before rotating the role with another community member.

Contributions

This month is all about case studies. This time around we focused on how companies instituted educational programs. All of the case studies came from our excellent and highly productive Japan Work Group. Big thanks are due to Fukuchi San from Sony for coordinating all the moving pieces.

Panasonic Case Study:
https://www.openchainproject.org/news/2018/09/12/announcing-our-panasonic-educational-case-study

Toshiba Case Study:
https://www.openchainproject.org/news/2018/09/18/announcing-our-toshiba-educational-case-study

Sony Case Study:
https://www.openchainproject.org/news/2018/09/21/announcing-our-sony-educational-case-study

Toyota Case Study:
https://www.openchainproject.org/news/2018/09/25/announcing-our-toyota-educational-case-study

Fujitsu Case Study:
https://www.openchainproject.org/news/2018/09/27/announcing-our-fujitsu-educational-case-study

Events

The OpenChain Project benefited from outreach talks being reserved in the international schedule by our chair of the Specification Work Team and one of our most active partners in the UK.

First up, Mark Gisi presented the latest news from our project at the recent SPDX General Meeting. One of the most interesting highlights was the reveal of SParts – a supply chain ledger leveraging blockchain technology – can solve accountability and access questions. This merges SPDX and Hyperledger to provide a supply chain solution that can be immediately useful for companies managing open source compliance.
https://www.openchainproject.org/news/2018/09/04/openchain-spdx-general-meeting

A little bit down the road, Andrew Katz from Moorcrofts has booked a space at FINOS Open Source Strategy Forum in London on the 14th and 15th of November. This conference for financial technology professionals is designed to accelerate open source engagement at their firms. This marks our first step into the FinTech community:
https://www.openchainproject.org/news/2018/09/05/openchain-finos-open-source-strategy-forum-in-london

Summary

October will see a strong emphasis on outreach, both at Open Source Summit Europe and via other events and webinars. At the same time the project is benefiting from an expanding commercial ecosystem, purely market driven, that indicates further substantial growth in the adoption of best practices for open source compliance programs is just around the corner.

License and Trademarks

Copyright 2018 The Linux Foundation. This newsletter is licensed under the Creative Commons Attribution-NoDerivs 2.0 Generic (CC BY-ND 2.0). Please feel free to share it onwards! OpenChain is a trademark of The Linux Foundation. It may be used according to The Linux Foundation Trademark Policy and the OpenChain Terms of Use. All other trademarks belong to their respective owners.

Newsletter – Issue 16 – August 2018

Introduction

The OpenChain Project focused on long-term expansion this month. We delivered video and slide solutions to help people understand the project, understand how to accomplish conformance and how to explain the project to third-parties. We also staked our first outreach in Russia and India via new translations. Of course the community was not neglected! We help a fruitful workshop adjacent to Open Source Summit North America. This event provided a great opportunity to open the discussion around the next generation of the OpenChain Specification.

Outreach

This month sees some special releases from the OpenChain Project designed to help people understand the project, understand how to accomplish self-certification and to deliver talks related to the project.

Our overview video explains the challenges the project solves and how companies of all sizes can frame their engagement. It also shows how the “stack” of open source compliance solutions work together to solve challenges quickly and efficiently.
https://www.openchainproject.org/news/2018/08/28/openchain-a-video-overview

Our self-certification video explains the free online process for companies to confirm they meet the requirements of the OpenChain Specification. This presentation is suitable for companies of all sizes that want to engage with and adopt the OpenChain Specification.
https://www.openchainproject.org/news/2018/08/28/openchain-a-video-guide-to-self-certification

Our new slide-deck is designed to explain OpenChain internally in companies or to external suppliers/customers. It includes a reference script in the speaker notes.
https://www.openchainproject.org/news/2018/08/29/slidedeck-openchain-great-open-source-compliance-for-everyone

Events

The OpenChain Project hosted an open source license compliance workshop adjacent to Open Source Summit. It featured new compliance reference material, new training material and new case studies. We had interactive panels and plenty of networking to ensure an excellent opportunity to get the latest and most useful information about compliance.
https://www.openchainproject.org/news/2018/08/17/openchain-workshop-open-source-summit-north-america

We also hosted a social event adjacent to Open Source Summit North America immediately after our official workshop at the Mosaic Grille in the Hyatt Regency. This provided a great opportunity to informally discuss the project today and where we might go tomorrow.
https://www.openchainproject.org/news/2018/08/17/openchain-social-event-open-source-summit-north-america

Contributions

The OpenChain Project received two exceptional contributions related to our international expansion.

