The Linux Foundation

Subscribe to The Linux Foundation feed The Linux Foundation
Decentralized innovation, built on trust.
Updated: 39 min 8 sec ago

SPDX 2.2 Specification Released

Fri, 05/08/2020 - 04:37

The SPDX technical community is delighted to announce that the 2.2 version of the specification has been released!  We started working on the first version of the SPDX specification 10 years ago, and it has continued to improve and evolve to support the automation of more software bill of materials information over the years.  This release incorporates a significant amount of input from our tooling and user communities to enable new use cases to be better represented.

Some of the highlights for this release include:

The project members would like to thank our recent contributors to this release, who have enriched it with their new perspectives, as well as our ongoing participants.  A full list of those who have contributed by participating in the many discussions, adding comments, and making suggestions for improvements to the SPDX specification as it’s evolved over the last 10 years can be found at the Credits page!

The post SPDX 2.2 Specification Released appeared first on The Linux Foundation.

Cross-Industry Coalition Advances Digital Trust Standards

Tue, 05/05/2020 - 18:00
Governments, nonprofits and private sectors across finance, health care, enterprise software and more team up with Linux Foundation to enhance universal security and privacy protocols for consumers and businesses in the digital era

The ToIP Foundation is being developed with global, pan-industry support from leading organizations with sector-specific expertise. Founding Steering members include Accenture, BrightHive, Cloudocracy, Continuum Loop, CULedger, Dhiway, esatus, Evernym, Finicity, Futurewei Technologies, IBM Security, IdRamp, Lumedic, Mastercard, MITRE, the Province of British Columbia and SICPA. Contributing members include DIDx, GLEIF, The Human Colossus Foundation, iRespond, kiva.org, Marist College, Northern Block, R3, Secours.io, TNO and University of Arkansas.

Businesses today are struggling to protect and manage digital assets and data, especially in an increasingly complex enterprise environment that includes the Internet of Things (IoT), Edge Computing, Artificial Intelligence and much more. This is compounding the already low consumer confidence in the use of personal data and is slowing innovation on opportunities like digital identity and the adoption of new services that can support humanity.

Without a global standard for how to ensure digital trust, these trends are bound to continue. The ToIP Foundation will use digital identity models that leverage interoperable digital wallets and credentials and the new W3C Verifiable Credentials standard to address these challenges and enable consumers, businesses and governments to better manage risk, improve digital trust and protect all forms of identity online.

“The ToIP Foundation has the promise to provide the digital trust layer that was missing in the original design of the Internet and to trigger a new era of human possibility,” said Jim Zemlin, executive director at the Linux Foundation. “The combination of open standards and protocols, pan-industry collaboration and our neutral governance structure will support this new category of digital identity and verifiable data exchange.”

The Linux Foundation’s open governance model enables the ToIP Foundation to advance a combination of technology and governance standards for digital trust in a neutral forum that supports pan-industry collaboration. An open governance model that can be integrated into the development of the standards for digital trust is essential where the business, legal and social guidelines for technology adoption impacts human trust and behavior.

The ToIP Foundation will initially host four Working Groups. The Technical Stack Working Group and the Governance Stack Working Group will focus on building out and hardening the Technical and Governance halves of the ToIP stack, respectively. The Utility Foundry Working Group and the Ecosystem Foundry Working Group will serve as communities of practice for projects that wish to collaborate on the development of ToIP utility networks or entire ToIP digital trust ecosystems.

The ToIP Foundation will host an all-digital launch event on May 7, 2020 at 9AM PDT that will feature a panel discussion, interoperability demonstration and live Q&A. Register now for the live event. A second event will be hosted for the APAC region.

For more information about the ToIP Foundation, please visit www.trustoverip.org

Steering Member Comments

Accenture

“The internet and digital technologies are a critical part of the way we engage with each other and with organizations. Accenture has a deep commitment to developing solutions to build trust, protect privacy and put control of an individual’s data squarely in their hands. The Trust over IP (ToIP) Foundation is bringing together a powerful mix of experts and doing it at the exact right time given the urgent need to encourage greater adoption and increase trust in data privacy and ownership,” said Christine Leong, managing director, global lead for Decentralized Identity & Biometrics at Accenture.

BrightHive

“Now, perhaps more than ever, networks of public and private sector organizations know the value that can be created by collaborating with one another around their combined data to create novel insights and better align their work. But they also want to collaborate in the most responsible way possible. The work of the Trust over IP Foundation will radically strengthen the infrastructure of responsible data sharing by establishing a global standard for digital trust—ensuring that the very way that data is exchanged and verified creates a much-needed layer of security, privacy and trust. BrightHive is excited by the promise of this standard, and proud to partner with the other members to help see it realized,” said Matt Gee, CEO, BrightHive.

Cloudocracy

“Trust is the foundational element of all relationships between government, organizations, and each of us as individuals. Trust at Internet-scale, serves our greater global community and is best accomplished by communities of trust ecosystems. The Trust Over IP Foundation is the next stage of enabling this journey globally. The paradigm-shifting model of decentralized, person-centric identity is likely one of the most important breakthroughs in data privacy, cyber security and unlocking business value in many years. Cloudocracy seeks to facilitate coalitions of government, supply-chains and individuals to embark on journeys to establish value-based trust ecosystems towards achieving highly secure and empowered private ecosystems and the public-private ‘Internet of Value.’ The global shift will go beyond enabling government and organizations to reduce costs, complexity and add value but will also help steer to a better compass heading in protecting individual data privacy, health and biometric information, while also reducing risks and economic impacts of cyber security data breaches,” said Will Groah, executive director, Cloudocracy.

Continuum Loop

“The leaders we work with know that trust on the Internet isn’t working. They want to start building deep trust with their customers and partners. Our clients are investing, as are we, in the Trust Over IP Foundation. We all want to make sure we are involved in building the digital trust layer that the Internet needs. The technology works – now it is about building business cases and governance,” said Darrell O’Donnell, president and CEO, Continuum Loop.

CULedger

“The credit union movement is based on the idea that trusted interactions between people connected by a common bond are the best interactions.  A self-sovereign, secure, trusted identity, like MemberPass, is essential in the world ahead, and CULedger is paving the way for credit unions and financial cooperatives worldwide to pioneer this important effort and bring this frictionless digital experience to more than 270 million credit union members.  The work developed out of the Trust over IP Foundation will be the cornerstone to facilitate these trusted interactions in the new digital age.  We are excited about the opportunity to be working with other leading organizations in support of this effort,” said John Ainsworth, president/CEO, CULedger.

Dhiway

“Dhiway is happy to join the Trust over IP (ToIP) Foundation as one of the founding members. Our strategic initiatives are designed to bring a higher degree of assurance to the exchange of data between peers, over the Internet and other digital networks. Our participation is aligned with our vision to make the world more transparent and trusted, using digital frameworks that can be universally referenced, understood and consumed.  We intend to contribute our knowledge and expertise to support the ToIP foundation in its mission to build an interoperable architecture for Internet-scale digital trust –  empowering a growing ecosystem of companies and communities to exercise control over their digital assets. It’s encouraging to see the open collaboration that has led to the formation of this Foundation, and we are humbled and thrilled to be a part of this pioneering effort,” said Satish Mohan, Founder & CTO, Dhiway.

esatus

“On our mission of enforcing information security, strong trust relationships are essential. We need them to be equally strong in the real world and online. The Trust over IP Foundation facilitates easy composition, ramp-up and maintenance of digital trust components. Conveying real-world trust online is ultimately possible at flexibility and scale. esatus enterprise solutions employ digital trust components already, making next-gen security and privacy available to its customers today. Being a founding member of the Trust over IP Foundation is a natural fit,” said Dr. André Kudra, CIO at esatus AG. 

