Community of Conformance

We are best known for maintaining ISO/IEC 5230:2020 and ISO/IEC 18974:2023, the international standards for open source license compliance and security assurance. Below we provide a snapshot of companies that have informed us they are using one or both of our standards and given us permission to list their logo on our website.

Because ISO/IEC standards are freely used around the world, we can only provide limited insight into total market adoption. However, we have reason to believe that usage is significant. For example, PwC have sponsored research indicating 31% of large German companies already use or plan to adopt OpenChain ISO/IEC 5230.

Already Conformant? Let Us Know:

Add your company to our list of conformant organizations

Publicly announced OpenChain ISO/IEC 5230 conformant programs, the international standard for open source license compliance:

AB EHR

AbacatePay

Alibaba Cloud

Aptiv

ARM

ASML

AVL List GmbH

B2M Solutions

BangDB

BlackBerry

Bobble AI

Bosch

ByteDance

CEHLabs

China Mobile

Circle

Cisco

CJ CGV

Cloudera

Codewise

Cognizant

Collabora

Computermind

COONTEC

CP1 Associates

Credativ

CSI Piemonte

Dotcal

dSpace

ECARX

Eclipse Foundation

element.io

Elixir Project

emlix

Endocode

Erlang/OTP

ETRI

Famisanar EPS

Finovace

Fujitsu

GE Digital

General Data Technology Co., Ltd.

Google

H3C

HARMAN International

Hella Aglaia

Hensoldt AG

Hitachi

Hitachi Vantara

HLB Surlatina Chile

Honda Motor Co., Ltd.

Hyundai

Hyundai AutoEver

Hyundai Mobis

IAV GmbH

IBM

Infosys

Inno3

Intelligence Node

Interneuron

iwinstack

Kakao

KakaoBank

Keitaro

KFTC (Korea Financial Telecommunications & Clearings Institute)

KIA

KKCOMPANY

Korea Telcom (KT)

L. D. College of Engineering

LG Electronics

Liferay

LINE Corporation

LSware

Lyra Infosystems

Mercedes-Benz Research and Development India

Microsoft

NAVER

NCSoft

NEC

Next Cloud

NodeWeaver

Nokia

Numbers

Open Source Security

OpenAnolis

openEuler

OpenHarmony

OPPO

Osaka NDS

Panx Project

Pelagicore

PingCap

QCT

QNAP Systems, Inc.

Qualcomm

Revenera

S-core

SAIC Z-One

Samsung Electronics

Samsung SDS

SAP

Scania

Sector7G

Shanghai Development Center of Computer Software Technology

Shareablee

Siemens

Siemens Healthineers

SK Telecom

Socionext

Software Security Technology Co., Ltd.

Sony

Source Auditor

Source Code Control

SUSE

Suzhou Prism Colorful Information Technology Co., Ltd.

Synology

The Center for Research and Development Hong Kong (CRD-HK)

Tjaldur

Togan Labs

TomTom

Toshiba

Toyota

Uber

Ura

Vectoverse

Visteon

Volvo Cars

Western Digital

Wind

Woven by Toyota

xFusion

Yandex KZ

Yes Security

Yoma Bank

ZOOM

ZTE

Publicly announced OpenChain ISO/IEC 18974 conformant programs, the international standard for open source security assurance:

BlackBerry

Canpus

emlix

Fujitsu

Honda Motor Co., Ltd.

Interneuron

KakaoBank

Korea Telcom (KT)

LG Electronics

Netcore

openEuler

Revenera

S-core

Samsung SDS

Source Code Control

UnionTech Software

What Does This Mean?

Having an OpenChain conformant program for ISO/IEC 5230 or ISO/IEC 18974 (or both) means that an organization has a program that uses our process standards for addressing open source license compliance or security assurance.

You need to check with the organization about how their program is scoped (does it cover one project, one product or the whole legal entity?) and you need to ensure – if you are doing business with that organization – that what they consider solid process management matches your own requirements.

The good news is that any OpenChain conformant organization should be providing external contact points for open source license compliance or security assurance matters. It is part of the requirements listed in the standards themselves.

Need Help?

Ask a Question