Loading…
Simple
Expanded
Grid
By Venue
Wednesday, November 16
 

10:00am JST

Curtain-Raiser: event overview -what to expect in 2 days- Noriaki Fukuyasu, The Linux Foundation
Speakers
avatar for Nori Fukuyasu

Nori Fukuyasu

VP of Japan Operations, The Linux Foundation
Noriaki is the Vice President of Japan Operations for The Linux Foundation. Prior to joining The Linux Foundation, he led the international business for a leading Japanese Linux distributor, Turbolinux, Inc., as Director of International Business. He also served as the CEO of Zend... Read More →

Wednesday November 16, 2016 10:00am - 10:10am JST
TBA
  Opening

10:10am JST

State of Linux and Open Source Compliance, Mike Dolan, VP of Strategic Program, The Linux Foundation
Speakers
avatar for Mike Dolan

Mike Dolan

SVP and GM of Projects, The Linux Foundation
Michael Dolan is SVP and GM of Projects at the Linux Foundation supporting open source projects and legal programs He has set up and launched hundreds of open source and open standards projects covering technology segments including networking, virtualization, cloud, blockchain, Internet... Read More →

Wednesday November 16, 2016 10:10am - 10:50am JST
TBA
  General

10:50am JST

Improving Open Source security through stronger project governance, Nicko Van Someren, CTO, Linux Foundation
Speakers
avatar for Nicko van Someren

Nicko van Someren

CTO, Linux Foundation
Nicko is The Linux Foundation’s chief technology officer focused on the Core Infrastructure Initiative and other security-focused efforts at the organization. He has extensive experience across the security and networking industries. Most recently, he was the chief technology officer... Read More →

Wednesday November 16, 2016 10:50am - 11:30am JST
TBA
  Security

11:30am JST

Lunch Break
Wednesday November 16, 2016 11:30am - 1:00pm JST
TBA

1:00pm JST

Open Source Compliance is the key to Community Interaction, Oskar Swirtun, CEO, FOSSID AB

Software is in the center of growth for all technology companies today. Whether it’s an automotive company trying to build an autonomous car or just optimizing the performance of their combustion engine, a telecom company, a cloud provider, a finance institution, or any other technology company, they all need to become software authorities.

Software development is to a large extent about re-use of code and successful technology companies need to master open source which is the main source of software components today. But success is also about being able to protect the ideas and the companies’ specific domain expertise.

To re-use and share software may be contradictory to protecting proprietary software assets and that contradiction defines the importance of compliance in any technology company. Open source compliance is the key to consumption, contributions and to successful community interaction. Once the development strategy, policies and directives are defined, compliance is all about implementation.

It’s not about policing the engineers; it is about enabling engineers to securely tap into the vast open source software resources available in order to create the most efficient software development organizations in their respective technology domains.

In this talk, Oskar Swirtun (Founder and CEO of FOSSID) will discuss the problems enterprises face when it comes to implementing successful open source software strategies and will explore various compliance flows that will enable enterprises to have faster and more effective development, better community interaction, and lasting differentiation for technology companies.

Speakers
avatar for Oskar Swirtun

Oskar Swirtun

CEO, FOSSID AB
Oskar Swirtun is the Founder and CEO of FOSSID AB, a company offering the most innovative and effective open source compliance solution on the market today. Oskar has worked extensively with open source software since 2001, when he introduced Linux and wrote the directive for use... Read More →

Wednesday November 16, 2016 1:00pm - 1:40pm JST
TBA
  Strategy

1:40pm JST

Automating Open Source Compliance: Next Steps, Kate Stewart, Sr. Director of Strategic Program, The Linux Foundation

Open Source is "open source" because of the license the developer of the code decided to release under.    Time to market is key for business, so suddenly getting stalled out, and not able to ship a hot new product due to licensing issues in the code, is every product managers nightmare.  