Evernym

“Evernym believes the only way to truly solve the avalanche of trust problems on the Internet is with an open standard and open governance model that is as universal as the TCP/IP stack that created the Internet itself. We have helped build the architecture of the ToIP stack layer by layer for the past three years, including the W3C Verifiable Credentials and Decentralized Identifiers standards that are at the heart of this new model, because we believe it will unlock a new explosion of value for every person, business, community and government using digital communications. We are thrilled to help stand up the ToIP Foundation at the Linux Foundation and hope that it attracts every company and contributor who wants to build a strong and lasting trust layer for the Internet,” said Drummond Reed, chief trust officer at Evernym and co-editor of the W3C Decentralized Identifier (DID) specification.

Finicity

“The Internet has fueled incredible innovation over that past few decades. And yet it has been significantly handicapped due to a general lack of trust. As we solve the trust dilemma, we will see a rapid acceleration of innovations that will change the way we do business, connect with others and consume information and entertainment,” said Nick Thomas, president & chief scientist and innovation officer, Finicity. “Finicity looks forward to advancing digital trust standards through its participation in the Trust over IP (ToIP) Foundation.”

IBM

“In today’s digital economy, businesses and consumers need a way to be certain that data being exchanged has been sent by the rightful owner and that it will be accepted as truth by the intended recipient. Many privacy focused innovations are now being developed to solve this challenge, but there is no ‘recipe book’ for the exchange of trusted data across multiple vendor solutions,” said Dan Gisolfi, CTO, Decentralized Identity, IBM Security. “The new Trust over IP Foundation marks an evolutionary step which goes beyond standards, specs and code, with the goal of creating a community-driven playbook for establishing ‘ecosystems of trust.’ IBM believes that the next wave of innovation in identity access management will be for credential issuers and verifiers to partake in these ecosystems, where trusted relationships are built upon cryptographic proofs.”

IdRamp

“Formation of The ToIP Foundation will transform and improve how digital services operate. Traditional centralized identity systems are hinged to vast security vulnerabilities that are not sustainable in a growing digital economy. Centralized services for things like mufti-factor authentication or social login encumber user flow and unnecessarily expose sensitive information to third parties. Decentralized systems resolve these problems but struggle with interoperability and standards to accelerate mass adoption. The Trust Over IP Foundation will help formalize and simplify adoption of Trust as a basic digital utility for everyone. The TOIP stack provides the foundation for a new generation of digital identity services. These services will provide high security frictionless interaction that put the user in control of their personal data. Organizations will establish personal connections with employees and user communities that are immune to the vulnerabilities of centralized systems. Individuals will be able to connect with one another without exposing personal information to the mediators that regulate digital interactions today. This will help businesses move beyond complex identity security investments that erode the bottom line and slow innovation. Verifiable digital trust in a decentralized data economy will open a world of possibilities for all individuals and businesses. As a founding member of the ToIP foundation, IdRamp is committed to helping businesses build a new decentralized digital economy that will evolve organically from traditional centralized systems,” said Mike Vesey, CEO, IdRamp.

Lumedic

“As the first representative of the health care industry on the Steering Committee, Lumedic sees tremendous potential for the Trust over IP Foundation to contribute to health care interoperability,” said Chris Ingrao, chief operating officer of Lumedic. “In confronting the challenges raised by the COVID-19 pandemic, we’ve seen that modern technologies can make a powerful difference when paired with strong governance models. The TOIP stack ensures that the way we exchange trusted health care information meets industry needs at a global scale.”

Mastercard

“We are building a bridge to a world where a person’s identity can be verified immediately, safely and securely for use in the digital world – where now, more than ever, identity is essential for delivery of digital health, education and government services. This cannot be accomplished in isolation. We are collaborating and innovating with governments, technology companies, financial institutions and industry sectors to make this a reality. Our participation within the Trust over IP Foundation builds atop the groundwork we currently have in place to ensure industry standards to guarantee we all transact and interact in a secure, convenient and trusted manner,” said Charles Walton, senior vice president, Digital Identity, Mastercard.

MITRE

“Advances in digital technologies and the Internet have brought great convenience to our lives.  But they also present risk – the inability to verify with confidence the identity of those you are connected with leaves us vulnerable to cyberattacks, identity theft, human trafficking, and financial fraud,” said Jim Cook, vice president of Strategic Engagement and Partnerships at MITRE. “As a not-for-profit company working in the public interest with a mission to solve problems for a safer world, we at MITRE are committed to creating a digital world in which people can interact safely and with confidence.  We applaud the Linux Foundation initiative to launch the Trust over IP Foundation, and we are honored to be a founding member.  We believe real innovation is made possible through open partnership, collaboration and cooperation, and we look forward to contributing to a safer internet through the Trust over IP Stack project.”

The Province of British Columbia

“The Province of British Columbia sees our collective potential to enable global-scale digital trust. The Trust over IP Foundation will be a significant leap forward in establishing a standards-based way for individuals and businesses around the world to interact and transact in safe and secure ways over the Internet,” said Dave Nikolejsin, Deputy Minister of Energy, Mines and Petroleum Resources and Chair of the Board of Digital Identity and Authentication Council of Canada. “From our perspective, this work augments our foundational regulatory role in the economy. In the natural resources sector, we see the potential to empower companies to have a new digitally trusted means to demonstrate due diligence on environmental and social impacts of projects as they work with Indigenous peoples and government. The Province of British Columbia is a founding member of the Trust over IP Foundation to help promote this new era of trusted digital services that everyone can rely on.”

SICPA

“For over 90 years, SICPA has partnered with governments, companies and organizations worldwide, to enable trust in banknotes, identities, products and brands. Our customers’ physical and digital lives are increasingly entwined, at work and at home, and our mission is to help shape trusted digital interactions by collaborating in enabling initiatives like the Trust over IP Foundation.  Building trust at a distance and at scale is a global challenge that will form the keystone in delivering the ultimate promise of an interconnected world: to respect the rights, privacy and security of everyone online and offline,” said Kalin Nicolov, Head of Digital Currency, SICPA.

 

Contributing Member Comments

DIDx

“The Internet lacks a digital trust layer that is not centrally controlled and managed. It is more important than ever to take control of our digital identities and data. The ToIP stack provides full control of digital identities and enables secure, privacy-preserving trust channels with verifiable data exchange. The digital trust layer of the internet. DIDx (a South African based startup) is excited to contribute and build interoperable trust ecosystems across Africa using the ToIP stack and are pleased to join the establishment of the ToIP Foundation together with the Linux Foundation,” said Lohan Spies, CEO DIDx.

GLEIF

“Trust is paramount within today’s digital world and we shouldn’t be afraid to challenge existing online processes for the greater good. The Trust over IP Foundation provides a neutral environment for these important conversations and will facilitate industry collaboration to create a global standard which businesses and consumers can trust. This aligns closely with GLEIF’s work to date as a not-for-profit organization which enables smarter, less costly and more reliable decisions about who to do business with. Our Global LEI System solves the problem of trust for legal entities worldwide, and we look forward to applying our expertise alongside many leading organizations within the foundation,” said Stephan Wolf, CEO, Global Legal Entity Identifier Foundation (GLEIF).

kiva.org

“As internet connectivity and digital services reach the world’s most vulnerable populations, it is paramount that we implement standardized, interoperable systems,” said Matthew Davie, chief strategy officer at Kiva. “The Trust over IP Foundation provides a framework to bring trust to this emerging segment of the digital economy and does so in a way that is consumer-centric and privacy-centric by design.”

