This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Meeting

OpenChain KWG meets every quarter to create value together through sharing and collaboration.

Even if large companies have already established policies and processes for Open Source Compliance, considering the huge and complex software supply chain, it is difficult to escape from compliance risks, no matter how well-completed processes are in place. After all, it is important to increase the level of compliance for all companies in the software supply chain. To do this, companies that already have a good understanding of Open Source Compliance should share their assets and guide them so that other companies can easily participate.

Even if a company’s Open Source Compliance assets are shared with competitors, it does not adversely affect sales. Conversely, finding out a competitor’s Open Source Compliance policy cannot link it to an increase in corporate profits. If companies share best practices for Open Source Compliance with each other, each company can achieve significant levels of compliance with little cost and resources.

Some Korean companies also shared the same idea, and in January 2019, the first OpenChain KWG (Korea Work Group) meeting was held in which open source people from LG Electronics, SK Telecom, Kakao, Hyundai Motors, and Samsung Electronics participated.

For details, refer to the next page.

1 - 1st Meeting

LG Electronics Seocho R&D Campus, Jan 2019

Organizer

  • LG Electronics

Intro

  • Purpose: Linux Foundation’s OpenChain Project introduction and Discussing how Korean companies participate
  • Scheduled : 2019-01-23 (Wed) 2pm-5pm
  • Place : LG Electronics Seocho R&D Campus
  • Article : openchain-workshop-in-korea-january-23rd-2019

Agenda

NoAgendaSpeakerSlide
1KeynoteHaksung Jang / LGEDownload
2Great Open Source Compliance For EveryoneShane Coughlan, Linux Foundation-
3How do we OpenChain?Haksung Jang / LGEDownload
4Introduce yourself & Workshop – OpenChain and KoreaSoim Kim / LGEDownload

Attendees

  • LG Electronics (12)
  • SK telecom (1)
  • Kakao (3)
  • Hyundai Motors (4)
  • Samsung Electronics (5)

2 - 2nd Meeting

Samsung Electronics, Seoul R&D Campus, Jun 2019

Organizer

  • Samsung Electronics

Intro

  • Scheduled: 2019-06-12 (Wed) 2 pm-5pm
  • Venue: Conference Room 107, E-Tower, Seoul R&D Campus Samsung Electronics (Umyeon-dong)

Agenda

NoAgendaSpeakerSlide
1OpenChain Today and TomorrowShane Coughlan, Linux FoundationDownload
2Open Source Verification System Construction StatusJaemin Cho, Samsung Electronics-
3Open Source Analysis Tool ReviewHee Sung Kim, Samsung Electronics-
4Open Source Compliance Tool based on Open SourceHaksung Jang, LG Electronicsfossology, oss-toolchain, ClearlyDefined

Attenddes

  • KT (1)
  • KTDS (2)
  • LG Electronics (9)
  • NCSOFT (2)
  • SK telecom (1)
  • Samsung Electronics (7)
  • Kakao (5)
  • Hyundai Motors (3)

3 - 3rd Meeting

SK telecom - Samhwa Tower 3F Room 4, Sep 2019

Organizer

  • SK telecom

Intro

  • Schedule: 2019-09-04 (Wed) 3:00~5:00 pm
  • Venue : Samhwa Tower 3F Room 4

Agenda

NoAgendaSpeakerSlide
1State of the UnionShane Coughlan, Linux FoundationDownload
2Introducing the T-hub SystemSK telecom, Sang-gi KimDownload
3Open Source Software License Analysis HistoryNCsoft, Jiho HanDownload
4Catch up with OpenChainHaksung Jang, LG ElectronicsDownload

Attenddes

  • KT
  • KTDS
  • LG Electronics
  • SK telecom
  • Line
  • Samsung Electronics
  • NCSoft
  • Kakao
  • Hyundai Motors
  • Hyundai Mobis
  • Hyundai MN Soft

4 - 4th Meeting

Ktds - Bangbae office, Room 207, Dec 2019

Organizer

  • KTDS

Intro

  • Schedule: 2019-12-02 (Mon) 2:00~5:00 pm
  • Venue: Ktds Bangbae office, Room 207

Agenda

NoAgendaSpeakerSlide
1OpenChain UpdateShane Coughlan, Linux FoundationDownload
2Open Source Management Portal and Open Source Management PlanSangmi Kim, Jihyun Lee / Ktds-
3How to Install and Use FOSSologyWonjae Park / LG ElectronicsDownload
4Haksung Jang, LG ElectronicsDownload
5Case StudyAll-
6Free DiscussionAll-

Case Study

  • Theme : Open Source Governance Organization
NoSpeakerSlide
1SK telecom, Woody ParkDownload
1NCSoft, Dasom HanDownload

Attenddes

  • KTDS
  • LG Electronics
  • SK telecom
  • SK holdings
  • Samsung Electronics
  • NCSoft
  • Kakao
  • Hyundai Mobis




5 - 5th Meeting

Conference Call, Mar 2020

Online Meeting

  • Schedule: 2020-03-19 (Thu) 2:00~ pm
  • How to join on PC
    1. Access https://uberconference.com/openchainproject from a PC
    2. After entering Your Name, click “Join audio-only” to enter the room
    3. After checking the microphone and speaker settings on the Confirm settings screen> Join conference
  • How to join on Phone 1.Call 02-6022-2388 from a mobile phone 2.Enter 855 889 3011#

Agenda

NoAgendaSpeakerSlide
1OpenChain UpdateShane Coughlan, Linux FoundationDownload
2Introduction to Korean Summary of Open Source Compliance in the EnterpriseDasom Han, NCSoftDownload
3Introduction to OpenChain Guide Published by NIPAHaksung Jang, SK TelecomLink
4How to install&use SW360, and Security Vulnerabilities ManagementHaksung Jang, SK TelecomDownload
5Case Study : How to track BOMAll-
6OpenChain KWG UpdatesHaksung Jang, SK TelecomDownload

Attenddes

  • NCSoft
  • Kakao
  • Hyundai Motors
  • Hyundai Mobis
  • LINE Plus
  • LG Electronics
  • SK telecom

