Watch Shane Coughlan's webinar on OpenChain ISO standards
Watch the recording of the webinar on OpenChain ISO standards and certification by Shane Coughlan. In this fourth and final episode of the webinar series on open source software supply chain management Shane Coughlan discusses how to build trust by process management. He talks about OpenChain ISO/IEC 5230:2020, the international standard for open source license compliance and ISO/IEC DIS 18974, OpenChain Security Assurance Specification which is slated to become accepted as a standard later this year. Coughlan also talks about the inner workings of the OpenChain organization. It has a strong focus on making compliance as easy as possible for big as well as small organizations, and the standards are openly developed by a vibrant user community. The talk is followed by a lively Q&A in which Coughlan gives sound advise on how to build a truly international organization or community.
About Shane Martin Coughlan
Shane Martin Coughlan works at the Linux Foundation. He is general manager of the OpenChain Project, a global community of organizations collaborating to create trust in the open source supply chain and which maintains the OpenChain ISO/IEC 5230:2020, the International Standard for open source license compliance. He's also a General Assembly member of OpenForum Europe.
Webinar series: The Ins and Outs of Open Software Supply Chain Management
Shane Coughlan's talk is the fourth and final in a series of webinars about open source supply chain management. The series will explore topics such as the software bill of materials, legal consequences, tooling, and the Cyber Resilience Act.
- April 6: Armijn Hemel. [ watch recording ]
Topic: Open Source in (Consumer) Electronics Supply Chains. - April 13: Philippe Ombredanne. [ watch recording ]
Topic: Tooling. - May 4: Carlo Piana & Alberto Pianon. [ watch recording ]
Topic: The importance of a Software Bill of Materials in light of the upcoming Cyber Resilience Act and product liability legislation in Europe. - May 11: Shane Martin Coughlan. [ watch recording ]
Topic: ISO standards and certification.
All episodes start at 13.00 at CEST (Amsterdam, Berlin, Rome).
Related NGI projects
- Binary-analysis-ng improvements: BANG is a tool to analyse firmware and other binary files.
- FOSS Code Supply Chain Assurance: Mitigate attacks through software dependencies.
- Free Software Vulnerability Database: A resource to aggregate software updates.