The Human Colossus Foundation

“The synergistic domains of trusted identity and immutable semantics are required for organizations to integrate into a new decentralized data economy. The Human Colossus Foundation mission to implement decentralized semantics is aligned with the Trust over IP Foundation. We are proud to contribute to the collaborative projects and initiatives being launched,” said Paul Knowles, Head of the Advisory Board at The Human Colossus Foundation.

iRespond

“Trust is the foundation of every ecosystem, and governance is critical to build trust.  The creation of the ToIP foundation is a critical step toward both trust and governance, built on inclusion, transparency and open standards. We expect ToIP to be part of the essential glue that binds decentralized networks and identity.  The disadvantaged beneficiaries we serve will likely gain from this critical step to address challenges of guardianship and disruption of traditional barriers to establishing identity,” said Scott Reid, CEO, iRespond.

Marist College

“Marist College has long been on the cutting edge of technology innovation. We are excited to be a founding member of this effort to address digital trust and decentralized identity management at a time when internet transactions are a vital part of higher education and our growing digital economy,” said Michael Caputo, MS, vice president for Information Technology/CIO, Marist College.

Northern Block

“Northern Block is committed to empowering the mass adoption of digital verifiable credentials, which we believe won’t be possible without robust and common standards. The launch of the ToIP Foundation is the beginning of a new chapter for any organization who has been working diligently to enhance trust in life’s experiences. We look forward to supporting increasing participation in trusted ecosystems and burgeoning innovation in consumer experiences through digital trust,” said Mathieu Glaude, CEO at Northern Block.

R3

“R3 remains committed to supporting the development of secure, trusted and privacy preserving digital identity ecosystems and our participation in the Trust over IP Foundation is a reflection of that commitment. Our customers across industries including banking, insurance health care and telecommunications all agree that identity cannot be solved in isolation. With the industry coming together under the Trust Over IP Foundation we can work on the standards that will enable interoperability and unlock new opportunities for all. Our Corda platform is designed to enable private transactions, and by incorporating the work of the ToIP Foundation, we can develop solutions uniquely suitable for self-sovereignty in the digital world,” said Abbas Ali, Head of Digital Identity at R3.

Secours.io

“Our past inability to deal with privacy has cost human lives, because it limits innovation that can save lives. Trust over IP gives government the verification and governance it needs, and the public gets the trust it needs now allowing innovation to save lives,” said Sgt. J. Stirling Ret., Ontario Provincial Police, Provincial SAR Coordinator.

TNO

“TNO has deep involvement in the standardization and ecosystems of self-sovereign identity, including W3C, DIF, Hyperledger, Sovrin, RWoT and IIW. Our national and international partners and customers are looking for full-stack Trust-over-IP solutions. The ToIP approach is unique, as it includes the complexities of the top ‘business’ parts of the Trust-over-IP stack, as well as the governance of all layers. We believe that ToIP provides an excellent ground to contribute and further develop this knowledge base and apply it to many projects in ‘admintech’ and other industry sectors where trust in the provenance of data is essential,” said Dr. Oskar van Deventer, senior scientist Self-Sovereign Identity, TNO.

University of Arkansas

“The Internet was built in the 1970s and 1980s to allow machine-to-machine transfer of information, but it was missing the trust layer that identifies the people, organizations, or objects running those machines. The Trust over IP (ToIP) Foundation is building the technical and governance standards to provide that missing layer, which will enable trusted, secure, peer-to-peer transfers of value.  Voices from industry, governments and academia are needed to realize the vision. As an academic partner, the Blockchain Center of Excellence at the University of Arkansas is pleased to join this effort to develop open standards for a trust layer over the Internet,” said Mary Lacity, Walton Professor and Director of the Blockchain Center of Excellence at the University of Arkansas.

About the Linux Foundation

Founded in 2000, the Linux Foundation is supported by more than 1,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more.  The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

###

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

 

Media Contacts
Beth Handoll
ReTHINKitMedia
beth@rethinkitmedia.com
+1 415 535 8658

The post Cross-Industry Coalition Advances Digital Trust Standards appeared first on The Linux Foundation.

A guide to open source software for procurement professionals

Fri, 05/01/2020 - 05:17
A new Linux Foundation whitepaper provides guidance in negotiating software contracts that have open source components. Introduction

The first and most important step in negotiating any agreement is always to get the facts.  For example, when negotiating a software development agreement, the developers for both parties probably assume that the software will include many pre-existing components written by third parties.  If the procurement and legal personnel negotiating the agreement assume that there should be no code that is not written by the vendor, the process will be inefficient and waste a lot of everyone’s valuable time.   

If developers are confronted with ridiculous assumptions about writing software from scratch, the credibility of the procurement process is undermined, and, in the future, they will find ways to avoid or delay involving procurement and their legal counsel.

The Linux Foundation recently published a whitepaper written by Karen Copenhaver and Steve Winslow that aims to help procurement professionals and their legal counsel avoid making erroneous factual assumptions that will undermine their credibility and delay negotiations through a better understanding of software development and the use of open source software assets. This is a summary of its findings.

Software is not static

The software that will be developed will evolve as it is developed. The reality is that if we required a detailed, final specification for development before the parties can begin work, the only assurance we would have is that the results would be too late to market to be valuable. 

Agreements today have to be focused on establishing the process for working together to develop something which neither party can fully define or envision. Requiring that a fixed list of the specific software components that will be used in development be included in the agreement may not make sense to the people who will perform the work. 

They may know that the list will change often, and they do not want to amend the agreement every time they consider, include, or replace a component. A process acceptable to both parties that allows for the rapid evolution of the work to be performed will be welcomed.

Software will change over its normal life

Software is never “finished” until it is uninstalled. Constant updating is required to accommodate changes in the operating environment, including the hardware, opportunities for enhancement, and to apply patches that become available to eliminate potential security vulnerabilities. If the software is not updated, then necessary software maintenance is not occurring. Agreements should not be written based on the assumption that all development will conclude at any point before the end of the life of the software.

Software providers will not author or “own” the copyright in all of the software that is being delivered

The software will include components owned and developed by third parties and will rely on dependencies that may not be part of the distributed package of software. 

Because the software does not operate in a vacuum, components and interfaces written by third parties are necessary for the software to function. For example, applications installed on laptops use interfaces in the operating system. Without using the libraries and/or interfaces that provide access to this infrastructure, the software cannot be developed, tested, or deployed.

In addition to what is developed and delivered as part of the agreement, all software operates within one or more ecosystems of third-party dependencies that are necessary for its optimal use and performance.

The use of these dependencies will directly influence the price at which the software provider offers their software for sale. 

Tools are important to the delivery of software and solutions

Just as lawyers rely on a word processing program to write an agreement, software developers use software tools to make development more efficient. These tools are often the most complex software involved in the development project, and the amount of code in this development environment will almost always far exceed the amount of code in the developed deliverable. And these tools will change and evolve just as the software that is being developed will change and evolve. Knowing the specific facts related to the collection of tools used to develop this software is essential to avoid unworkable approaches.

Sometimes the development environment will be a third-party product that can be acquired directly from the third party. If a version of the third-party product that is being used is specified, the customer will be able to replicate and maintain that development environment should it ever be needed. 

Other times, the reason to hire a specific company to do the work is that they have a well-established, unique development environment, and, just as important, a set of highly skilled developers trained to use it.  

However, to “deliver” the entire development environment is often impractical for a number of reasons. The company asking for it to be delivered may not have sufficient equipment or technical employees even to install the software, much less maintain it. 

To deliver any code at a single point in time, without a plan for someone to maintain the code going forward, is not useful.  

The continuous delivery of code in a development environment is an enormous amount of work that must be performed by highly skilled individuals – often the same individuals who are required to complete the work you have engaged the vendor to perform.  

