Open Compliance Summit has ended
December 6 -7 - Yokohama, Japan
Click for Open Compliance Summit Information & Registration

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Intermediate [clear filter]
Thursday, December 6

14:00 JST

Don’t Ship that Container – On the Challenges of Compliance of Container Images - Dirk Hohndel, VMware
Containers are on everyone’s mind. They are the future. They make everything better, easier, faster, cleaner, simpler, and more secure. At least that’s the impression you could get, listening to the hype or attending some of the conferences on the topic.
One area, however, you don’t hear much about, is compliance, specifically compliance with the open source license obligations of the components that are used to build said containers. And this is where things get a bit murky. And complicated. And confusing.

This talk will shine a light on some of the challenges that today’s container technologies (specifically, the tooling for creating and packaging container images) bring to the topic of open source license compliance. I’ll show some of the obvious and not so obvious pitfalls, the concerns with the so called industry best practices and ideas how to work around them.

avatar for Dirk Hohndel

Dirk Hohndel

Vice President & Chief Open Source Officer, VMware
Dirk is VMware’s Chief Open Source Officer, leading the company’s Open Source Program Office, directing the efforts and strategy around use of and contribution to open-source projects and driving common values and processes across the company for VMware’s interaction with the... Read More →

Thursday December 6, 2018 14:00 - 14:20 JST
Conference Room 7&8

14:20 JST

Auto Industry Implementation of “Open Source Software Supply Chain Management (OSSSCM)” - Masato Endo, Toyota Motor Corporation
The adoption of Open Source Software in the auto industry is expanding rapidly. This is especially true for advanced technology fields such as autonomous driving and connected vehicles, both areas where Open Source Software has an essential necessity.

Because the scale of supply chain of auto industry the importance of the risk management across the whole supply chain is also increasing. This presentation will propose a conceptual Open Source Software Supply Chain Management and in the process introduce community activities that support such an initiative such as OpenChain, OIN and GPL Cooperation Commitment.

avatar for Masato Endo

Masato Endo

Group Manager, Toyota Motor Corporation
Masato Endo is the Group Manager of Driver Monitoring Group, Value Chain Service and Technology Development, Technical Project Field of Advanced R&D and Engineering Company in TOYOTA. He focuses also on building the OSS governance structure within Toyota and developing relationships... Read More →

Thursday December 6, 2018 14:20 - 14:40 JST
Conference Room 7&8

16:00 JST

Building an Artificial Intelligence (AI) License Compliance Assistant - Jon Aldama, FOSSID AB
Explosive growth of Open Source Software makes finding the correct origin and licensing information for the free software ever more complicated for companies. But engineers are not licensing experts and need guidance before incorporating Open Source Software components into the products they build.

Our mission is to help companies achieve maximum Open Source Software adoption by simplifying the compliance work. AI is the key to delivering on that promise.

Our AI engine will combine the largest and highest performing knowledge base of Open Source on the market with millions of Open Source identifications that we have access to, in order to dramatically cut costs in the software auditing process, reduce risks for tech companies and accelerate overall innovation.

The goal for this talk is to give the audience an update about how AI can simplify their compliance work.


Jon Aldama

Jon Aldama (M.Sc.) is co-Founder and VP Products at FOSSID. Jon has profound engineering background, having worked with open source software compliance in large corporations as FOSS advisor and evangelist. Jon is an expert in product development, strategy, and positioning, and has... Read More →

Thursday December 6, 2018 16:00 - 16:20 JST
Conference Room 7&8

16:40 JST

Workshop: Using OSS Tooling for Open Source Compliance - Michael Jaeger, Siemens AG
This session shows less slides but rather demonstrates the use of open source based compliance tooling - it shows an end-to-end example of how license scanning is combined with component management. As a workshop session, attendees are encouraged to discuss the shown example together with the presenter.

The presentation will use the open source project FOSSology as license scanning and analysis tool. FOSSology consists of several building blocks that can be integrated into a compliance toolchain. And, it can be deployed as a Web server application allowing multiple users for analyzing OSS and sharing results. The presented component management system will be SW360, also an open source project. Organizations can use SW360 for maintaining an inventory of used software components to keep track of a software bill of material and reuse compliance information.

avatar for Michael C. Jaeger

Michael C. Jaeger

Project Lead, Siemens AG
Michael C. Jaeger is one of the maintainers for Linux Foundation\\'s FOSSology and Eclipse SW360 projects, both available on Github and both in the area of OSS handling w.r.t. license compliance and component management. At Siemens Corporate Technology in Munich, Germany, Michael... Read More →

Thursday December 6, 2018 16:40 - 17:30 JST
Conference Room 7&8
Friday, December 7

09:00 JST

Experiences from Open Source Program Office in an Established Company - Keiichi Seki, NEC
Today, Open Source Software Communities are major source of innovations. Open Source Compliance is very important for companies.
In established companies, the internal governance systems or organizations are not always optimized for Open Source way.
Sometimes, they are not aware of Open Source. This might stop or slow down things regarding Open Source issues.
In this presentation, Seki will share typical Open Source problems to be raised in established companies.
And Seki will also share importance of spreading Open Source literacy and culture from his experiences.