As the software development landscape has increased in complexity, components being re-used, being able to accurately and efficiently understanding the licensing is key.   This talk will summarize some of the open projects that will help us get to an automated summarizing of licensing obligations and next steps we shoul consider.


Speakers
avatar for Kate Stewart

Kate Stewart

Senior Director of Strategic Programs, Linux Foundation
Kate Stewart is a Senior Director of Strategic Programs, responsible for Embedded and Open Compliance programs. Since joining The Linux Foundation, she has launched Real-Time Linux, Zephyr Project, CHAOSS, and ELISA.

Wednesday November 16, 2016 1:40pm - 2:20pm JST
TBA
  Strategy

2:20pm JST

Coffee Break
Wednesday November 16, 2016 2:20pm - 2:40pm JST
TBA

2:40pm JST

cregit: Identifying the contributors of an open source system - Daniel German
Open Source Systems like the Linux Kernel are created by many different
contributors.  These contributors continuously improve the system by
adding/moving/editing/removing source code.  Unless the project has a
centralized ownership of the code (for example, by requiring copyright transfer
agreements), it becomes difficult to determine who the copyright owner or owners
of the system are.  Version control systems, such as git, provide a record of
who contributes what to the code base.

In this presentation I will describe the difficulties of mapping the version
control history to who the copyright owners of the system are.  I will also
describe cregit, a system that we have developed to improve the traceability of
how code gets added to a system and addresses some of these challenges. I will
also describe its deployment on the Linux Kernel:
https://cregit.linuxsources.org, and how it makes it possible to inspect how
each element of the source code in Linux has been contributed, and who its
contributor is.
Speakers
DG

Daniel German

Professor, University of Victoria
I am a professor of computer science at the University of Victoria. For the last 8 years I have been doing research in open source licensing and recently I have become interested in the use of distributed version control systems, such as git.

Wednesday November 16, 2016 2:40pm - 3:20pm JST
TBA
  Tool

3:20pm JST

FOSSology - License Analysis in HD and SPDX, Michael Jaeger, Senior Research Scientist, Siemens AG
FOSSology is an industry standard tool for the end-to-end analysis of software components in a single Web server application. It lets organizations scan source code for:

· License information,
· Copyright notices,
· Export control relevant statements.

It makes software analysis more efficient by offering high precision with few false positives, greatly reducing overhead costs. FOSSology lets users generate compliance documentation according to the organization's needs, in a variety of data formats, emphasizing SPDX tag-value and RDF documents. FOSSology is an Open Source Software tool licensed under GPL-2.0 and a Linux Foundation collaboration project. The presentation points out important points to consider at software license analysis and how to generate high-definition SPDX documents. This presentation represents an prequel to the tutorial/training proposed for this event.
Speakers
avatar for Michael C. Jaeger

Michael C. Jaeger

Project Lead, Siemens AG
Michael C. Jaeger is one of the maintainers for Linux Foundation's FOSSology and Eclipse SW360 projects, both available on Github and both in the area of OSS handling w.r.t. license compliance and component management. At Siemens Corporate Technology in Munich, Germany, Michael works... Read More →

Wednesday November 16, 2016 3:20pm - 4:00pm JST
TBA
  Tool

4:00pm JST

Coffee Break
Wednesday November 16, 2016 4:00pm - 4:20pm JST
TBA

4:20pm JST

Strategies in practical GPL enforcement, Harald Welte
Enforcement of copyleft licenses like the GNU GPL has always been a somewhat controversial topic.  Some people are not in favor of enforcement at all (but then, why choose the GPL and not a permissive license?). 
Other people have less inhibitions in enforcing the license.  But then this raises the next questions?  Enforcement using which strategy?  Enforcement using which methods?  The Linux Kernel developer community has recently re-fueled that debate on the ksummit-discuss mailing list.

Ultimately, most projects and developers are looking for the downstream developers and companies to participate in a collaborative development model.  The copyleft principle is just a legal "hack" to codify some part of that based on copyright.  As a result, license compliance is not an end in itself, but the very bare legal minimum of what needs to be done when engaging in (particularly corporate/commercial) re-use of Free Software.