Requiring delivery of the development environment as a contract solution where the technical employees of both companies know that the delivered code will never be used is considered by developers as a frustrating waste of valuable resources that will delay the work everyone wants the vendor to perform.

Many of the most valuable third-party components and tools are made available under open source licenses

Most estimates suggest 70-90% of all the code in a system will be built from open source software. And even proprietary, purchased solutions that any IT organization currently uses are very likely built in large part with open source components.

Unless your technical people agree that there should be no open source code of any kind used in its development, do not ask for a representation or warranty that there will be no open source from a contractor or supplier. 

If software made available under an open source license will be used, the relevant questions you should ask should be related to the selection of the code, maintenance of the code, and compliance with the applicable license terms in your specific use case. And all of these are questions that should be asked about both open source and non-open source software. 

If your competitors are using these valuable open source assets and you do not, it will be hard to be competitive on cost, quality, maintenance, and security. One of the most important reasons to use open source is to benefit from the advantages of shared support across an ecosystem. 

Software licenses can be categorized in unlimited ways

There are many software licenses. Some are licenses that the Open Source Initiative (https://opensource.org/) has approved as consistent with the Open Source Definition (https://opensource.org/osd-annotated). There are also licenses that are similar to those licenses but that have never been approved, and some of those variations are not considered by people familiar with this terminology to be “open” or may even be of a proprietary or commercial nature. 

The SPDX License List (https://spdx.org/licenses/) has been curated by lawyers working in the open source ecosystem and identifies many of the licenses that frequently come up in reviews and negotiations.

The question is: does any practical difference arise in any specific contractual context based on exactly where a license falls on that spectrum? In our estimation, spending time and energy trying to define a separate category of Open Source Software is not helpful in reaching an agreement. Aside from how the open source ecosystem may categorize licenses, all software licensed from third parties should be evaluated under the same criteria for your project.

Some of the most essential and widely used software are provided under the GPL and other copyleft licenses

GPL-licensed software such as the GCC Compiler and the Linux operating system is used by the vast majority of companies and industries around the world. The distribution of this software usually triggers copyleft obligations to provide source code. Many businesses are built on top of the GPL-licensed Linux operating system and other copyleft software that is used in the business to provide services but are not distributed. 

A common perception of the GPL and its variants as being unworkable open source licenses is inaccurate. Keep in mind that the GPL, like all free and open source licenses, does not restrict your usage. As a recipient of GPL software, you have far more expansive license rights to use the software than you have under a proprietary software license agreement. Compliance with the GPL upon a redistribution of the code may be a factor to consider but should be compared with the fact that you would likely not have the right to redistribute proprietary software at all. 

A company can have a “no GPL policy,” yet it cannot operate in most industries without dependence upon the Linux operating system, which is GPL-licensed software.  

Unless your technical people agree that there should be no GPL or copyleft licensed code of any kind used in its development or provided in the work product, do not ask for a representation or warranty that there will be no copyleft software. Once again, the relevant questions related to the selection of the code, maintenance of the code, and compliance with the applicable license terms in the relevant use case.  

Conclusion

Lawyers and procurement professionals should not even attempt to dictate how software development will be accomplished. If negotiations hit a rough patch, take the time to confirm that the real issue is risk allocation. Make sure that the dispute is not due to insistence on facts that your technical team does not believe to be true. This is particularly difficult when longstanding corporate policies are out of step with current realities.   

To download “Fact gathering: The first and most important task in software negotiations”, click on the button below. Download whitepaper

The post A guide to open source software for procurement professionals appeared first on The Linux Foundation.

LF Networking Accelerates 5G, Cloud Native, and Edge Readiness with Expanded Projects and Growing Community Ecosystem

Fri, 05/01/2020 - 01:00

 

  • China Mobile brings XGVela to the Linux Foundation, focusing on open telco PaaS platform for 5G network functions and related applications
  • Accelerating LFN collaboration across open source projects within CNCF, LF Edge, LF AI, Hyperledger, ORAN-SC to enhance 5G, Cloud Native, and Edge as ecosystem moves to deployment
  • Growing developer participation in critical projects through virtual technical conferences, new Training courses, and expanded Mentorship programs 

 

SAN FRANCISCOApril 30, 2020 – LF Networking (LFN), which facilitates collaboration and operational excellence across open source networking projects, today announced continued successes with cross-industry, global collaboration. Progress includes the Linux Foundation induction of new project, XGVela, an open source telco Platform as a Service (PaaS) for 5G network functions and related applications; new LFN silver member everis; expanded mentorship and training opportunities; and a new verified product by the OPNFV Verification Program (OVP). Together, these efforts bring additional support for future automation and deployment of 5G, edge, and cloud native networking technologies. 

“In a new normal, networking serves as the critical foundation for everything we do. That said, we are pleased to see strong growth in developer participation of our projects, including training with close to 30,000 enrollees to date, and a recent virtual developer event with over two-times the registration of past physical events,” said Arpit Joshipura, general manager, Networking, Edge and IOT, the Linux Foundation. “We’re expanding our global footprint that enables open source networking and related technologies to grow and thrive. Other examples include the addition of XGVela as a Linux Foundation project aimed to accelerate telco cloud adoption, new silver member everis, and new training and mentorship opportunities.” 

Donated by LFN member China Mobile, XGVela provides a PaaS platform to accelerate the design, development and innovation of telco-related services. The project refines common capabilities of upper layer services as PaaS functions on platform layer. The platform brings General PaaS functions from existing open source PaaS component projects (e.g.  Grafana, Envoy, Zookeeper, etc.) to be enhanced with telco requirements, and Telco PaaS which has strong telecommunication characteristics and is under exploration. 

Currently, XGVela has gathered partners including China Mobile, China Unicom, China Telecom, ZTE, Ericsson, Nokia, H3C, CICT and Beijing University of Post and Telecommunications, and received high attention from Intel, and Red Hat. XGVela hopes to expand the telco cloud native ecosystem and enable more cloud deployments among telcos.

“Exploring the future direction of network transformation has always been one of China Mobile’s core missions,” said Xiaodong Duan, director of network and IT department, China Mobile Research Institute. “ With the deployment of 5G, applications of containers and microservice technologies, we believe operator networks will eventually evolve into a cloud native network. Hence China Mobile is pleased to launch a new project within the  Linux Foundation – XGVela, a 5G cloud native PaaS. We hope XGVela will gather the most intelligent technicians from operators, vendors and IT companies to help accelerate operators’ cloud native transformation and promote vertical industrial prosperity.”

Welcome everis

LFN welcomes its newest Silver member, everis, an NTT DATA company dedicated to  consulting and outsourcing in all sectors. Everis joins recently-announced Silver members A10 Networks, AMD, Codilime, Mirantis, Robin.io, Solutions by STC, ULAK, and Xilinx. These organizations work alongside the plethora of existing member organizations to drive development, testing and implementation of LFN’s existing networking projects, including FD.io, ONAP, OPNFV, OpenDaylight, OpenSwitch, PNDA, SNAS, and Tungsten Fabric.

“We are really excited to join LFN. everis, as a networking system integrator, finds in LFN a key lever to unleash industry Data Openness, Network Process Automation and 5G future networks,” said Hugo Alberto Nava, Telecom Director at everis. “This area is so important for us that we have designed a new area, #everisOpenNetworks, in charge of uniquely integrated networks and systems, helping CSPs achieve more efficient and low-cost operations. Our vision in relation to the future of OSS is directly connected with a disaggregated, open, cloud-based and data-driven architecture with the main purpose of enabling value through close loop automation inside the most important network processes. We believe the Linux Foundation Networking is essential to go deep into this approach, helping us to make a difference by sharing knowledge and taking our proposal into a superior level.” 

