Skip to main content
Category

News

Webinar: FOSS License Management through aliens4friends in Eclipse Oniro

By automation, licensing, News, Webinar

Welcome to another OpenChain Webinar. This time our speakers are Alberto Pianon and Carlo Piana from ARRAY. They are presenting the Open Source Management concept of Eclipse Oniro and explaining how deeper insights on the identification of the FOSS components and their respective license metadata can be uncovered via the audit policies for Oniro. This webinar is part of a series by the OpenChain Automation Workgroup to provide insight into good practices for community-based IP audits. These good practices will be used to align on a community-wide approach for metadata curation as base for sharing FOSS License Management Data.

Get The Slides

More About Our Webinars:

This event is part of the overarching OpenChain Project Webinar Series. Our series highlights knowledge from throughout the global OpenChain eco-system. Participants are discussing approaches, processes and activities from their experience, providing a free service to increase shared knowledge in the supply chain. Our goal, as always, is to increase trust and therefore efficiency. No registration or costs involved. This is user companies producing great informative content for their peers.

Check Out The Rest Of Our Webinars

This is OpenChain Webinar #58, released on 2024-01-31.

Coming Soon: OpenChain Webinar #59 – Curating FOSS license information for the OSSelot database – 2024-02-14 @ 09:00 CET

By News

About This Webinar

Caren Kresse from OSADL will talk about sharing and reusing publicly available FOSS compliance material, as provided by the OSSelot project (https://www.osselot.org/), which requires trust in the reliability of the data. Such trust can be fostered by ensuring high quality and consistency of the data through a standardized curation process and strict review of all contributions. This presentation will demonstrate the curation process for the OSSelot project, present the resulting material, and give an example of how a contribution is reviewed.

The webinar will take place on 2024-02-14 @ 09:00 CET.

You will be able to join the webinar at this link:

Check Out The Rest Of Our Webinars

CEHLabs Announces An OpenChain ISO/IEC 5230 Conformant Program

By News

CEHLabs has announced an OpenChain ISO/IEC 5230 Conformant Program.

More About CEHLabs:

Governance Risk and Compliance (GRC) the three domains that reduce your business Information and Cyber Security Risk . The domains has different impact areas of the business, with a common goal of reducing quantifiable risk of the business falling victim to cyber security threat which if realised would impact you business into loss of trust with your customers or reputation damage. Here at CEHLabs our primary service is protecting your business from cyber threats by implementing ISO/IEC 5320:2020 of the OpenChain, NIST 800 53b revision 5, HM IS1 and IS2, Cyber Assurance Framework and Cloud First Cyber Essential Plus. In Compliance we are certified to assess under PCI-DSS and HIPPA.

OpenChain Legal Work Group – 2024-01-17

By News

This meeting features a talk about maturity models and how recent developments apply to open source and especially standards like ISO/IEC 5230:2020. The maturity model discussion was presented by Andrew Katz and Stephen Pollard of Orcro and is a direct follow-up from the panel covering this topic at the Open Compliance Summit 2023. 

Get the slides:

Keep up-to-date with the Legal Work Group via their dedicated mailing list:

OpenChain Export Control Work Group 2024-01-09 – Recording

By News

Please find the recording from our recent meeting here:

We covered a few different topics, but the key item was the explore how we could work together with SPDX as they look at adding Export Control fields into SPDX 3.1.

Get the slides:

We had a previous presentation from SPDX on this topic here:

The currently proposed SPDX schema is here:

Their mailing list to discuss this topic is here:

OpenChain Monthly North America / Asia Call – January 2024 (2024-01-16) – Full Recording

By Featured, News

Thank you to everyone who attended the meeting. We had some great feedback. Check out the recording here:

Most Important Outcome

We adjusted the review / renewal period for the Security and Licensing specifications from 18 months to 12 months to align with ISO 17021 for certification of management systems. You can see the details as follows:

Security Specification (potential future ISO 18974 update):

Licensing Specification (potential future ISO 5230 update):

Next Monthly North America / Europe Call Focus Items

Maturity Model consideration for ISO 18974:

+ GM Addition

Scope – for next iteration of ISO 5230:

Review The Past

You can download the slides from this meeting and all previous meetings since we started the specification update cycle here:

OpenChain Monthly North America / Europe Call – January 2024 (2024-01-09) – Full Recording

By Featured, News

Please note: this post initially contained some material related to editing the specification editing that occurred on the North America / Asia call. You can find that material on the North America / Asia call for January 2024 blog post.

We kicked off the year with a call to review the 2023 Annual Report and the 2024 “Where We Go Next” statement. This was also an opportunity to discuss the outcomes of the Steering Committee meeting in December 2023.

Get The Slides For This Meeting (and all the others) On GitHub:

Shanghai Development Center of Computer Software Technology Software Engineering Institute announces an ISO/IEC 5230 conformant program

By News

The Shanghai Computer Software Technology Development Center was approved by the former National Science and Technology Commission in 1984 and is a public institution directly under the Shanghai Academy of Sciences. Shanghai Computer Software Technology Development Center has long been committed to software technology standard research and software application technology research. It has promoted industrial development through the application of technical services and achievements, and gradually formed the core concept of “service industry, development industry”, and made many pioneering contributions to China’s software industry.