This talk will look at the different (GPL) license enforcement approaches and present their advantages and disadvantages.
Speakers
HW

Harald Welte

Harald Welte is a data communications freelancer, enthusiast and hackerwho is working with Free Software (and particularly GNU/Linux)since 1995  His major code contribution to the Linux kernel was as acore developer of the netfilter/iptables packet filter.He has co-started a number... Read More →

Wednesday November 16, 2016 4:20pm - 5:00pm JST
TBA
  Community

5:00pm JST

Open Source Community responses to recent compliance enforcement, Armijn Hemel, Founder, Tjaldur Software Governance Solutions
Recently there has been a lot of public discussion about enforcement activity in Germany. In this talk I will look at community responses to the subject and explore what lessons can be learned.
Speakers
AH

Armijn Hemel

General Manager, Tjaldur Software Governance Solutions
Armijn Hemel, MSc is the general manager/owner at Tjaldur Software Governance Solutions and an internationally recognized expert on GPL license enforcement and GPL license compliance.

Wednesday November 16, 2016 5:00pm - 5:20pm JST
TBA
  Community

6:00pm JST

All Attendee's Reception
Wednesday November 16, 2016 6:00pm - 8:00pm JST
TBA
  Reception
 
Thursday, November 17
 

9:30am JST

OSS License Compliance together with our partners, Satoru Ueda, Sony
n this session we would like to discuss what should be shared with our business partners, such as ODM/OEM manufacturers.

The items which should be shared will be different in accordance with the phases. At the beginning stage, we should share very fundamental principles of the Open Source Software which highly relate to the License compliance issue.  Then, what will be the principles and why they are important for the license compliance?

We presume most of embedded system related industries are positioned at the initial stage to consider and take some action of the OSS license compliance together with our business partners.  We wish this session to initiate such discussion.
Speakers
avatar for Satoru Ueda

Satoru Ueda

Chief Open Alliance Manager, Sony corp.
From 2003, I have been engaged in a project to widely use Linux for consumer electronics appliances. In the project I have been supporting to establish and enhance collaborative relationship between the community and the embedded system developers. The challenge to harmonize with... Read More →

Thursday November 17, 2016 9:30am - 10:10am JST
TBA
  Case Study

10:10am JST

Case Study: Evolving Compliance Needs and Treatment in Acquisitions, Nithya Ruff,Director, Open Source Strategy Office, SanDisk
When companies come together, they come with different levels of Open Source adoption and different IP profiles. The creation of a common policy that works in the integrated company and takes into account the business model and IP strategy has been an interesting experience for us at SanDisk as we acquired and got acquired. A successful compliance policy is a living breathing document that evolves with the business needs and learnings. I will share our story of how we balanced our patent and open source strategies and grew through our m&a activities.

Speakers
avatar for Nithya Ruff

Nithya Ruff

Head, OSPO, Amazon
Nithya is the Head of Amazon’s Open Source Program Office. Amazon’s customers value open source innovation and the cloud’s role in helping them adopt and run important open source services. She drives open source culture and coordination inside of Amazon and engagement with... Read More →

Thursday November 17, 2016 10:10am - 10:50am JST
TBA
  Case Study

10:50am JST

OSS Compliance Management in Hitachi, Nobuo Imada, Engineer, Hitachi
Over 15 years, Hitachi has been using and developing Open Source Software for its products, including enterprise servers and embedded systems. Hitachi also manufactures proprietary software. Therefore, it needs to establish strict compliance management system. In this presentation, Hitachi would like to introduce our activities in OSS license compliance management and share the experiences and practices with the audience.
Speakers
NI