About everis

everis is a consulting and outsourcing company that covers all sectors of the economy, with a turnover of nearly 1.437 million euros in the last fiscal year, made up of 27,000 professionals distributed throughout Europe, the USA and Latin America. everis is firmly committed to talent and innovation and its main objective is to attract the best professionals and help them develop their careers in the company https://www.everis.com/

Mentorship & Training

LFN is kicking off an expanded mentorship program with 9 active projects; opportunities for students (mentees) include building a portal for ONAP Automation Testing; Hardware Delivery Verification Tool; ONAP Security Requirements; Conformance Testing for ETSI NFV APIs; and more. More details on the LFN Mentorship program are available here

Additionally, the Linux Foundation offers a robust package of networking training courses. Given the current global situation, the Linux Foundation is making it easier to use this time to brush up on open source skills, or gain new ones. All certification exams, and nearly all  training courses, are available remotely, making them a good option for those home during this time. 

Included is the entire catalog of open networking training courses, covering everything from DevOps for Network Engineers to courses on ONAP, OPNFV and more. An ONAP certification exam will be launching in the coming months, so this is a great chance to get prepared. The LF also offers dozens of completely free training courses. Edge training courses will be available in May. 

OVP Badging

The OPFV Verification Program (OVP), which has verified 12 products with the NFVI “Infrastructure” badge, is pleased to announce its first product to be verified with the “VNF” Badge – Çınar, a 5G Core VNF from LFN member Ulak Communications. The team from Ulak participated in the LFN Developer & Testing Forum in Prague and the VNF Hacking Track designed to help VNF vendors jumpstart their VNF testing efforts. 

New LFN Assets

A new whitepaper, prepared by a Working Group of the LFN Technical Advisory Council (TAC), has been published that illustrates the state-of-the-art in networking technology and provides an overview for how the LF Networking (LFN) projects may be used as building blocks for modern networks. An introductory guide for the edge is also now available that gives an overview of the edge compute market opportunity, where open source fits in, the role of Linux Foundation projects in your edge strategy, and how to get involved. 

Looking Ahead

2020 will continue to be a productive year for LFN. The community will host a virtual developer event June 1-4 (details to come) for developers to collaborate and engage across LFN communities, including ONAP, OPNFV, CNTT, and more. 

The Open Networking & Edge Summit (ONES),  the industry’s premier open networking event now expanded to comprehensively cover Edge Computing, Edge Cloud & IoT will take place in Los Angeles September 28-29. ONES enables collaborative development and innovation across enterprises, service providers/telcos and cloud providers to shape the future of networking and edge computing. Register today for Early Bird pricing: https://events.linuxfoundation.org/open-networking-edge-summit-north-america/register/

ONAP will soon issue its sixth platform release, ONAP Frankfurt, which enhances support for cloud native with deeper Kubernetes integration and for 5G through network slicing and an initial O-RAN integration. Frankfurt will also include security improvements and begin the shift to Python 3 and Java 11.  

More LFN content is on the way with an LFN End User Advisory Group (EUAG) whitepaper on ONAP consumption, a CNTT whitepaper, and introductory guides for cloud native and 5G.

Support for XGVela

“Cloud Native has reached broad consensus as the target architecture of telecom networks,” said Xiongyan Tang, chief scientist of China Unicom Network Technology Research Institute and the Chief Architect of China Unicom Intelligent Network Center, China Unicom. “China Unicom believes that the telecom cloud native architecture is a key path towards agile operations, and would provide a great foundation for the digital transformation of operators. XGVela is committed to work together towards a telecom PaaS functions platform for 5G and Cloud-oriented services,which will play an important role in the cloud native evolution of  thetelecom industry. China Unicom is pleased to join XGVela project, and will work together with community partners to nurture a vibrant technical community.”

“In the 5G era, services innovation needs a fast-paced, continuous change of technology to promote network transformation,” said Yongbing Fan, vice director of Network Evolution Department, China Telecom Research Institute. “The integration of CT and IT technology, network and cloud-native are currently recognized to be telco-industry trends. China Telecom attaches great importance to the combination of network and services, and is committed to accelerating its cloudification. The cloud-native telecom PaaS platform, XGVela, perfectly meets the needs of the 5G era. China Telecom is pleased to join this project and work with community partners to cultivate a dynamic technical community.”

“Cloud native paradigm and design principles are key to Ericsson, being the first 5G provider to include cloud native container-based technologies as part of its 5G Core offering,” said Anders Rpsengren, head of Architecture & Technology, Business Area Digital Services, Ericsson. “Ericsson is one of the leading promoters and supporters of the open source ecosystem, accelerating the adoption and industry alignment in a number of key technology areas. As a leading vendor of cloud native telco applications we see significant value in both standardization and open source projects in the cloud native area including CNCF, CNTT and now XGVela, that help push the boundaries of tomorrow’s networks in terms of agility, efficiency and reliability.”

“Network transition has become a consensus among global operators. NFV, SDN and 5G have accelerated the progress of telecommunication network and cloud computing combination,” said Chen Fang, technical director, H3C Carrier Departemnet. “XGVela will further promote the introduction of cloud-native concepts into telecommunications networks. By constructing a carrier-grade PaaS platform and restructuring the organization of 5G network elements, it will promote the full opening of 5G network capabilities and support the network transition and success of 5G networks. H3C is committed to promoting the digital transition of society and is willing to work with China Mobile to promote the maturity and industrialization of XGVela.”

“The telecommunications industry is in the middle of two key transitions that will shape the world to come – the deployment of 5G and the transition to cloud native,” said Jonne Soininen, head of Open Source Initiatives, Nokia  “The industry needs to work closely together in order to succeed in this transition. Nokia is strongly committed to contribute to achieve this goal. We welcome the leadership from CMCC in proposing the XGVela project. Nokia is looking forward to working closely with CMCC and the rest of the industry to make sure the transition to cloud native in telecommunications is successful.”

“ZTE is honored to participate in the XGVela project as a major telecommunications equipment manufacturer. We believe that XGVela attempts to use containerization technology and reasonably divide the telecommunications capabilities and general capabilities in PaaS, which will help the flexible deployment of network elements and the rapid scheduling of resources in 5G networks,” said Wang Weibin, CTO of ZTE Telecom Cloud & CN Product Operation. “ZTE hopes to contribute our experience accumulated in the long-term research and development of telecommunications core networks in this project. We sincerely hope that industry peers will work closely together in this new open source project to enrich the ecosystem, create extraordinary value, and achieve complete success!”

About the Linux Foundation

The Linux Foundation is the organization of choice for the world’s top developers and companies build ecosystems that accelerate open technology development and commercial adoption. Together with the worldwide open source community, it is solving the hardest technology problems by creating the largest shared technology investment in history. Founded in 2000, The Linux Foundation today provides tools, training and events to scale any open source project, which together deliver an economic impact not achievable by any one company. More information can be found at www.linuxfoundation.org.

# # #

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

 

The post LF Networking Accelerates 5G, Cloud Native, and Edge Readiness with Expanded Projects and Growing Community Ecosystem appeared first on The Linux Foundation.