Minutes

6 - 6th Meeting

Online Meeting, Jun 2020

Intro

  • Schedule: 2020-06-16 (Tue) 2:00~ pm
  • How to join on PC
    1. Access https://uberconference.com/openchainproject from a PC
    2. After entering Your Name, click “Join audio-only” to enter the room
    3. After checking the microphone and speaker settings on the Confirm settings screen> Join conference
  • How to join on Phone 1.Call 02-6022-2388 from a mobile phone 2.Enter 855 889 3011#

Agenda

NoAgendaSpeakerSlide
1OpenChain UpdateShane Coughlan, Linux Foundation-
2Introducing Olive, Kakao’s open source management systemRobinDownload
Structure and Specification of Dependency Analysis in OliveKakao Sean
3SK telecom and open sourceSK telecom AaronDownload
4Case Study : Open Source Contribution / Release PolicyAllDownload
5Free DiscussionAll-

Attenddes

  • NCSoft
  • Kakao
  • Hyundai Motors
  • Hyundai Mobis
  • LINE Plus
  • LG Electronics
  • SK Telecom

Minutes

Video

7 - 7th Meeting

Online Meeting, Sep 2020

Intro

Agenda

NoAgendaSpeakerSlide
1OpenChain UpdateShane Coughlan, Linux Foundation-
2Introduction of LG Electronics’ Open Source Compliance Management System (OSC System)LG Electronics, Soim KimVideo
3Intro and summary of a book, Forge Your Future with Open SourceLine, Seoyeon LeeDownload
4Case Study : Open source release practices (GitHub, CLA)All-
5OpenChain KWG UpdateSK telecom, Haksung JangDownload
6Free DiscussionAll-

Attenddes

  • Hyundai Mobis
  • Hyundai Motors
  • Kakao
  • ktds
  • LINE Plus
  • LG Electronics
  • NCSOFT
  • SamSung Electronics
  • SK telecom

Minutes

1. OpenChain Update (Shane Coughlan / Linux Foundation)

  • OpenChain is going to be approved as ISO standard soon
    • According to this, we’re going to create educational materials. And we’ll need translations by multiple languages
  • We’re going to make OpenChain T-shirt

2. Introduction of LG Electronics’ Open Source Compliance Management System, OSC System (Soim Kim / LG Electronics)

Main features

  • Project : Perform the OSC process by creating it for each software you distribute

    • When the included OSS list is uploaded, the reviewer reviews, and the system shows the part that needs disclosure.(The details for each license are shown, so that the user can check the scope of source code disclosure)
    • Finally the OSS Notice is issued, and the file and source code to be disclosed are distributed to http://opensource.lge.com
  • 3rd Party Project : Manage OSS list by 3rd party software

  • OSS / License details : Obligation according to OSS, License, and Restriction can be checked. (Each nickname is managed and mapped even if the same license are indicated differently)

  • Vulnerability : Check security vulnerabilities by OSS

  • BAT (Binary analysis tool) : When a binary is uploaded, OSS is detected and displayed

Future plan

OSC System will be open sourced soon!


A book that tells readers how to contribute to the FOSS project, regardless of skill level or area of expertise.

What Free and Open Source can do for you

  • benefits to your skillset, benefits to your career, benefits to your personal network

Prepare to contribute

  • Let’s make a checklist to see what kind of contributions you can make

  • Contribution process

    • Realize that you want to contribute - Find a project - Find a task - Configure the environment - Work on your contribution - Submit a contribution - Get feedback and repeat code improvements - Contributions are accepted - (Repeat)

Find a project

  • Set your goals

  • Collect your requirements: skills, interests, time slots, goals

  • Search candidate projects

    • Let’s check if the software we use every day is FOSS
    • Let’s search for your interest + open source
  • Things to check before making your final choice

    • How easy is it to contribute? Are the guides well-documented?
    • Take a look at the issue tracker and ask a question
    • Start small and have a long-term perspective

How to make use of this book

  • Use as an open source contribution guide
  • Open source contribution workshop
  • Use as a standard on how friendly open source projects of your company is to new contributors

4. Case Study: Open source release practices(GitHub, CLA, etc)


5. OpenChain KWG Update

  • Brand new KWG logo! (Thanks to @soimkim)
  • We are going to make T-shirts with our new logo. (TBD)

Video

https://www.openchainproject.org/featured/2020/10/23/openchain-korea-work-group-meeting-7-the-recordings

Video 1

OpenChain Update (Shane) & LGE’s OSC System (Soim Kim)

Video 2

Forge your future with Open Source (Seoyeon Lee)

Video 3

Case Study – Open Source Release Practices & OpenChain KWG Update (Haksung Jang)

8 - 8th Meeting

Online Meeting, Dec 2020

kwg-logo.gif

< designed by @soimkim >

Intro

Agenda

NoAgendaSpeakerSlide
0Intro & GreetingsHaksung Jang, SK telecomDownload
1OpenChain UpdateShane Coughlan, Linux FoundationDownload
2How to build open source program in Hyundai MotorsSongha Back, Hyundai MotorsDownload
3SCA(Software Composition Analysis) Market TrendRobin Hwang, KakaoDownload
4Olive, Grand OpenRobin Hwang, Kakao-
5Case StudyAll-
6OpenChain KWG UpdateHaksung Jang, SK telecomDownload
7Free DiscussionAll-

Case Study

  • Subject: What is the subject of open source compliance and security vulnerability checks?
    • Do you perform open source compliance activities for fonts? (Example: Open Font)
    • Does the company distribute mobile apps (Android, iOS) for in-house employees? If so, are you also performing open source compliance activities for them?
    • How do you classify the open source security vulnerability check targets? Do you include not only the software to be distributed, but also the software that is being used for infrastructure and servers as inspection targets?