Nobuo Imada

Engineer, Hitachi, Ltd.
Nobuo Imada is an engineer, OSS Solution Center, Hitachi, Ltd.He has been involved in research and development of optical system for optical disk systems, design and engineering of optical fiber transmission systems, system engineering for cellular phone base stations, network systems... Read More →

Thursday November 17, 2016 10:50am - 11:30am JST
TBA
  Case Study

11:30am JST

Lunch Break
Thursday November 17, 2016 11:30am - 1:00pm JST
TBA

1:00pm JST

Common pitfalls and solutions, Armijn Hemel, Founder, Tjaldur Software Governance Solutions
Speakers
AH

Armijn Hemel

General Manager, Tjaldur Software Governance Solutions
Armijn Hemel, MSc is the general manager/owner at Tjaldur Software Governance Solutions and an internationally recognized expert on GPL license enforcement and GPL license compliance.

Thursday November 17, 2016 1:00pm - 1:40pm JST
TBA
  Tool

1:40pm JST

Supply Chain Security: Managing Binary Code in Bulk, Shane Coughlan, VP, Global Business Development, Insignary
Large companies have many devices in development, deployed or under support. Many of these devices share common chipsets, drivers and other components that use Open Source Software. This applies equally to devices released by a single company and to devices from different companies sharing the same OEMs or ODMs. The global shared supply chain allows reduced costs and time to market for all participants. However, it also means the "hack" of one device or a single CVE report may indicate a substantial multi-device, multi-company issue. This talk will explain how we can address this challenge using manual and automated approaches. It will also explore what Open Source tooling and commercial solutions exist to support corporate security teams in minimising risk for their company and their customers.
Speakers
avatar for Shane Coughlan

Shane Coughlan

OpenChain General Manager, Linux Foundation
Shane Coughlan is an expert in communication, security and business development. His professional accomplishments include spearheading the licensing team that elevated Open Invention Network into the largest patent non-aggression community in history, establishing the leading professional... Read More →

Thursday November 17, 2016 1:40pm - 2:20pm JST
TBA
  Tool

2:20pm JST

Coffee Break
Thursday November 17, 2016 2:20pm - 2:30pm JST
TBA

2:30pm JST

SPDX 2.1: overview and roadmap, Kate Stewart, Sr. Director of Strategic Program, The Linux Foundation
Speakers
avatar for Kate Stewart

Kate Stewart

Senior Director of Strategic Programs, Linux Foundation
Kate Stewart is a Senior Director of Strategic Programs, responsible for Embedded and Open Compliance programs. Since joining The Linux Foundation, she has launched Real-Time Linux, Zephyr Project, CHAOSS, and ELISA.

Thursday November 17, 2016 2:30pm - 3:10pm JST
TBA
  Tool

3:10pm JST

A Smart Way to Manage OSS Compliance with Yocto+SPDX, Maohui Lei, Fujitsu
A Smart Way to Manage OSS Compliance with Yocto+SPDX (Lei Maohui, Fujitsu) - If you are interested in Open Source Licensing and Compliance program, this presentation will be helpful. A smart way named Yocto+SPDX will help you manage OSS Compliance information for your Embedded-Product. The goal of Yocto+SPDX is to integrate automated SPDX generation in upstream open source projects. But the current Yocto+SPDX isn't in full compliance with SPDX specification. I have some experiences about generating SPDX file by Yocto+SPDX. And I am working to improve Yocto+SPDX to make it friendly. This presentation will show how to generate SPDX files with Yocto Project, discuss what we plan to do to improve Yocto+SPDX, and show what we have done.
Speakers
LM

Lei Maohui

IT Engineer, Fujitsu
Lei Maohui joined the Fujitsu Corporation in 2010. Her main job is developing an In-House Distro for Embedded Ecosystems which is based on Yocto project. Now she is the maintainer of a layer about SPDX of Yocto project.

