OpenChain Project

During The Linux Foundation Open Compliance Summit 2024 in Tokyo on the 30th of October, Tadayuki Osaki (Standards and OSS community Manager, Legal & Intellectual Property Unit) and Yuchang Cheng (Senior Research Manager, Artificial Intelligence Laboratory), presented on the topic of Fujitsu's OSS Standards Conformance and AI Management System Standardization Participation. Check out their slides here: https://hubs.la/Q02X3qp90

Fujitsu has announced an ISO/IEC 18974 conformant program. Their adoption of the international standard for open source security assurance underlines their commitment to leadership in open source governance and management. Big thanks to Tadayuki Osaki, 浅羽鉄平 and the rest of the team for driving forward continued excellence in open source. Learn more and share this news: https://hubs.la/Q02X3qkl0

At the end of last year in China, the OpenChain China Work Group held a special meeting with CAICT and many contributor companies. During this event, we had a detailed briefing on developments in the Chinese market. This type of insight is an invaluable part of community.

Most people know the OpenChain Project as the home of ISO/IEC 5203 (the international standard for open source license compliance) and ISO/IEC 18974 (the international standard for open source security assurance). Some people know us for our work around SBOM (for example, the Japan Work Group created the "SPDX Lite" part of SPDX SBOM). Some people know us for our new work in spaces like AI Compliance. But did you know about the OpenChain Onsen Study Group chaired by Norio Kobota of Sony?

Some years ago in Hong Kong, key figures from OpenChain and the Chinese community met for dinner. Here the seeds were planted for future sharing, and this directly lead to regular OpenChain Work Group meetings in China. Join our activities (anywhere): https://hubs.la/Q02VqHnP0

Not a panacea: a nuanced take on the challenges of SBOM for open source compliance. This type of talk provides a bridge between understanding a task, a tool to assist and the realities of implementation. The Linux Foundation SBOM Summit was filled with such insight and helpful, practical consideration of using SBOM in the supply chain.

So many key contributors to the OpenChain Project community ❤️

And that's a wrap! Open Source Summit Japan contained a wide (wide) range of tracks covering everything from code creation to IP management. It was also a wonderful networking opportunity. A big thank you to the organizers. OpenChain will be there again next year.

During The Linux Foundation Open Compliance Summit and SBOM Summit in Tokyo, Oscar Valenzuela gave three excellent talks around different aspects of managing open source processes, compliance, automation and scaling. The talk with Diego Jorquera was a great conversation-starter early in the event cycle. We are fortunate to have such international speakers come over and network with our local community contributors. With strong representation from China, Japan and Korea, the conference week provided a solid bridge between open source in the Americas, Europe and Asia. (big thanks to Linux Foundation Japan for all their local coordination!)

高(Gao)琨（King）( Shanghai Sectrend Information Technology Co., Ltd.) , Tony Yang (openEuler) and Shane Coughlan (OpenChain Project) had a chance to catch up at The Linux Foundation Open Compliance Summit. This event, focused on sharing knowledge around open source license, security and other compliance topics, is held once a year in Tokyo. We had a very international audience this year, and an excellent roster of speakers. A big thank you to everyone involved.