Keiichi Seki

Senior Manager, NEC Corporation
Keiichi Seki is an over 20 years experienced professional software architect in application platform middleware through R&D, marketing and customer support.And now he is working for Open Source Program Office in NEC to cover Licensing, Governance and Community activities.Recently... Read More →

Friday December 7, 2018 09:00 - 09:20 JST
Conference Room 7&8

09:40 JST

Fujitsu's Internal Operations for Participating in the OSS Communities - Takashi Harada, Fujitsu Limited
Fujitsu is an IT vendor which provides communication systems, IT systems, and related services. Fujitsu uses many OSSs in its business, and contributions from engineers to OSS communities are incresing. Mr. Harada from Fujitsu explains about Fujitsu's "Community Participation Guideline" which stipulates internal rules and has resolved some internal problems which had arised when engineers participate in communities.

avatar for Takashi HARADA

Takashi HARADA

Assistant Manager, Fujitsu Limited
In Fujitsu, Takashi HARADA is providing in-house intellectual property service including OSS license compliance related service, at IP innovation div. For about 10 years, he has been working on patent application, prosecution, negotiation, licensing, and litigation in Fujitsu and... Read More →

Friday December 7, 2018 09:40 - 10:00 JST
Conference Room 7&8

11:00 JST

Does Compliance Require Enforcement? - James Bottomley, IBM
It is certainly an arguable position that without enforcement there's
really no incentive for compliance because without sanction anyone
can do anything in open source with impunity and we might as well all
simply use permissive licences. To most people,
especially those dealing with the GPL family of licences "enforcement"
means "legal action".
However, the purpose of this talk is to walk us back from extremist
positions: in fact, enforcement can simply imply taking one's view of
compliance and getting others to align with it either by persuasion or
by more forceful means. Even the latter doesn't
necessarily mean legal action, it can mean anything from strong
representation (i.e. advocacy) through commercial sanction, the latter
potentially being simply applied by refusing to purchase products from
non SPDX badged suppliers (or non open chain conformant

avatar for James Bottomley

James Bottomley

James Bottomley is a Distinguished Engineer at IBM Research where heworks on Cloud and Container technology. He is also Linux Kernelmaintainer of the SCSI subsystem. He has been a Director on the Boardof the Linux Foundation and Chair of its Technical Advisory Board. Hewent to university... Read More →

Friday December 7, 2018 11:00 - 11:20 JST
Conference Room 7&8

11:40 JST

Software Heritage: Archive All the Source Code for Better Compliance - Stefano Zacchiroli, Software Heritage
Software Heritage is the largest public archive of software source code. It has already archive more than 4 billion unique source code files and 1 billion unique commits, coming from more than 80 million development projects.

The Software Heritage archive is a mutualized infrastructure that serves a number of use cases, from cultural preservation to scientific reproducibility and software analysis. In this talk we will present the project with a focus on its industrial use cases.

In particular we will discuss how Software Heritage enables universal provenance tracking and artifact identifications for the entire corpus of Free/Open Source Software (FOSS), and how it allows to outsource specific FOSS license obligations, such as making available complete and corresponding source code (CCS) tarballs for the shelf life of IT products.


Stefano Zacchiroli

Co-founder and CTO, Software Heritage
Stefano Zacchiroli is Associate Professor of Computer Science at Université de Paris on leave at Inria. His research interests span formal methods, software preservation, and Free/Open Source Software engineering. He is co-founder and current CTO of the Software Heritage project... Read More →

Friday December 7, 2018 11:40 - 12:00 JST
Conference Room 7&8

14:00 JST

Trademarks in Open Source - Hilary Richardson, Google LLC
Developers often have questions about the use of trademarks in open source projects, yet very few trademark attorneys weigh in on this topic. Non-attorney advice on the topic abounds in message boards with varying degrees of accuracy. Our recent casebook chapter on trademarks in open source attempts to shape the conversation on common questions about trademark usage based on actual case law. In-house compliance officers can expect to field questions about how to handle trademarks in open source, and may need to consider how to draft an open source trademark policy. Can developers simply license trademarks the same way that they license copyrights and patents? Does forking run in opposition to trademark protection? Why should developers care about trademarks? Tune in for a thoughtful discussion of these topics.


Hilary Richardson

Open Source Attorney, Google
Hilary Richardson is an open source attorney at Google. She performs licensing due diligence for acquisitions and divestitures, reviews commercial contracts for licensing issues, and sets open source policy across the company. Hilary co-authored an open source casebook chapter about... Read More →

Friday December 7, 2018 14:00 - 14:20 JST
Conference Room 7&8
Filter sessions
Apply filters to sessions.