Thursday November 17, 2016 3:10pm - 3:50pm JST
TBA
  Tool

3:50pm JST

Coffee Break
Thursday November 17, 2016 3:50pm - 4:00pm JST
TBA

4:00pm JST

Open Chain Update & Practice, Catharina Maracke, Ass. Professor, Keio University
With the formal establishment of the OpenChain workgroup and the public discussion of a first draft of the OpenChain specification more and more companies are starting to work on internal FOSS compliance processes to become OpenChain conforming. Internal communication and documentation processes are being reviewed and revised, which raises a couple of practical questions around individual process and workflow optimisation. The proposed session will give a short overview of the current status of the OpenChain project and especially the current OpenChain workgroups focussing on 1) specification, 2) certification, and 3) curriculum. It will then present best practices to create systematic milestones for FOSS compliance processes to become OpenChain conforming.

Speakers
avatar for Catharina Maracke

Catharina Maracke

Chair, Open Source Initiative
Catharina is a lawyer by training and has been involved in intellectual property and public licensing models for over 15 years beginning with her work as director for Creative Commons International overseeing and stewarding the Creative Commons global licensing suite and managing... Read More →

Thursday November 17, 2016 4:00pm - 4:40pm JST
TBA
  Open Chain

4:40pm JST

Giving Everyone Access To Open Source Best Practices: The OpenChain Curriculum, Shane Coughlan, VP, Global Business Development, Insignary
This talk will explain how the OpenChain Curriculum team has created and released compliance training material under CC-0 licensing so that every company in the global Open Source supply chain can easily adopt and customise best practices to suit their needs. It will expand on how this helps to comply with the OpenChain Specification and why this matters. It will also provide an explanation of how to engage with the OpenChain Specification, the OpenChain Curriculum, and what can be expected around Open Source supply chain management in the coming year.
Speakers
avatar for Shane Coughlan

Shane Coughlan

OpenChain General Manager, Linux Foundation
Shane Coughlan is an expert in communication, security and business development. His professional accomplishments include spearheading the licensing team that elevated Open Invention Network into the largest patent non-aggression community in history, establishing the leading professional... Read More →

Thursday November 17, 2016 4:40pm - 5:20pm JST
TBA
  Open Chain
 
Friday, November 18
 

9:30am JST

Full-Day Course: FOSSology - Hands On Training - Michael Jaeger, Kate Stewart
FOSSology is an open source license compliance software system and toolkit. As a toolkit, you can run license, copyright and export control scans from the command line. As a system, a Web interface provides you with a compliance workflow. License, copyright and export control scanners are tools used in the workflow.

Analyzing open source license compliance requires expert knowledge. Consequently, the use of the tool requires understanding of license analysis problems and how they are covered by FOSSology. The following elements are provided:

Challenges in real world examples at license analysis

Learning how to cope with license proliferation and custom license texts

Efficiently managing large open source components with heterogeneous licensing

Saving work with reusing license conclusions of open source packages when analyzing

Please see http://sched.co/7pGQ for more info.
Speakers
avatar for Michael C. Jaeger

Michael C. Jaeger

Project Lead, Siemens AG
Michael C. Jaeger is one of the maintainers for Linux Foundation's FOSSology and Eclipse SW360 projects, both available on Github and both in the area of OSS handling w.r.t. license compliance and component management. At Siemens Corporate Technology in Munich, Germany, Michael works... Read More →
avatar for Kate Stewart

Kate Stewart

Senior Director of Strategic Programs, Linux Foundation
Kate Stewart is a Senior Director of Strategic Programs, responsible for Embedded and Open Compliance programs. Since joining The Linux Foundation, she has launched Real-Time Linux, Zephyr Project, CHAOSS, and ELISA.

Friday November 18, 2016 9:30am - 5:00pm JST
TBA
  Training
 
Filter sessions
Apply filters to sessions.
Wednesday, November 16
Thursday, November 17
Friday, November 18
TBA
  • Case Study
  • Community
  • General
  • Open Chain
  • Opening
  • Reception
  • Security
  • Strategy
  • Tool
  • Training
  • Popular