We received a draft of the OpenChain Specification 1.2 in Russian. This document was contributed by Denis Dorotenko at Yandex and it marks our first major activity to support the Russian market.
https://www.openchainproject.org/news/2018/08/20/help-improve-the-draft-openchain-specification-1-2-in-russian

We also received a draft of the OpenChain Specification 1.2 in Hindi. This document was contributed by Shuvajit Mitra at Infosys and it marks our first major activity to support the Indian market.
https://www.openchainproject.org/news/2018/08/20/help-improve-the-draft-openchain-specification-1-2-in-hindi

Summary

The OpenChain Project continues to benefit from its global community, with the message behind the project and supporting materials being contributed on virtually every continent. Extrapolating from this, our next stop will be Africa! But first, we have a busy schedule of events, releases and document revisions in the coming months. Watch this space.

License and Trademarks

Copyright 2018 The Linux Foundation. This newsletter is licensed under the Creative Commons Attribution-NoDerivs 2.0 Generic (CC BY-ND 2.0). Please feel free to share it onwards! OpenChain is a trademark of The Linux Foundation. It may be used according to The Linux Foundation Trademark Policy and the OpenChain Terms of Use. All other trademarks belong to their respective owners.

Newsletter – Issue 15 – July 2018

Introduction

The OpenChain Project returned to Asia with significant outreach activities announced for the Chinese language supply chain. We continued to release case studies from Japanese and global stakeholders. The project reference material was also expanded with the release of a second and more detailed set of tooling slides under CC-0.

Events

The OpenChain Project had a strong focus on Taiwan this month, announcing three workshops from the 9th to 12th of August, one of which constitutes the first legal track for the COSCUP conference. COSCUP is the premier open source conference in Taipei and usually attracts a couple of thousand attendees. Each of these workshops will be represented by the OpenChain Project and our friends from Sony and Panasonic.

The first OpenChain workshop was announced for the MOXA company and university in South Taipei with a focus on providing an easy starting point for engaging with compliance issues:
https://www.openchainproject.org/news/2018/07/12/openchain-announces-workshop-in-taipei

The second workshop was announced in conjunction with the Open Culture Foundation (OFC) and focused on providing an intermediate introduction to license management and corporate strategy:
https://www.openchainproject.org/news/2018/07/10/openchain-announces-legal-track-coscup

Finally, the legal track at the COSCUP conference on the 12th August was given a focus on end-to-end compliance discussions to guide project managers from A to Z around key requirements and efficiencies:
https://www.openchainproject.org/news/2018/07/17/openchain-announces-legal-track-coscup-12th-august

Contributions

The OpenChain Project shared two new sets of case studies with the community-at-large.

The first collection of case studies constituted three consumer device company case studies. These encompassed company approaches, priorities and engagement with OpenChain. They are provided in anonymous format from major international stakeholders in both OpenChain and open source more generally.
https://www.openchainproject.org/news/2018/07/12/openchain-announces-three-consumer-devices-case-studies

The second collection constituted four anonymous open source compliance case studies from Japan. These case studies mark the conclusion of our sequence of releases that saw information shared by Toyota, Hitachi, Sony and many more.
https://www.openchainproject.org/news/2018/07/17/openchain-announces-four-more-japanese-case-studies

Releases

The OpenChain Project announced the release of a second set of tooling slides. These slides were contributed by Software Compliance Academy, one of our strategic partners in Germany, and built on our first release in May. As with all contributions to the OpenChain learning materials (curriculum and onboarding), these slides are published under the CC-0 license, effectively public domain.
https://www.openchainproject.org/news/2018/07/16/openchain-announces-second-set-of-reference-tooling-slides

Improved Outreach

Work continued on our Japanese translation of the website and web app. Due to some reworking around the code our release schedule slipped from July to a projected late August release:
https://www.openchainproject.org/news/2018/06/21/openchain-announces-japanese-website

Work has also begun on the Chinese translation of the OpenChain website. Expect further announcements around this during August.

