OpenChain Project, SPDX and Hyperledger

By November 3, 2017News

OpenChain Project, SPDX and Hyperledger

NEW YORK, United States, November 3, 2017 — In 2016 a sub-project began to explore how the benefits of the Blockchain could be leveraged to assist with open source compliance across a complex manufacturing supply chain [1]. It was announced as a new initiative at the Open Source Leadership Summit with a focus on utilizing SPDX + OpenChain + Hyperledger Sawtooth to solve the problem. Initial source code was made available in July 2017 under the Apache license. [2]

A demo of this ‘Software Parts Ledger’ and its support for a Software Parts catalog was given via the Intel booth at the recent Open Source Summit in Prague. The latest status of the Software Parts Ledger at the Open Source Compliance Summit on 16th and 17th November in Yokohama, Japan in a talk entitled ‘Utilizing Blockchain Across The Supply Chain.’ [3]

“The OpenChain Project is delighted to be part of the ‘Software Parts Ledger’ sub-project alongside our contemporaries in SPDX and Hyperledger,” says Shane Coughlan, OpenChain Project Director. “The activity to explore the combination of the OpenChain standard, SPDX identifiers and a Hyperledger record of transactions offer a compelling glimpse into a possible future.”

The OpenChain Project identifies key recommended processes for effective open source management. The project builds trust in open source by making open source license compliance simpler and more consistent.

The OpenChain Specification defines a core set of requirements every quality compliance program must satisfy. The OpenChain Curriculum provides the educational foundation for open source processes and solutions, whilst meeting a key requirement of the OpenChain Specification. OpenChain Conformance allows organizations to display their adherence to these requirements.

The result is that open source license compliance becomes more predictable, understandable and efficient for participants of the software supply chain.

Organizations of all sizes are invited to review the OpenChain Project, to complete our free Online Self-Certification Questionnaire, and to join our community of trust.

Additional Resources

[1] https://lists.spdx.org/pipermail/spdx-tech/2016-December/003199.html

[2] https://github.com/Wind-River/sparts/blob/master/README.md

[3] http://sched.co/CTQe