Attendees

  • Hyundai Mobis
  • Hyundai Motors
  • Kakao
  • ktds
  • LINE Plus
  • LG Electronics
  • NCSOFT
  • SamSung Electronics
  • SK telecom

Video

Introductions and Update

Hyundai’s Open Source Governance System

Kakao’s Olive System

Minutes

1.OpenChain Update (Shane Coughlan, Linux Foundation)

OpenChain 2.1-ISO / IEC International Standard

  • Scheduled to be published on 12/14 (Mon)
  • Promotion scheduled for Japanese and Korean companies on the same day
  • Authentication method
    1. Self Certification: https://certification.openchainproject.org/
    2. Independent Assessment: Certification through certification bodies designated in each country
    3. Third-Party Certification: Certification through OpenChain partners such as PWC, TUV SUD, etc. (OpenChain official certificate issuance)

Self-Certification Support Language

  • Currently, English, Korean, and Japanese are supported
  • Chinese, German, French, Italian, Spanish, etc. will be available within December
  • SPDX 2.2 also enters ISO/IEC Transposition Process
    • To be adopted in the second quarter of 2021

Additional support for Openchain T-shirt

2. Hyundai Motors open source governance system (Songha Paik, Hyundai Motors)

background

  • In 2015, joined the Open Invention Network (OIN): Cross licensing organization for patent rights for open source
    • A lot of OIN promotion was done in industry consortiums where Toyota, BMW, and Honda participate.
  • In 2016, after joining OIN from Toyota, donated 10 million dollars and was approved as a Gold Member
  • In 2017, received professional training for open source SW licenses and recognized the importance of compliance
  • New TFT in 2018

Industry characteristics

  • More than 100 million lines of software included in automobiles (more weighted than other software)
  • More than 3,000 parts are delivered from supply chain companies, and among them, about 300 parts are supplied by the first-tier supplier directly
  • How to manage many suppliers is an issue

Currently established compliance plan

  • Open source management TFT composition under the IP organization
    • Responsible for legal response, distribution of license policies to third-party partners, open source verification, and license notification
  • directional
    • Step 1) Establish simple standards
      • Case where only the open source source code is disclosed and notified
      • A case that reveals the edited and added parts
      • Establish countermeasures for the three cases in which all combined user codes are disclosed and notified
    • Step 2) Signed a business agreement with NIPA
      • NIPA asks companies to request verification, and Hyundai Motor Company receives verification reports from companies.
    • Step 3) Utilize the OPENCHAIN ​​project
      • By utilizing the OPENCHAIN ​​project, we are trying to raise the level of open source compliance awareness among companies.

Issue: Open source and patents

  • Open source can also be protected by patent, and application and registration procedures are required
  • It is not only necessary to comply with the licensing regulations, but also check whether there is a problem with the third party’s patent rights and whether there is any impact on the company’s patent use.
  • Hyundai Motor Company cross-licensing related technologies through OIN and Linux System Definition

Q&A

  1. How many primary and secondary companies are requesting training/verification from NIPA?

    Since it started this year, about 20 companies still request verification.
    Currently, open source verification is in progress for new models rather than already released models.

  2. What is the patent verification method?

    There is no tool to match the source code.
    Knowing the technology and searching for a search word in the patent tool to check if it infringes the patent

  3. Were there any patent litigation issues related to open source?

    There were no litigation cases, but disputes and issues are known to exist.

  4. TF was started at Namyang Research Institute, and it will be expanded to the entire company.
  5. Are there any special processes in contract

    Provides drawings and specifications to be observed when requesting technology development.
    At this time, standard specifications related to open source are provided together to ensure compliance.
    Plan to create open source related provisions when contracting with companies In this

  6. Others: The reason why the former did not join OIN

    I reviewed OIN subscription twice but eventually did not sign up.
    It is not clear to what extent should be shared when determining the scope of OIN cross-licensing
    Companies with many patents may lose their license due to OIN. Judging that there is a risk

3. SCA (Software Composition Analysis) Market Trend (Minho Hwang (Robin), Kakao)

What is SCA?

  • Automated process to discover and manage security, licensing compliance
  • SCA related research
    • Gartner Report Research Results
      • The most important tasks when using OSS were the long-term viability of open source projects (#1), open source security issues (#2), and vulnerabilities (#3).
      • SCA tool selection criteria
        1. Vulnerability database: Provides a vulnerability database based on NVD
        2. Developer support: Whether there is an open source evaluation function, recommendation function, etc. before adding IDE and Repository integration code
        3. Open source license compliance: Can set license policies and have the ability to track licenses?
        4. Shorter response time: whether vulnerabilities can be quickly detected and prioritized
        5. Report issuance
    • Forrester Wave Research Results
      • In 2017, SCA was just beginning, and in 2019, existing companies settled in leadership positions and new services were born.
    • According to the G2 software evaluation agency
      • 1st place is called Gitlab, 2nd place is called WhiteSource

SCA vs SAST
SCA is a tool that manages open source vulnerabilities and licenses, while SAST is a tool that detects flaws in proprietary code and detects vulnerabilities before code production.

Introduction of representative SCA tools

  • FOSSA
    • The initial concept started as a license compliance management tool, and the project started with 4 people in 2018
    • Support for open source vulnerability management in 2020
    • It is said to have a rich database
  • Snyk
    • Contrary to FOSSA, it started as an open source vulnerability management tool, and recently supported license compliance management.
  • WhiteSource
    • Whitesource has been providing SCA tools since its inception, and has grown to become a leader among related companies.
    • Linked to Azure, Gitlab, etc.
  • SCA companies commonly operate a community such as a blog to provide various information.

Q&A

  1. When did the term SCA come about?

    It has already been used for a long time, but it seems that the name SCA has come out in earnest in research results from 2017.

  2. Can Github be considered SCA?

    Open source identification is possible, but it does not appear to be classified as SCA because it does not provide license identification or meta information.

  3. Can you provide a list of SCA blogs?

    To be shared
    Many SCA companies have blogs, and you can read a lot of high-quality articles.

4. Olive released (Hwang Min-ho (Robin), Kakao)

-Olive URL: https://olive.kakao.com -Kakao login-based, Github integration required -Currently, only the beta version has been released, and will be officially released by expanding the function. -Some modules will be released as open source

5. Case Study

Mailing list member only

6. OpenChain KWG Update (Haksung Jang, SK telecom)

How will the OpenChain KWG meeting be held in the future?