Summary

The OpenChain Project continues to execute around its strategy of building international bridges and knowledge sharing both in the English language and local languages by country. Of particular note was the release of further case studies and expanded tooling slides as a direct response to community requests. August will see a continuation of outreach activities and a deep dive into our specification update discussions.

License and Trademarks

Copyright 2018 The Linux Foundation. This newsletter is licensed under the Creative Commons Attribution-NoDerivs 2.0 Generic (CC BY-ND 2.0). Please feel free to share it onwards! OpenChain is a trademark of The Linux Foundation. It may be used according to The Linux Foundation Trademark Policy and the OpenChain Terms of Use. All other trademarks belong to their respective owners.

Newsletter – Issue 14 – June 2018

Introduction

It has been a busy month for the OpenChain Project. We had a particular focus on outreach in Asia and Germany, building new connections in Tokyo, Beijing and Berlin that will help accelerate adoption. We also released a significant amount of reference material and reports, including our first large-scale tranche of case studies.

Events

We kicked off the outreach with an Asian Legal Network event in Beijing. This intimate event provided an opportunity to present the basics of the OpenChain Project and to highlight our material to assist in the adoption of key requirements of quality open source programs. You can learn more about this event here:
https://www.openchainproject.org/news/2018/05/17/openchain-asian-legal-network-beijing

The OpenChain Japan Work Group was next with its fourth meeting at Toyota’s Midland Square offices on the 13th of June. Over 40 representatives from 26 companies gather to share their case studies and knowledge around compliance. You can learn more about this event here (and read below to get links to some of our fantastic new case studies):
https://www.openchainproject.org/news/2018/06/05/reminder-fourth-meeting-of-the-openchain-japan-work-group
and
https://www.openchainproject.org/news/2018/06/13/openchain-japan-work-group-toyota-in-nagoya

We continued our momentum by delivering a keynote at the inaugural FOSS Backstage conference in Berlin on the 14th. This event brought a diverse group of corporate and community figures together, and provided an excellent opportunity to connect with parties that we already have some dialogue with in this geography:
https://www.openchainproject.org/news/2018/06/14/openchain-keynote-foss-backstage
and
https://www.openchainproject.org/news/2018/06/14/openchain-workshop-foss-backstage

You can watch the video of our keynote right here:
https://www.youtube.com/watch?v=ojW_qH9sMBc

OpenChain was next featured during a special presentation at a FOSS Compliance Seminar in Berlin hosted by our local partner – Software Compliance Academy – and KDAB:
https://www.openchainproject.org/news/2018/06/14/openchain-foss-compliance-intensive-seminar-berlin

We returned to Asia for the Open Source Summit Japan. Toyota featured OpenChain prominently during their opening keynote of the event. You can see some of the excellent pictures – and get an idea of Toyota’s open source approach – right here:
https://www.openchainproject.org/news/2018/06/21/openchain-toyotas-keynote-in-open-source-summit-japan

Meanwhile, we also had an OpenChain specific speech at the conference. You can review the slides right here:
https://www.openchainproject.org/news/2018/06/21/openchain-project-open-source-summit-japan-the-slides

OpenChain give a general audience speech and held a dedicated workshop at LinuxCon China on the 25th of June, providing our first large-scale engagement with the local audience. Thanks to this event we have built some useful bridges that will lead to further workshops later in the year:
https://www.openchainproject.org/news/2018/06/07/openchain-workshop-at-linuxcon-china-schedule-and-registration-details

As part of the China outreach we also launched a WeChat group. For those unfamiliar with the Chinese market, WeChat is the most widely used communication client beyond email, and it provides excellent ways to keep in contact with large numbers of people:
https://www.openchainproject.org/news/2018/06/14/openchain-announces-wechat-group-for-china

Contributions and Releases

We really shone on the community contribution and report front this month.

