Loading…
LCE-EU 2015 has ended
For More Information or to Register, Click Here
Wednesday, October 7 • 16:00 - 16:50
Managing Your Software Supply Chain with SPDX and Open Chain - Phil Odence, Black Duck Software and Catharina Maracke, Keio University

Sign up or log in to save this to your schedule and see who's attending!

Modern software mixes open source and proprietary components and is multi-sourced at most nodes in the supply chain. Supply chain compliance requires upstream best practices and production of standardized bills of materials. But mismatched expectations and capabilities in the supply chain cause delivery bottlenecks, security risks from components and license compliance risks. Organizations depending on suppliers need to address these friction points. SPDX is a standard for communicating open source content, licenses, and copyrights. OpenChain is a standard for governance, monitoring, and compliance across the software development lifecycle that provides benchmark against which companies can measure their suppliers. This presentation explores how SPDX and OpenChain can help companies overcome the challenges of managing open source governance and compliance across the supply chain.

Speakers
CM

Catharina Maracke

Associate Professor, Keio University
Dr. Catharina Maracke, a lawyer by training, is an associate professor at the Graduate School for Media and Governance, Shonan Fujisawa Campus, at Keio University in Japan. Her current work and interests include intellectual property law and policy, ethics and compliance, and the... Read More →
avatar for Phil Odence

Phil Odence

VP of Business Development, Black Duck Software
Phil Odence is Vice President of Corporate and Business Development for Black Duck Software, with responsibility for corporate and business development activities and expanding Black Duck's reach, image and product breadth by developing partnerships across Black Duck's ecosystem ecosystem... Read More →


Wednesday October 7, 2015 16:00 - 16:50
Liffey Hall 2

Attendees (0)