  • Would it be better to do it as it is now? Is there a better way?
    • There are a lot of sub-group meetings in Japan, and it would be nice if we could develop a sub-group or study group, but it will be possible only after the corona pendemic ends.
    • If you have any opinions on how KWG proceeds, please feel free to tell us!
  • Tooling Group Plan (Wonjae Park, LG Electronics)

OpenChain News

https://www.openchainproject.org/featured/2020/12/09/openchain-korea-work-group-meeting-8-full-recording

kwg-logo.gif

< designed by @soimkim >

9 - 9th Meeting

Online Meeting, Mar 2021

Intro

Agenda

NoAgendaSpeakerSlide
0Intro & GreetingsNewcomersdownload
1OpenChain UpdateShane Coughlan, Linux Foundation-
2FOSSLight DependencyJiyeong Seok, LG Electronicsdownload
3OpenChain KWG Update & /
3 Ways to Get ISO Certification
Haksung Jang, SK telecomdownload
download
41,273 days with open source (ISO Certification Review)Jiho Han, NCSOFTdownload
5Case StudyAll-
6Free DiscussionAll-

Case Study

  • Subject : Are you considering obtaining ISO/IEC 5230 certification?

Attendees

Video

OpenChain Update

FOSSLight Dependency

OpenChain KWG Update & 3 Ways to Get ISO Certification

1,273 days with open source (ISO Certification Review)

Minutes

photo

OpenChain News

10 - 10th Meeting

Online Meeting, June 2021

Schedule

  • Schedule: 2021-06-22 (The) 3:00~5:00 PM
  • How to join
    • Zoom (Please refer to the e-mail for the access address)

Agenda

NoAgendaSpeakerSlide
0Intro & GreetingsNewcomersOpenChain_Korea_20210622_intro.pptx
1OpenChain UpdateShane Coughlan, Linux Foundation-
2OpenChain KWG UpdateHaksung Jang, SK telecomOpenChain_Korea_20210622_update.pptx
3FOSSLight Open Source ProjectKyoungae Kim, LG Electronics210622_OpenChain_FOSSLight_LGE.pdf
4Latest Trends
- Google OSV (Open Source Vulnerability) & Google Insight (Open Source BOM)
- NIPA Open Source Governance Guide

Robin (Minho Hwang), Kakao
Seoyeon Lee, Line Plus

Google_OSV_and_Insight_황민호.pdf
NIPAGuide_Intro.pdf
5Smalㅣ group meetingAll-
6Free DiscussionAll-

Group meeting topics

  1. Who are you?
  2. What you do? What’s your main interest lately?
  3. Do you have any questions to other companies?

Attendees

  • SK Telecom
  • LINE Plus
  • Kakao
  • LG Electronics
  • NCSOFT
  • Hyundai Mobis
  • Hyundai Motors
  • Hyundai Autoever
  • Samsung Electronics
  • KT ds

Video

Intro

OpenChain Update

OpenChain KWG Update

FOSSLight Open Source Project

NIPA Open Source Governance Guide

Minutes

photo

OpenChain News

11 - 11th Meeting

Online Meeting, September 2021

Schedule

  • Schedule: 2021-09-30 (Thu) 2:00-4:00 PM
  • How to join
    • Zoom (Please refer to the e-mail for the access address)

Agenda

NoAgendaSpeakerSlide
0Intro & GreetingsNewcomers-
1OpenChain UpdateShane Coughlan, Linux Foundation-
2OpenChain KWG UpdateHaksung Jang, SK telecompdf
3Flow of change in Open Source LicenseSean Kim, Kakaopdf
4Introduction of Samsung Electronics’ open source policy and processYoonhwan Jung, Samsung Electronics-
5Recent trends
- Mandatory ‘SBOM’ by the US Government
- Github Copilot Open Source License Controversy
Robin Hwang, Kakaopdf
6Small group meetingAll-
7Free DiscussionAll-

Small group meeting topics

  1. Introduce yourself (what you do, your main interest recently)
  2. Share best practices on how to manage open source compliance activity history (communication with developers by e-mail? Using tools such as Jira?)

Attendees

  • ETRI
  • Hyundai
  • Hyundai AutoEver
  • Hyundai Mobis
  • Kakao
  • LG Electronics
  • LINE Plus
  • NCSOFT
  • Samsung Electronics
  • SK telecom
  • Linux Foundation

Video

OpenChain Update

OpenChain KWG Update

Flow of change in Open Source License

photo

OpenChain News

12 - 12nd Meeting

Online Meeting, December 2021

Schedule

  • Schedule: 2021-12-20 (Mon) 2:00~4:00 PM
  • How to join
    • Gather Town (Please refer to the e-mail for the access address)

Agenda

NoAgendaSpeakerSlide
1OpenChain UpdateShane Coughlan, Linux Foundation-
2OpenChain KWG UpdateHaksung Jang, SK telecompdf
4GPL litigation case in ChinaHaksung Jang, SK telecompdf
4Recent case : Stockfish v. ChessBase, SFC v. VizioWonjae Park, LG Electronicspdf
5Shift-left and Automate Compliance ChecksArlo Ha, Kakao Bandpdf
6Case StudyAll-
7Squid GameAll-
8Open Source Security Vulnerability Attack TypesRobin Hwang, Kakaopdf

Small group meeting topics

  1. (Individual, company) How was this year? Do you have any plans for next year?
  2. If there is anything you want from KWG (Please collect and share with one representative.)