Our international colleagues contributed automotive case studies during the April Legal and Licensing Workshop in Barcelona. These case studies are now available in anonymized format for all to learn from:
https://www.openchainproject.org/news/2018/06/10/openchain-announces-automotive-case-studies

Back in Asia, the OpenChain Japan Work Group continued their excellent work with the release of a series of company-specific case-studies.

Panasonic:
https://www.openchainproject.org/news/2018/05/31/openchain-announces-japanese-case-studies

Hitachi:
https://www.openchainproject.org/news/2018/06/05/openchain-announces-hitachi-case-study

Sony:
https://www.openchainproject.org/news/2018/06/07/openchain-announces-sony-case-study

Toyota:
https://www.openchainproject.org/news/2018/06/21/openchain-project-announces-toyota-case-study

Fujitsu:
https://www.openchainproject.org/news/2018/06/21/openchain-project-announces-fujitsu-case-study

Hitachi Solutions:
https://www.openchainproject.org/news/2018/06/21/openchain-project-announces-hitachi-solution-case-study

This material was bolstered by our first location-specific Japanese onboarding material provided a great example of how to bring new stakeholders into the fold. As a reminder, the Japan Work Group conducts its meetings in Japanese, and therefore the onboarding material is also in the local language. Check it out here:
https://www.openchainproject.org/news/2018/06/21/openchain-project-announces-japanese-onboarding-material

We also continued our process of translating great international material into local languages with the release of Japanese reference checklists. These are translations of the checklists launched during Q2 for the English speaking market:
https://www.openchainproject.org/news/2018/06/21/openchain-announces-japanese-checklists

New Partners

We were delighted to welcome two more parties to our pilot partner program. Source Code Control (UK) and EACG (Germany) provide a significant expansion of our European footprint. We look forward to collaborating with both to bring their clients into the OpenChain fold:
https://www.openchainproject.org/news/2018/06/10/openchain-announces-two-new-partners
It should be noted that we have been working with Source Code Control for a while, and their excellent advocacy lead to our conformance relationship with the British National Health Service.

Improve Outreach

Our website is getting a significant overhaul to better feature both the raft of contributions listed above and other recent material. This process should be complete bu mid-July. You can already see the first fruits online, with enhanced self-certification, conformance and FAQ material:
https://www.openchainproject.org/news/2018/06/10/openchain-announces-redesigned-website

As usual, our Japanese community is fully engaged, and this means that our first full translation of the website will be in Japanese. We have released a preview during June and expect to have the formal website release in July:
https://www.openchainproject.org/news/2018/06/21/openchain-announces-japanese-website

Summary

The OpenChain Project is having a significant impact on global open source compliance discussions. As we do this we are discovering new ways to support corporate engagement with open source and to foster more effective supply chain management of open source code.

Our outreach has highlight a series of steps that companies are going through on their path to having all the key requirements of a quality open source compliance program. Toyota summarized it as follows:
Stage 1: No knowledge of compliance
Stage 2: Knowledge of compliance without knowing what to do
Stage 3: Knowing what to do but not understanding how to do it
Stage 4: Knowing what to do and how to do it

Our experience shows that most companies are at stage 2 and 3. In certain jurisdictions a surprising number of companies are at the intermediate point between Stage 1 and 2. Stage 4 is where companies are positioned for conformance to the OpenChain Specification. Right now we are helping a lot of entities on their journey. This will pay increasing dividends over time and validate the value provided by this project, our approach and our vibrant community.

License and Trademarks

Copyright 2018 The Linux Foundation. This newsletter is licensed under the Creative Commons Attribution-NoDerivs 2.0 Generic (CC BY-ND 2.0). Please feel free to share it onwards! OpenChain is a trademark of The Linux Foundation. It may be used according to The Linux Foundation Trademark Policy and the OpenChain Terms of Use. All other trademarks belong to their respective owners.