Telcos Increase Focus on Cloud Native as LF Networking and Ecosystem Groups Solve Interoperability Challenges

Fri, 05/01/2020 - 01:00

 

  • Initiatives across the Common NFVI Telco Taskforce (CNTT), LF Networking’s Compliance and Verification program (OVP), ONAP Cloud Native, and OPNFV holistically address cloud native architecture, deployment challenges, and Cloud Native Network Function (CNF) requirements 
  • Open source groups preemptively address interoperability and performance to accelerate networking industry cloud native transformation

 

 

SAN FRANCISCOApril 30, 2020 – LF Networking (LFN), which facilitates collaboration and operational excellence across open source networking projects, today announced a turning point for the industry, with integrated initiatives focused on cloud native interoperability and deployment for telcos. Consolidated efforts among the Common NFVI Telco Taskforce (CNTT), LF Networking’s Compliance and Verification Committee (or OPNFV Verification Program, “OVP”), and the OPNFV project through CNTT’s cloud native “R2” workstreams, OVP’s cloud native “OVP 2.0,” and OPNFV’s renewed commitment to testing and integration alignment with end users indicate a deep commitment to  address challenges faced in cloud native adoption. 

“NFV continues to evolve as telcos increasingly adopt cloud native technologies,” said Heather Kirksey, vice president, Community & Ecosystem Development, the Linux Foundation. “Change, however, brings challenges, especially to areas like compliance, testing, automation, and integration. With input from telcos directly, collaborative efforts across CNTT, OVP, and OPNFV enable our ecosystem to benefit from cloud native adoption.”  

Celebrating its first year, CNTT – developed to create a  reference model, implementations and conformance requirements to reduce cost, time-to-market and complexity of telco operations in development and adoption of VNFs and CNFs – has augmented its VM-based specifications with several cloud native focused workstreams focused on container technologies. These workstreams will enable service providers to specify infrastructure and CNF requirements to empower operators to drive forward with their cloud native implementations with an early emphasis on streamlining operations, ease of CNF deployment, and implementation consistency. These requirements will enable strong integration and conformance to streamline operational efficiency and new service agility. The group is also on track for its third release, Baldy, in early June. 

“China Mobile started the world’s largest NFV cloud deployment in 2019. Taking into consideration cross-vendor and scalability challenges, China Mobile put in a huge effort on interoperability and integration automation, and established a mature integration process and automation toolsets, which help improve the overall efficiency and quality of NFV cloud,” said Xiaodong Duan, director of Network and IT department of China Mobile Research Institute. “We believe these practices and experiences could also provide help and reference to other operators. Open source communities provide de-facto standards, open interfaces and automation tools, which are crucial for NFV adoption. We are expecting CNTT and OPNFV 2.0 to take the leading role for promoting NFV to the next phase of integrated innovation.”

In tandem with CNTT, OPNFV – which reduces time to integrate and deploy NFV infrastructure and onboard VNF/CNFs for those who supply components and those who operationalize these platforms – has adapted its mission based on the evolving needs of telcos. The next stage of OPNFV takes the initial foundations laid by the project to the next level by providing support for CNTT architectures and introducing reference implementation and test automation ahead of 5G deployments while continuing and refining the testing and integration work OPNFV is known for.  Providing the code implementation of CNTT platform references and testing requirements, OPNFV further accelerates the telecom ecosystem’s commitment to improving adoption and easing operational headaches.

Pivot points include improved developer resources, such as more refined testing and deployment tools for conformance and performance of NFV infrastructure, aligned with industry reference architectures.

“Having successfully completed the roll-out of our network virtual infrastructure, Vodafone is accelerating it’s journey to Cloud Native,” said Rabi Abdel, principal cloud architect and senior manager at Vodafone Group. “Industry initiatives such as CNTT, empowered by a compliance program, can help us simplify the management of our sophisticated, feature-rich, complex Cloud Networks, and enable an open, inter-operable & fully integrated architecture eco-system.This is a key factor to enable the delivery of high quality new Services to our Customers, faster than ever, in the 5G era.” 

 Also taking on a concerted effort to address cloud native for telcos, the OPNFV Verification Program (OVP) –  which combines open source-based automated compliance and verification testing for cloud stack specifications established by ONAP, multiple SDOs such as ETSI and GSMA, and the LF Networking End User Advisory Group (EUAG) – has launched a Cloud Native OVP sub-committee focused on conformance, validation, and performance testing for cloud native infrastructure and CNFs. Working closely with the CNTT requirements workstreams, the automated integration and testing work with OPNFV, and ONAP cloud native orchestration initiatives, the cloud native OVP initiative further enhances operator and vendor abilities to more easily transition to cloud native in a cost effective and interoperable fashion.These requirements feed tool-sets and testing scripts developed within OPNFV, ONAP, and the CNCF Telecom User Group (TUG) communities.

To date, OVP’s VM-based program has verified 12 products with the NFVI “Infrastructure” badge and one product with the VNF badge. OVP 2.0 will enhance this effort with badges for cloud native telecom platforms and CNFs.

Looking Ahead

Taken as a whole, these initiatives spanning architecture specifications, implementation integration and deployment, automated testing, and compliance badging provide a solid foundation to advance the telecom industry’s cloud native journey. Moving forward, the groups will continue alignment and collective integration with other related groups including the CNCF Telecom User Group (TUG), ETSI, the GSMA, and other open source and SDO groups. As 5G becomes more pervasive, telcos need to find new paths to adopt technologies in ways that did not exist five plus years ago when NFV came onto the scene. 

The community expects to issue two CNTT releases this year, with an updated Reference Architecture, Reference Model and Reference Conformance to start. Reference Implementations and more OVP Badging updates are also in the works. 

Additional Resources

About the Linux Foundation

The Linux Foundation is the organization of choice for the world’s top developers and companies build ecosystems that accelerate open technology development and commercial adoption. Together with the worldwide open source community, it is solving the hardest technology problems by creating the largest shared technology investment in history. Founded in 2000, The Linux Foundation today provides tools, training and events to scale any open source project, which together deliver an economic impact not achievable by any one company. More information can be found at www.linuxfoundation.org.

# # #

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

The post Telcos Increase Focus on Cloud Native as LF Networking and Ecosystem Groups Solve Interoperability Challenges appeared first on The Linux Foundation.

Fact gathering: The first and most important task in software negotiations

Fri, 05/01/2020 - 00:31
Fact gathering: The first and most important task in software negotiations

When negotiating a software development agreement, and if the developers for both parties assume that the software will include many pre-existing components, the process will be inefficient and becomes a significant waste of time.

A whitepaper that provides guidance in negotiating software contracts that have open source components

Through the understanding of open source software development, this whitepaper can help procurement professionals and their legal counsel avoid making factual assumptions that will undermine their credibility and delay negotiations.

Author: Karen Copenhaver & Steve Winslow Download Now

The post Fact gathering: The first and most important task in software negotiations appeared first on The Linux Foundation.

LF Edge Expands Ecosystem with Open Horizon, adds Seven New Members and Reaches Critical Deployment Milestones

Fri, 05/01/2020 - 00:05

  • Open Horizon, an application and metadata delivery platform, is now part of LF Edge as a Stage 1 (At-Large) Project.
  • New members bring R&D expertise in Telco, Enterprise and Cloud Edge Infrastructure.
  • EdgeX Foundry hits 4.3 million downloads and Akraino R2 delivers 14 validated deployment-ready blueprints.
  • Fledge shares a race car use case optimizing car and driver operations using Google Cloud, Machine Learning and state-of-the-art digital twins and simulators.

SAN FRANCISCO – April 30, 2020 –  LF Edge, an umbrella organization under The Linux Foundation that aims to establish an open, interoperable framework for edge computing independent of hardware, silicon, cloud, or operating system, today announced continued project momentum with the addition a new project and several technical milestones for EdgeX Foundry, Akraino Edge Stack and Fledge. Additionally, the project welcomes seven new members including CloudBrink, Federated Wireless, Industrial Technology Research Institute (ITRI), Kaloom, Ori Industries, Tensor Networks and VoerEir to its ecosystem.