Video

OpenChain Update

OpenChain KWG Update

GPL litigation case in China

Recent case : Stockfish v. ChessBase, SFC v. Vizio

Shift-left and Automate Compliance Checks

Open Source Security Vulnerability Attack Types

photo photo

13 - 13th Meeting

Online Meeting, March 2022

Schedule

  • 2022-03-16 (Wednesday) 2pm-4pm (KST)
  • Venue: Zoom (connection method will be notified by e-mail separately)

Agenda

NoAgendaSpeakerSlide
1OpenChain UpdateShane Coughlan, Linux Foundation-
2OpenChain KWG UpdateHaksung Jang, SK Telecompdf
3Latest Trends in Open Source
- Movement of Open Source Ecosystem in the Face of Russia’s Invasion of Ukraine
Robin Hwang, Kakaopdf
4ISO/IEC 5230 Certification Cases of Kakao and Kakao BankViolet Hwang, Kakao
Arlo Ha / May Lee, Kakao Bank
pdf
pdf
5Hyundai Mobis Open Source Management System and Current IssuesMi-Jin Jeon, Hyundai Mobispdf
6Open Source Promotion Plan for Open Source License Advance/Real-Time Verification ToolYunhwan Jung / Munki Hong, Samsung Electronicspdf
7Small Group Meetings (Case Study)All-

Video

OpenChain Update

OpenChain KWG Update

ISO/IEC 5230 Certification Cases of Kakao and Kakao Bank

Hyundai Mobis Open Source Management System and Current Issues

Open Source Promotion Plan for Open Source License Advance/Real-Time Verification Tool

Platinum

14 - 14th Meeting

Online Meeting, June 2022

schedule

  • Schedule: 2022-06-21 (Tue) 2pm-4pm
  • Venue: Zoom (connection method will be notified by e-mail separately)

Agenda

NoAgendaSpeakerSlide
1OpenChain UpdateShane Coughlan, Linux Foundation-
2OpenChain KWG UpdateHaksung Jang, SK Telecompdf
3Implications of SFC and Vizio’s GPL lawsuitHaksung Jang, SK TelecomLink (Korean)
3.5Quick session : Tips for using FOSSIDYounghwan Kim (Sean), Kakaopdf
4Small Group Meetings (Case Study)All-

Small group meeting: 2 sessions

Session 1. Topic discussion

  • Topic 1: Open Source Licensing Issues
  • Topic 2: Preparing for ISO5230 Certification
  • Topic 3: In-house development culture
    • Tech blog
    • Voluntary open source development culture
  • and others

Session 2. Just small talk

nipa

photo

Video

Video

OpenChain Update

OpenChain KWG Update

Implications of SFC and Vizio’s GPL lawsuit

Quick session : Tips for using FOSSID

Minutes

15 - 15th Meeting

September 2022, online meeting

calendar

  • Schedule: 2022-09-21 (Wednesday) 2pm-4pm
  • Venue: Zoom (address will be notified by e-mail separately)

Agenda

NoAgendaSpeakerSlide
1OpenChain UpdateShane Coughlan, Linux Foundation-
2OpenChain KWG UpdateHaksung Jang, SK Telecompdf
3SW asset management system in automobile sector and Hyundai Motor Group ISO/IEC certificationSong-ha Baek, Hyundai Motor Company
Chang-han Ryu, Hyundai Auto Ever
pdf
4Open Source Litigation Cases in ChinaJeong-sook Par, ERTIcase, ruling
5SFC vs. Vizio Litigation Case AnalysisYunhwan Jung, Samsung Electronicspdf
6Small Group Meetings (Case Study)All-

nipa

Minutes

OpenChain Update (Shane Coughlan / Linux Foundation)

  1. Global OpenChain Update
    • 펜데믹으로 오랜 기간 오픈되지 못했던 오프라인 Open Source Summit이 다시 열림
      • 9월 13일~9월 16일에 Open Source Summit Europe이 진행됨
    • OpenChain Security Assurance Specification 1.0 오픈: 링크
    • 2023년에 오픈소스 보안 영역도 ISO/IEC 인증에 제출할 예정
    • 과거에는 OpenChain 브랜딩에 오픈소스 라이선스 컴플라이언스만 이야기 되었다면, 이제는 오픈소스 보안까지 확장하여 re-brading이 필요한 시점

OpenChain KWG Update (장학성/ SK Telecom)

  1. 주요 행사
    • 운영위원회 3분기 모임 진행: 8/16(금)
      • Charter 확정
      • 3분기 KWG 미팅 준비
      • 운영위원회 Lead 선출 (임기는 ~2022년말)

        장학성님이 선출되었습니다~

      • 2022 OpenChain 예산 집행 계획 수립
    • Tooling Group 모임
      • 7월 온라인 세미나
        • Opossum 툴 소개
        • ETRI 오픈소스 컴플라이언스 시스템 OLA - Fosslight 적용 사례
      • 8월 온라인 세미나
        • 오픈소스 컴플라이언스 도구 평가 항목
        • Dejacode 소개
    • Conformance Group 모임
      • 질의응답 형태의 비정기 미팅이며, 온/오프라인 미팅으로 진행
      • 3차 모임은 7/19에 진행되었고, 현대차그룹 공동 ISO/IEC 5230 자체 인증 준비사항 공유 및 이슈/해결방안 논의
      • 4차 모임은 9/21에 진행되었고, CJ 오픈소스 컴플라이언스 체계 구축 이슈 공유 및 해결 방안 논의
  2. 주요 소식
    • 현대자동차그룹과 삼성 SDS의 ISO/IEC 5230 인증 선언

자동차 분야의 SW 자산관리체계 및 현대차그룹 ISO/IEC 인증 (백송하 / 현대자동차, 류창한 / 현대오토에버)

  1. 자동차 산업구조의 변화

    • SW개발 패러다임의 변화 : 자동차 산업이 ICT화되고 Value chain이 Pyramid 구조에서 hub and spoke 구조로 변화
    • SW복잡성 증가 : 소프트웨어의 복잡성은 증가하는 대신 영역기반 아키텍처(Zonal architecture) 로의 전환
    • SW정보의 흐름 및 소유권 : 여러 회사의 SW가 섞일 경우 수익 발생 시 수익배분 문제에 대한 전략 수립 필요
  2. SW자산관리체계