Newsletter – Issue 13 – May 2018

Introduction

There are two central themes this month: events and reference documentation. Alongside a raft of opportunities for people to learn more about OpenChain at face-to-face meetings we have seen the release of checklists, kanban guides and tooling overview slides. Our internationalization has also continued apace, with the new Specification 1.2 already available in Japanese, and new onboarding slides in German contributed from members of our volunteer community.

OpenChain @ Events

Featured Event: OpenChain @ LinuxCon China

The OpenChain Project will host a workshop at LinuxCon China on the 25th of June. It will explain modern open source compliance, how the OpenChain education and reference material can help companies, and how the OpenChain Specification is being used by companies to increase efficiency and save costs.

This is a free workshop designed to answer real-world questions. Program managers, project managers, open source office members, legal personnel and business decision-makers will all find something useful in its content. To register simply send an email to coughlan@linux.com

Event Date/Time: Monday, June 25, 2018, 8:00 – 12:00
Event Location: China National Convention Center, Beijing
Event Cost: Complimentary

Learn More (and view the details in Chinese) here:
https://www.openchainproject.org/news/2018/05/16/announcing-the-openchain-workshop-linuxcon-china

Save the Date:

The next Asian Legal Network event will take place on the 28th May in Beijing. OpenChain Project will be featured in a keynote speech. This will lay the foundation for our larger workshop on 25th June.

Learn More: https://www.openchainproject.org/news/2018/05/17/openchain-asian-legal-network-beijing

The OpenChain Japan Work Group will hold its fourth meeting at Toyota’s Midland Square offices on the 13th of June. This event builds on the recent meeting held at Panasonic’s facilities in Osaka with representatives from 15 companies in attendance, and will be a great chance to obtain practical case studies, reference material and to network.

Learn More: https://www.openchainproject.org/news/2018/04/30/save-the-date-fourth-meeting-of-the-openchain-japan-work-group

The Software Compliance Academy will host a FOSS Compliance Seminar on June 14th to 15th in Berlin. This seminar will feature the OpenChain Specification and reference material, providing a great starting point for organizations in Germany, Switzerland or Austria to begin their engagement with the project. More information is available in German below and on the Software Compliance Academy website.

Learn More: https://www.openchainproject.org/news/2018/05/15/foss-compliance-seminar-featuring-openchain-in-berlin

The OpenChain Project will be featured at (and a sponsor of) COSCUP in Taipei on the 11th and 12th of August 2018. Our project leader Shane Coughlan along with Japanese community volunteers and Taiwanese community collaborators will participate in the event’s new legal track to share practical compliance solutions and case studies.

Learn More: https://www.openchainproject.org/news/2018/05/16/openchain-coscup-taiwan-2018-legal-track-multiple-speakers

What You Missed:

May 14th featured the second OpenChain Workshop in Taipei. This event builds on a compliance workshop held during April and marks another step towards the Legal Track that OpenChain will help organize at the COSCUP conference on August 11th and 12th.

Learn More: https://www.openchainproject.org/news/2018/05/14/openchain-workshop-in-taipei

OpenChain Reference Material

The OpenChain Project is delighted to announce the immediate availability of a Conformance and Compliance Checklist to assist with quick, easy and effective adoption of key requirements for quality open source compliance programs. This document is targeted to support direct conformance activities. It frames the key requirements for conformance in a simple yes/no format that can rapidly contextualize progress in an organization.

Learn More: https://www.openchainproject.org/news/2018/05/11/meet-the-openchain-conformance-and-compliance-checklist

The OpenChain Project is delighted to release two reference kanban workflows, one contributed from ID Law Partners in Spain and the other contributed from Source Code Control in the UK. These contributions provide inspiration around how organizations can use a simple workflow to check and improve their open source compliance activities. The end goal of both reference kanban workflows is to support OpenChain Conformance, but it is worth noting that the materials are also suitable for activities adjacent to or separate from specific conformance initiatives.