Open Horizon, an existing project contributed by IBM, is a platform for managing the service software lifecycle of containerized workloads and related machine learning assets. It enables autonomous management of applications deployed to distributed webscale fleets of edge computing nodes and devices without requiring on-premise administrators.

Edge computing brings computation and data storage closer to where data is created by people, places, and things. Open Horizon simplifies the job of getting the right applications and machine learning onto the right compute devices, and keeps those applications running and updated. It also enables the autonomous management of more than 10,000 edge devices simultaneously – that’s 20 times as many endpoints as in traditional solutions.

“We are thrilled to welcome Open Horizon and new members to the LF Edge ecosystem,” said Arpit Joshipura, general manager, Networking, Edge & IoT, the Linux Foundation. “These additions complement our deployment ready LF Edge open source projects and our growing global ecosystem.”

“LF Edge is bringing together some of the most significant open source efforts in the industry, said Todd Moore, IBM VP Open Technology, “We are excited to contribute the Open Horizon project as this will expand the work with the other projects and companies to create shared approaches, open standards, and common interfaces and APIs.”

Open Horizon joins LF Edge’s other projects including: Akraino Edge Stack, Baetyl,  EdgeX Foundry, Fledge, Home Edge, Project EVE and State of the Edge. These projects support emerging edge applications across areas such as non-traditional video and connected things that require lower latency, and  faster processing and mobility. By forming a software stack that brings the best of cloud, enterprise and telecom, LF Edge helps to unify a fragmented edge market around a common, open vision for the future of the industry.

Since its launch last year, LF Edge projects have met significant milestones including:

  • EdgeX Foundry has hit 4.3 million docker downloads.
  • Akraino Edge Stack (Release 2) has 6 Blueprint families and 14 specific Blueprints that have all tested and validated on hardware labs and can be deployed immediately in various industries including Connected Vehicle, AR/VR, Integrated Cloud Native NFV, Network Cloud and Tungsten Fabric and SDN-Enabled Broadband Access.
  • Fledge shares a race car use case optimizing car and driver operations using Google Cloud, Machine Learning and state-of-the-art digital twins and simulators.
  • State of the Edge merged under LF Edge earlier this month and will continue to pave the path as the industry’s first open research program on edge computing. Under the umbrella, State of the Edge will continue its assets including State of the Edge Reports, Open Glossary of Edge Computing and the Edge Computing Landscape.

Support from the Expanding LF Edge Ecosystem

Federated Wireless:

“LF Edge has become a critical point of collaboration for network and enterprise edge innovators in this new cloud-driven IT landscape,” said Kurt Schaubach, CTO, Federated Wireless. “We joined the LF Edge to apply our connectivity and spectrum expertise to helping define the State of the Edge, and are energized by the opportunity to contribute to the establishment of next generation edge compute for the myriad of low latency applications that will soon be part of private 5G networks.”

Industrial Technology Research Institute (ITRI):

“ITRI is one of the world’s leading technology R&D institutions aiming to innovate a better future for society. Founded in 1973, ITRI has played a vital role in transforming Taiwan’s industries from labor-intensive into innovation-driven. We focus on the fields of Smart Living, Quality Health, and Sustainable Environment. Over the years, we also added a focus on 5G, AI, and Edge Computing related research and development. We joined LF Edge to leverage its leadership in these areas and to collaborate with the more than 75 member companies on projects like Akraino Edge Stack.”

Kaloom:

“Kaloom is pleased to join LF Edge to collaborate with the community on developing open, cloud-native networking, management and orchestration for edge deployments” said Suresh Krishnan, chief technology officer, Kaloom.  “We are working on an unified edge solution in order to optimize the use of resources while meeting the exacting performance, space and energy efficiency needs that are posed by edge deployments. We look forward to contributing our expertise in this space and to collaborating with the other members in LF Edge in accelerating the adoption of open source software, hardware and standards that speed up innovation and reduce TCO.”

Ori Industries:

“At Ori, we are fundamentally changing how software interacts with the distributed hardware on mobile operator networks.” said Mahdi Yahya, Founder and CEO, Ori Industries. “We also know that developers can’t provision, deploy and run applications seamlessly on telco infrastructure. We’re looking forward to working closely with the LF Edge community and the wider open-source ecosystem this year, as we turn our attention to developers and opening up access to the distributed, telco edge.”

Tensor Networks:

“Tensor Networks believes in and supports open source. Having an arena free from the risks of IP Infringement to collaborate and develop value which can be accessible to more people and organizations is essential to our efforts. Tensor runs its organization, and develops products on top of Linux.  The visions of LF Edge, where networks and latency are part of open software based service composition and delivery, align with our vision of open, fast, smart, secure, connected, and customer driven opportunities across all industry boundaries.” – Bill Walker, Chief Technology Officer.

VoerEir:

“In our extensive work with industry leaders for NFVI/VIM test and benchmarking,  a need to standardize infrastructure KPIs in Edge computing has gradually become more important,” said Arif  Khan, Co-Founder of VoerEir AB. “This need has made it essential for us to join LF Edge and to initiate the new Feature Project “Kontour” under the Akraino umbrella. We are excited to collaborate with various industry leaders to define, standardize  and measure Edge KPIs.”

About The Linux Foundation

Founded in 2000, the Linux Foundation is supported by more than 1,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more.  The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

###

The post LF Edge Expands Ecosystem with Open Horizon, adds Seven New Members and Reaches Critical Deployment Milestones appeared first on The Linux Foundation.

Linux Foundation Board Elects Open Source Technology Trailblazer

Mon, 04/27/2020 - 23:00

The Linux Foundation today announced that Sony’s Tim Bird has been elected to its board and that Panasonic’s Hiromi Wada has been re-elected for a two-year term.

Tim has a long and esteemed history working in the Linux and open source community. For more than 28 years, he has supported the developer community as a core Linux developer and maintainer of Sony’s Linux kernel and previously as Chief Technology Officer at Lineo. He was also the founder of the Embedded Linux Conference and the Consumer Electronics Linux Forum. He’s also served on the Linux Foundation’s Technical Advisory Board, an esteemed council that provides guidance to the Linux Foundation on developer community needs and concerns.

“Sony has contributed to the open source community for many years and recognizes that collaboration accelerates the development of technology and innovation to benefit the whole industry,” said Tim Bird, Linux Foundation board member and principal software engineer at Sony. “The Linux Foundation plays a vital role in coordinating the various parts of the open source ecosystem so that everyone can be more productive. I am very happy to be able to participate at the board level to continue to support and promote open source initiatives for the good of all.”

Hiromi Wada has also been re-elected to the Linux Foundation board. She is co-director of the R&D Division at the Automotive Company of Panasonic and sits on the Automotive Grade Linux (AGL) Advisory Board. She has been involved in the development and management of various products based on Linux for more than 20 years, including workstations, mobile devices, and automotive systems. As a senior counselor of open source software systems, she advances Panasonic’s collaboration with the open source community.

“I share the Linux Foundation’s dedication to advancing the technologies that impact all of us,” said Hiromi Wada, co-director of AV and ICT development at AVC Networks Company of Panasonic. “I’m pleased to be able to contribute to this work and to the open source community at the board level. Now more than ever, we have an opportunity to help advance technology for good.”

Both Tim and Hiromi have been elected to these positions by board vote.

The Linux Foundation’s mission is dedicated to building sustainable ecosystems around open collaboration to accelerate technology development and industry adoption. It expands the open collaboration communities it supports with community efforts focused on building open standards, open hardware, and open data. The Linux Foundation is also dedicated to improving diversity in open source communities and working on processes, tools and best practices for security in open development communities.