    • IP개념정리 : BIP, FIP, SIP, PIP, OIP로 개념화하여 관리·운영
    • SW자산관리 : Component - Stack - Module - Unit 아키텍처 구조로 SW관리
    • SW자산활용 : HW-SW분리 조달 대응 및 HMG SW Cloud체계 확립을 위한 SW 가치 산정 기준 수립
    • 오픈소스의 활용 : 복잡한 자동차 생태계 속에서 각 사별 SBOM이 잘 정리되어 고지될 수 있도록 노력
  3. 현대자동차그룹 오픈소스 컴플라이언스

    • 도입 배경부터 타임라인 소개
    • 현대자동차 오픈소스 관리방식 소개 : 통합시스템, 검증지원 MoU, 심플한 기준 등 공급망 관리를 위한 노력
    • ISO/IEC 5230 그룹사 공동인증 획득 : 4개 그룹사 공동추진, 네트워크 형성과 컴플라이언스 확장의 기반 마련
  4. 그룹사 연계 컴플라이언스 확장

    • 그룹사 컴플라이언스 확장 배경 : 복잡한 공급망 속에서의 컴플라이언스 신뢰성 확보 및 상생협력 관점
    • 그룹사 컴플라이언스 확장 추진 : 기업별 환경 고려한 맞춤형 지원 및 교육 추진
    • 중장기 그룹사 컴플라이언스 확장 모델 : 그룹사 전반의 통합 플랫폼 구축
  5. 결론

    • 공급망 속에서 이상적인 오픈소스 문화 정착
    • 공급망 / 생태계(기여) / 문화를 위한 노력

중국 오픈소스 소송 사례: 숫자천당 vs. 유자 (박정숙 / ETRI)

  1. 중국에서 업체간 저작권 관련하여 다툰 숫자천당과 유자 간 재판 결과 분석 소개
    • 항소심 판결 후 두 업체 모두 이의를 제기하지 않아 2019년에 종결된 사건
    • 저작권 분쟁 사건이지만 GPL 관련 판결 내용도 있어 중국 내 GPL 소송 사례로도 참고할 수 있음
    • 본 판결에서 GPL 오픈소스 관련해서는 라이선스 원문에 기반하여 판결하였음
    • 향후, 계속 이 입장으로 판결할 것인지, 추가분석을 통하여 타 코드와의 영향의 정도까지 분석하여 판결할 것인지는 추이를 살펴볼 필요 있음
    • 또한 플랫폼의 라이선스 이슈들에 대해서는 미리 분석하고 대비할 필요 있다고 판단됨

SFC vs. Vizio 소송 파헤치기 (정윤환 / 삼성전자)

  1. 배경
    • 2022년 5월 13일에 미국 연방지방법원에서 SFC가 Vizio 의 GPL 위반을 이유로 제기한 소송의 판결 선고
  2. 소송의 경과
    • SFC 는 캘리포니아 주법원에 소를 제기했고, Vizio 는 연방법원이 맡아줄 것을 주장
  3. 판결 내용
    • SFC 의 주장을 받아들여 주법원으로 환송
  4. 의의
    • 지재권법 위반의 관할은 연방법원, 계약법 위반 관할은 주법원이므로, GPL 위반이 계약 위반에 해당한다고 판단한 것으로 볼 수 있음
    • 일반적으로 원고는 저작권 위반을 주장하는 것이 유리하나
      1. SFC는 저작권자가 아니라 제3자인 소비자로서 소송을 제기하였고,
      2. 금전 배상이 아닌 소스코드 공개라는 “특정이행"을 청구하기 위해서 계약 위반을 주장
    • 이번 판결은 관할에 대해서만 판단한 것으로, 각 쟁점에 대한 본안 판단을 지켜봐야 함
    • 만약 SFC의 주장이 모두 인용된다면, 오픈소스 사용자(소비자)의 권리는 확대되지만,
      반대로 오픈소스 생태계를 주도하고 있는 기업들의 리스크가 증가함으로써 오히려 오픈소스의 확산이 저해될 수도 있음

16 - 16th Meeting

December 2022, online meeting

Calendar

  • Schedule: 2022-12-02 (Fri) 2pm - 4pm
  • Venue: Zoom

Agenda

NoAgendaSpeakerSlide
1OpenChain UpdateShane Coughlan, The Linux Foundation-
2OpenChain KWG UpdateHaksung Jang, SK Telecompdf
3GitHub Copilot is facing a class action lawsuitDonghyuk Kim, Line Pluspdf
4Introduction of OLIVE Platform Code Snippet analysis functionRicky Lee, Kakaopdf
5Notice obligations required by open source licenses and automatic generation of open source notices based on the SBOM standard (SPDX)Haksung Jang, SK Telecompdf
62022 AwardsLine Plus Seoyeon Lee-
7Small Group Meeting (Case Study)all-

Sponsors

sponsor

Photo

Video

17 - 17th Meeting

March 28, 2023 at Line Plus

Schedule

  • Schedule: 2023-03-28 (Tue) 2pm - 4pm
  • Venue: Line Plus (Seohyeon 1-dong, Bundang-gu, Seongnam-si, Gyeonggi-do)

Agenda

Part 1 Presentation Session

NoAgendaSpeakerSlide
0Welcome & OpenChain KWG UpdateSeoyeon Lee / Line Pluspdf
1OpenChain UpdateShane Coughlan, The Linux Foundationpdf
2Intro of OpenChain Security Assurance SpecificationHaksung Jang, SK Telecompdf
3Legal Issues of AI Technologies / Case Study: Getty Images v. Stability AIETRI 박정숙pdf
4networking timeall-

Part 2 Mini Summit - “Let’s manage open source!”