Learn More: https://www.openchainproject.org/uncategorized/2018/05/16/openchain-releases-compliance-process-kanban-guides

OpenChain Project is delighted to announce that we have received tooling overview slides from Software Compliance Academy in Germany. This contribution provides a high level overview and more specific explanations of how and where tooling can contribute to increased efficiency in open source compliance. The goal is not to provide specific recommendations but rather to frame the discussion to allow organizations to make informed and use-case specific decisions to support their inbound, internal and outbound software management process.

Learn More: https://www.openchainproject.org/news/2018/05/15/openchain-project-announces-tooling-overview-slides

OpenChain @ Companies

Toyota Motor Corporation has released slides explaining the rationale and benefit of their engagement with the OpenChain Project.

“Toyota has built strong ties into the global open source development community and into areas related to open source patent non-aggression and copyright compliance. During the Legal & Licensing Workshop in Barcelona during April 2018 Endo San from the Toyota legal team explained their approach and the benefits it brings.”

Learn More: https://www.openchainproject.org/news/2018/05/14/toyota-and-strategic-engagement-with-compliance-via-openchain

OpenChain Internationalization

The OpenChain Project has received a contribution of localized onboarding slides from Bird & Bird in Germany. This short deck is designed to help organizations without prior knowledge of OpenChain understand the reasoning and key benefits behind the project. This marks another milestone in the on-going internationalization of OpenChain-related material to support both OpenChain Conformance and broader open source compliance activities in organizations of all sizes.

• Learn More: https://www.openchainproject.org/news/2018/05/15/openchain-onboarding-slides-in-german

The OpenChain Specification Version 1.2 is now available in Japanese. Version 1.2 is the result of the contributions of more than 150 people over the past three years. Congratulations and a big thanks to all those who contributed! Each and every contribution, whether or not it resulted in an addition, modification or debate, led to a better specification. Huge thanks are due to the Linux Foundation Japan volunteer translation team for localizing our newest release so quickly. Special thanks is due to Taniguchi San for driving this process.

• Learn More: https://www.openchainproject.org/news/2018/05/11/openchain-specification-1-2-in-japanese

Coming next

The next month will focus on case studies and conformance. We will also be discussing the next version of the specification on our usual first and third month conference calls. All invited, all welcome!

License and Trademarks

Copyright 2018 The Linux Foundation. This newsletter is licensed under the Creative Commons Attribution-NoDerivs 2.0 Generic (CC BY-ND 2.0). Please feel free to share it onwards! OpenChain is a trademark of The Linux Foundation. It may be used according to The Linux Foundation Trademark Policy and the OpenChain Terms of Use. All other trademarks belong to their respective owners.

Newsletter – Issue 12 – April 2018

Introduction

OpenChain has reached several important milestones during the last month. The first is a new release of the Specification (see below) but no less important are the strides being seen in adoption, reference material contributions, case studies and local work teams or workshops. It provides a strong start to our quarter with thanks, as always, due to our vibrant community.

OpenChain Specification

The OpenChain Specification version 1.2 was released on the 19th of April at the Legal and Licensing Workshop in Barcelona. This document presents a refined, easier to understand and easier to translate format. Our goal is to open our community to wider participation and adoption.

Specification version 1.2 is the result of contributions of more than 150 people over the past three years. Congratulations and a big thanks to all those who contributed! Each and every contribution, whether or not it resulted in an addition, modification or debate, led to a better specification.

• Download a copy of the specification here: https://wiki.linuxfoundation.org/_media/openchain/openchainspec-1.2.pdf
• Learn more about it here: https://www.openchainproject.org/spec
• Self-certify here: https://www.openchainproject.org/conformance

Feel a little out of your depth? You can get a better understanding of how the specification was developed and what its goals are right here:

• https://www.openchainproject.org/specification-faq

OpenChain Conformance

The OpenChain Project is delighted to welcome NodeWeaver as the latest organization with an OpenChain conformant program. NodeWeaver is a zero-management hyperconverged infrastructure – that integrates storage, networking and virtualization in a single system. It is built using the same principles of large scale systems used by Google and Amazon, making them available to small and medium enterprises.

Great feedback was provided on their experience with our project:
“With more than 80% of our code being open source, Open Source license compliance is an essential aspect for us” says Carlo Daffara, NodeWeaver’s CEO. “OpenChain helped us in making the process streamlined, repeatable and consistent, and substantially lowered our compliance cost while increasing visibility into all aspect of our production process.”

Learn more here:

• https://www.openchainproject.org/news/2018/04/18/nodeweavers-a-new-openchain-conformant-organization

But there is more! As mentioned in our last newsletter, we have been working with the British National Health Service and their partners on both conformance and case studies. We are honored to be able to formally announce the first fruits of this collaboration.

We have welcomed AB EHR as an organization with an OpenChain Conformant program, an important step towards practical adoption by NHS providers charged with running technical projects, in this case the Code4Health initiative.

Martin of Source Code Control, the key liaison in this collaboration provided a quote to summarise the value seen:
“We have been supporting Code4Health for a number of years to manage their open source supply chain. The OpenChain Specification has enabled us to validate the processes meet industry best practice and that the solutions being promoted to NHS are best of breed and this can be transparently demonstrated.” Martin Callinan, Director Source Code Control Ltd.

Learn more here:

• https://www.openchainproject.org/news/2018/04/18/ab-ehr-a-new-openchain-conformant-organization

OpenChain Case Studies

The OpenChain Project is delighted to announce the release of our first case study, a collaboration with NHS England, NHS Digital and AB EHR. This case study offers an insight into how and why the British National Health Service has decided to use the OpenChain Specification as a baseline for effective compliance across its digital projects.

Our first case study is centered around adoption by the service provider AB EHR for the code4health project. This marks the first step in a broader deployment plan across multiple projects and providers in the coming months and years.

You can download the case study here:

• https://github.com/OpenChain-Project/Onboarding/raw/master/case%20studies/AB%20EHR%20OpenChain%20Case%20Study.pdf

OpenChain @ Events

The OpenChain Project was featured at numerous events across the globe in late March and throughout April.

1. The first event was in partnership with Moorcrofts in the UK with an OpenChain session at a BCS event in London on the 22nd of March.
2. On the same day Software Compliance Academy highlighted the OpenChain Project, curriculum, training and specification at an event hosted on the 22nd March by ZVEI, one of the most important manufacturers’ associations in Germany.
3. We were then featured in a keynote on OpenChain at Linaro Connect in Hong Kong (also on the 22nd March!).
4. The OpenChain Project was featured at the first Asian Legal Network meeting of 2018 in Tokyo on the 6th of April.
5. This was followed by an Asian Legal Network event in Seoul on the 12th of April.
6. We had a substantial presence at the Legal and Licensing Workshop Barcelona between the 18th and 20th of April.
7. Which overlapped with a simultaneous third meeting of the OpenChain Japan Work Group at the Panasonic headquarters in Osaka on the 19th of April, attended by representatives from 15 companies.

Keep track of all our events here:
https://www.openchainproject.org/events

OpenChain Internationalization

Internationalization efforts are being prepared to translate the new OpenChain Specification into our key target languages (Japanese, Chinese, Korean and German). Activity is also underway to provide outcomes from the Japan Work Group sessions to the wider community. Of particular note are several case studies from companies like Panasonic to discuss their experiences and reasons for engagement.

Coming next

You can expect additional announcements regarding conformant organizations, reference materials and translations in the coming month. The process for developing the OpenChain Specification 1.3 will also get underway. All contributions, suggestions and comments are always welcome.

License and Trademarks

Copyright 2018 The Linux Foundation. This newsletter is licensed under the Creative Commons Attribution-NoDerivs 2.0 Generic (CC BY-ND 2.0). Please feel free to share it onwards! OpenChain is a trademark of The Linux Foundation. It may be used according to The Linux Foundation Trademark Policy and the OpenChain Terms of Use. All other trademarks belong to their respective owners.