NoAgendaSpeakerSlide
5Dependency analysis method by toolRain (Hyunji Lim), Kakaopdf
6Sorisori OSORISoim Kim, Senior Manager, LG Electronicspdf
7FOSSLight super makeoverKyoungae Kim, LG Electronicspdf
8Have you used OLIVE lately?Violet (Eunkyung Hwang), Kakaopdf
9onot, now it’s quite usable!Rogers (Hyun-min Han), Kakaopdf

Sponsors

sponsor

Photo









18 - 18th Meeting

June 22, 2023 at Kakao (Pangyo Agit)

schedule

  • Schedule: 2023-06-22 (Thu) 2pm-5pm
  • Location: Kakao Pangyo Agit (166 Pangyoyeok-ro, Bundang-gu, Seongnam-si, Gyeonggi-do)

agenda

NoTimeAgendaSpeakerSlide
014:00Welcome & IntroViolet Hwang, Kakao-
114:10OpenChain Global UpdateShane Coughlan, The Linux Foundationslide
214:20OpenChain KWG UpdateHaksung Jang, SK Telecom / Seoyeon Lee, Line Plusslide
314:30Copilot Litigation Status AnalysisJeongsook Park, ETRIslide
415:00Break & Networking--
515:15FOSSLight + Security ReleaseJi-young Seok, LG Electronicsslide
615:30Introducing the OSORI projectYunhwan Jung, Samsung Electronicsslide
716:00Group discussionall-


Participant

  • Kookmin bank
  • KFTC
  • Line Plus
  • Samsung
  • AhnLab
  • NCsoft
  • cacao
  • Kakao Bank
  • Hangeul and computer
  • Hyundai Autoever
  • Hyundai Mobis
  • Hyundai Motor
  • CJ
  • ETRI
  • KT
  • KTDS
  • LG Electronics
  • NIPA
  • SK Telecom
  • SK Hynix

Photo

















Full Album

[2023 June] OpenChain Korea Work Group in Kakao

19 - 19th Meeting

September 19, 2023 at Hyundai Autoever

schedule

  • Schedule: 2023-09-19 (Tue) 1:30pm-5:00pm
  • Venue: Hyundai Autoever (510 Teheran-ro, Gangnam-gu, Seoul)

agenda

Session 0. Intro & Update

TimeAgendaSpeakerSlide
13:30~13:40Welcome & IntroSeokgi Min/Changhan Ryu, Hyundai Autoever-
13:40~13:50OpenChain Global UpdateShane Coughlan, Linux Foundation-
13:50~14:00OpenChain KWG Update
About Legal subgroup
Haksung Jang, SK Telecom / Seo-yeon Lee, Line Plus
Jeong-sook Park, ETRI
slide
slide

Session 1. Hyundai Motor Group and Open Source

TimeAgendaSpeakerSlide
14:00 - 14:10Hyundai Motor Group open source list releaseChanghan Ryu, Hyundai Autoeverslide
14:10~14:40Hyundai Motor Group Open Source Management System Case Study
- Hyundai Motor Company
- Hyundai Mobis
- Hyundai Autoever

Changwoo Lee, Hyundai Motor Company
Youngjun Lee, Hyundai Mobis
Jihyun Lee, Hyundai Autoever

slide
slide
slide
14:40~15:00NetworkingALL-

Session 2. Best Practices

TimeAgendaSpeakerSlide
15:00-15:20Security Management System - Based Open Source Security Assurance StandardJaewook Jeong, LG Electronicsslide
15:20~15:40LINE’s OpenChain Certification JourneySeoyeon Lee, Donghyuk Kim, Line Plusslide
15:40~16:00Chaotic AI open source license!Hyeseong Choi, LG Electronicsslide
16:00-16:20NetworkingALL-

Session 3. Group discussion

TimeAgendaSpeakerSlide
16:20~17:00Group discussionALL (Moderator: Seoyeon Lee, Line Plus)-

Sponsors




Attending companies

  • AhnLab
  • CJ OliveNetworks
  • ETRI
  • KB Data System
  • KT ds
  • LG Electronics
  • NHN
  • SK Corporation
  • SK Telecom
  • Kookmin bank
  • Korea Financial Telecommunications & Clearings Institute
  • Naver
  • Line Plus
  • Samsung SDS
  • Samsung
  • S-core
  • Open up
  • National IT Industry Promotion Agency
  • Genius
  • Kakao
  • Kakao Bank
  • HANCOM
  • Hyundai Mobis
  • Hyundai Autoever
  • Hyundai Motor

Photo













Full Album

[2023 Sep] OpenChain Korea Work Group in Hyundae Autoever

20 - 20th Meeting

November 15, 2023 / Samsung Electronics Seocho Headquarters

schedule

  • Schedule: 2023-11-15 (Wednesday) 2:00 PM - 4:30 PM
  • Location: Samsung Electronics Seocho Headquarters

agenda

TimeAgendaSpeakerSlide
14:00~14:10Welcome & IntroDaniel Park / Yunhwan Jeong, Samsung Electronics-
14:10~14:20OpenChain Global UpdateShane Coughlan, Linux Foundationpptx
14:20~14:30OpenChain KWG UpdateHaksung Jang, SK Telecompdf
14:30~14:40Year-end awardsHost: Seoyeon Lee, LINE+-
14:40~15:10Kakao Bank open source security assurance preparation case studyAlro Ha / May Lee, Kakao Bankpdf
15:10~15:30Networking (Beverages/Refreshments)All-
15:30~16:30Group discussionHost: Seoyeon Lee, LINE+-

Video

OpenChain Global Update, Shane Coughlan

Group Discussion




Attendees

  • KB bank
  • Korea Financial Telecommunications & Clearings Institute
  • Kia
  • Naver
  • Line Plus
  • Samsung
  • Samsung SDS
  • Ahnlab
  • Escore
  • NCSOFT
  • National IT Industry Promotion Agency
  • Kakao
  • Kakao Bank
  • TMap Mobility
  • Korea Electronics and Telecommunications Research Institute
  • Hancom
  • Hyundai Mobis
  • Hyundai Autoever
  • Hyundai Motor
  • KT
  • KTDS
  • LG AI Researcher
  • LG Electronics
  • NHN
  • SK Telecom

Photo













Full Album

[2023 Sep] OpenChain Korea Work Group in Hyundae Autoever

21 - 21st Meeting

March 26, 2024 (Tuesday) / Kakao Pangyo Azit

schedule

  • Schedule: 2024-03-26 (Tuesday) 2:00 PM - 5:00 PM
  • Location: Kakao Pangyo Azit, B1, Seminar Room

agenda

TimeAgendaSpeakerSlide
14:00~14:10Welcome & IntroHaksung Jang, SK Telecom-
14:10~14:20OpenChain Global UpdateShane Coughlan, Linux Foundationpptx
14:20~14:30OpenChain KWG UpdateHaksung Jang, SK Telecompptx
14:30~14:40Tooling Subgroup activitiesWonjae Park, LG Electronics-
14:40~15:00Legal Subgroup activitiesJeongsook Park, ETRIpdf
15:10~15:30BreakAll-
15:30~17:00Group discussionHost: Seoyeon Lee, Line Plus-

Attending speech

  • Kookmin bank
  • Korea Financial Telecommunications & Clearings Institute
  • Line Plus
  • Samsung
  • Ahnlab
  • Kakao
  • Kakao Bank
  • T Map Mobility
  • HANCOM
  • Hyundai Mobis
  • Hyundai Autoever
  • Hyundai Motor
  • CJ OliveNetworks
  • CJ Corporation
  • ETRI
  • kt ds
  • LG Electronics
  • NAVER
  • NHN
  • SK Corporation
  • SK Telecom

Photo

Full Album

[2024 Mar] OpenChain Korea Work Group in Kakao

22 - 22nd Meeting

June 20, 2024 (Thursday) / CJ Talent Training Center

Schedule

  • Schedule: 2024-06-20 (Thursday) 2:00 PM - 5:00 PM
  • Location: CJ Talent Training Center 4th floor Auditorium

Agenda

TimeAgendaSpeakerSlide
14:00~14:10Welcome & OpeningCJ-
14:10~14:20OpenChain Global UpdateShane Coughlan, Linux Foundationpptx
14:20~14:40OpenChain Korea Update & Subgroup PlanHaksung Jang, SK Telecom
Jeong-sook Park , ETRI
Won-jae Park, LG Electronics
pdf
14:40~15:10CJ open source management system caseKi-young Seong, CJpdf
15:10~15:40Entr’ouvert v. Orange Litigation CaseJeong-nyeon Jo, SK Corporationppt
15:40~16:00BreakAll-
16:00~16:30Sharing status of preparation of ISO/IEC 18974, open source security standardJin-young Chae/Ki-ryun Kim, Samsung SDSpdf
16:30~17:00Introduction of SBOM-based SW supply chain management guidelinesWonjae Park, LG Electronicspdf

Attending speech

  • Kookmin bank
  • Korea Financial Telecommunications & Clearings Institute
  • Naver
  • Line Plus
  • Samsung
  • Samsung SDS
  • Shinhan Data System
  • Ahnlab
  • cacao
  • Telechips
  • T Map Mobility
  • Hancom
  • Hyundai Mobis
  • Hyundai Autoever
  • Hyundai Motor
  • CJ Corporation
  • CJ OliveNetworks
  • ETRI
  • KB Data System
  • LG Electronics
  • NHN
  • SK Telecom
  • SK Corporation

Photo

[2024 June] OpenChain Korea Work Group in CJ

23 - 23rd Meeting

September 10, 2024 (Tue) / ETRI Seoul Office

Schedule

  • Schedule: 2024-09-10 (Tue) 2:00 PM - 5:00 PM
  • Venue: ETRI Seoul Office

Agenda

TimeAgendaSpeakerSlide
14:00~14:10Welcome & OpeningETRI-
14:10~14:20OpenChain Global UpdateShane Coughlan, Linux FoundationLINK
14:20~14:40OpenChain Korea UpdateHaksung Jang , SK Telecompdf
14:40~15:10Introduction to ETRI Open Source GovernanceJeong-sook Park, ETRIpdf
15:10~15:401. Open source requirements demanded by global automakers
2. Sharing litigation cases
- Github Copilot
- Google v. Oracle
- Getty Images v. Stability AI
Moon-yeop Kim, T Map Mobilitypdf
15:40~16:00BreakAll-
16:00~16:30Study on the Compatibility Conflicts between Open Source Licenses and the Criteria for Judgment (Focusing on the GPL License)Ji-young Yeon, Telechipspdf
16:30~17:00Introduction to Onboarding TF OperationsSeo-yeon Lee, Line Pluspdf

Video

OpenChain Global Update, Shane Coughlan

Attendees

Photo

[2024 September] OpenChain Korea Work Group in ETRI

24 - 24th Meeting

November 26, 2024 (Tue) / LG AI Research

Schedule

  • Schedule: 2024-11-26 (Tue) 2:00 PM - 5:00 PM
  • Venue: LG AI Research

Agenda

TimeAgendaSpeakerSlide
14:00~14:10Welcome & OpeningLG AI Researchslideshare
14:10~14:20OpenChain Global UpdateShane Coughlan, Linux Foundation-
14:20~14:40OpenChain Korea UpdateHaksung Jang, SK Telecompdf
14:40~15:20Open Compliance Summit 2024 ReviewWonjae Park, LG Electronics
Seoyeon Lee, Line Plus
Haksung Jang, SK Telecom
pdf
15:20~15:50NetworkingAll-
15:50~16:20AI Copyright Issues and Cases That Open Source Managers Should KnowYoonhwan Jeong, Samsung Electronicspdf
16:20~16:40LG AI Research’s Responsible AI PolicySoyoung Ahn, LG AI Research-
16:40~17:00Wrapping Up the YearSeoyeon Lee, Line Pluspdf

Attendee

  • KB Bank
  • Line Plus
  • Samsung Electronics
  • Shinhan DS
  • Kakao
  • T Map Mobility
  • Korea Digital Certification Association
  • Hyundai Mobis
  • Hyundai Motor Company
  • AhnLab
  • CJ Corporation
  • ETRI
  • HANCOM
  • KTDS
  • LG AI Research
  • LG Electronics
  • NAVER
  • NHN
  • SK Telecom

Photo

[2024 November] OpenChain Korea Work Group in LG AI Research

25 - 25th Meeting

Tue, March 25, 2025

Schedule