The post Linux Foundation Board Elects Open Source Technology Trailblazer appeared first on The Linux Foundation.

Docker containers: What are the open source licensing considerations?

Sat, 04/25/2020 - 02:39
A new Linux Foundation whitepaper seeks to uncover the complexities of open source licensing implications when distributing and deploying Docker containers. Introduction

Deployment, distribution, and execution of software and especially services have significantly changed in the last few years. A few years ago, a person had to install a Linux based OS distribution with the necessary software and dependencies — these days, it is now much more common to “spin up a Docker container” and run a service. 

A container is basically nothing more than one or more applications with all dependencies, data, and configuration in a single isolated environment that can be deployed without the need to buy a new system or create a virtual machine. Containers allow services to be isolated from each other and require far fewer resources from a virtual machine, so they are becoming extremely popular in extremely dense multi-tenant hosting environments run by hyper-scale cloud providers, such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud.

Docker has had a significant impact on the popularity of containers and has made it much simpler on the technological side of things, but on the legal side, there are potentially increased complexities. For example, using containers makes it easier for developers to deploy software, but it also makes it easier to deploy (sometimes inadvertently) the wrong thing. Docker containers hide many of the implementation details, and developers might end up unknowingly shipping all kinds of software without knowing the license compliance issues that occur as a result. 

The Linux Foundation has recently published a whitepaper by Armijn Hemel that seeks to uncover the complexities of open source licensing implications when distributing and deploying Docker containers — it can be downloaded here. This blog post is a summary of the general findings.

Containers and images: what’s the difference?

In articles and documentation about Docker, there are frequent references to “containers” and “images.” These are not the same, although sometimes used interchangeably in articles or conversations. There is a very fundamental difference: an image is the on-disk collection of software, while a container is a running instance of an image, together with run time data and run-time state.

An example image could contain the Apache webserver and all its dependencies, from which a container can be instantiated and run. An image can be instantiated multiple times: these would then all become separate containers. 

Figure 1. A Docker image instantiated into multiple containers.

Images can be made available for reuse in public or private repositories, where they can be searched for and downloaded to be reused.

Each Docker image consists of one or multiple layers that are stacked on top of each other. Some of the layers contain files (programs, files, etcetera); others are meta-layers modifying existing layers. Different images can, and often do, share layers. For example, if two images are both based on a specific Debian layer, then this layer will only be stored on disk once.

If an existing image is reused (for example: downloaded from a repository) and modifications are made, then these modifications are stored as one or more separate layers on top of the existing layers in the image. All the layers of the base image and the new layer with the modifications together form a new image that can be instantiated (to create a container) or exported to be distributed or made available in a repository. A Docker image could be as pictured below, for example, a base image with four base layers (building on top of each other), and a custom layer on top. 

Figure 2. A base image with four base layers with a custom layer on top.

Understanding licensing complexities of layers within containers

When attempting to understand the license implications of software stored within a Docker image, it is essential to realize that the image that users interact with is simply a view of all layers, and during run-time, only the final view is seen. This view will possibly not show all of the software that is inside all of the layers: each layer can modify the view, but it will not change the content stored in any of the underlying layers.

 

Figure 3. A Composite view of a Docker image.

It could be that one layer installs software, and a new layer overwrites the software with another version (possibly with another version under a different license). In the final view, users see that the older software seems to have been removed, but in the underlying layer, the original software will still be present. For example, with the representation of a container image shown above, a user of the image would only “see” the following:

Figure 4. End-user representation of a container image.

However, when the image is distributed, all files from all layers will be distributed: each of A through H, and also modified files B’ and C’.

If a complete image is shipped, then the license conditions for software in all layers apply, even if, in the final view, software in some of the layers can no longer be seen. This means that for compliance with a full image, every layer that is inside the image should be checked.

An extra complexity could be linking. If a component is linked with other components in a layer and components get overwritten with other versions under a different license, then the license implications might be different depending on which layer is examined.

Docker repositories, registries and the potential for licensing misinterpretation

Docker images can be retrieved from repositories. Apart from the docker.io repository (run by Docker), there are also other repositories, such as quay.io, which is run by Red Hat. Community projects such as Fedora and CentOS also have public repositories, and there are many running their private repositories of Docker images.

In addition to full images being retrieved from repositories, Docker can also build images in a “just in time” fashion where instead of a full disk image or container image only a “recipe” to assemble a container image is provided using a Dockerfile.

The software is assembled on the fly from a base image that is downloaded from a repository, or that is available on the local system, with possibly extra software being installed from (other) upstream sources, like installing updates from a Linux distribution.

An example is a recipe that defines that the base image is based on a specific version of Ubuntu Linux, with updates being pulled from the Ubuntu update servers and then having a proprietary program installed from a local server.

The recipes, such as a Dockerfile, can be stacked and depend on other recipe files. These recipe files are typically stored in local files or registries that can be searched.

The recipes used for assembling the images are sometimes released under licenses that are different than the actual software being aggregated (which is perfectly fine), and there is a real chance that people will misinterpret this information and think that the licenses of the Dockerfile files apply to the assembled image, which is incorrect.

Misinterpretation of license provenance within a container image is not an imaginary problem as something similar happened in a non-containerized context in the past with Android, of which large parts have been released under Apache 2. This license confusion led some people to believe that all of Android had been released under Apache 2, even though there were significant portions of Android released under GPL-2.0 (Linux kernel, iptables, etc.) and various versions of the LGPL license.

Who distributes the software?

From a compliance point of view, there is a big difference between distributing an image that has already been fully created (and when all the software is included in the image) and distributing a Dockerfile that only describes how the image should be built. In the former case, the software is distributed in binary form, while in the latter form, possibly only a recipe for constructing an image is distributed.

When a complete image is distributed, only one party is doing distribution of the image — the party sending the built image out the door.  However, when a Dockerfile (the recipe) is distributed, then when the end-user builds the image, it is assembled on the fly with software possibly being pulled from various places.  In this scenario, it means distribution is possibly done by several parties, because (e.g.) each layer could come from a different third party. One layer could be distributed by the party operating an image repository, with content in another layer coming from a distribution (example: distribution updates), and content in another layer coming from yet another party (custom download location).

The license of dockerfiles vs. software inside containers

The Dockerfile files can be licensed under an open source license themselves. It is vital to realize that the scope of this license statement is only the Dockerfile and not the container image.

For example, the Dockerfile itself can be licensed under the MIT license but describing the installation of GPL licensed software. In a typical use case, the license of the Dockerfile and the license of the described software are entirely independent.

Compliance for all layers, not just the final layer

When distributing an image, typically, multiple layers are included and distributed. As these layers are stacked on top of each other, it could be that the contents of one layer obscure the contents of the other layers. From a pure license point of view, the final view does not matter: what matters is what is distributed. It could be that one version of an open source licensed program is distributed in one layer, with another version of the same program distributed in another layer. In this case, the license conditions for both versions need to be met.

Also, to be safe, one should not rely on the fact that specific layers of their image may already exist at the destination or in the repository receiving the push, and that therefore they will not distribute the software for those layers.  At some point, that container will land in a place where none of the layers are pre-existing, so all layers of the image must be provided to the recipient, and one will have to comply with distribution obligations for each layer provided.

How do we collect and publish the required source code?

An open question is how to collect complete and corresponding source code for containers with software under licenses that require complete and corresponding source code. With the current Docker infrastructure, it is not possible to automatically gather and publish the required source code. This means that extra work needs to be done (either manual or scripted) to gather the right source code, store it, and make it available. There are a few complications:

  1. Creating a Docker image is not reproducible but depends on configurations. If different configuration options are chosen every time a Docker image is created, the resulting image could be different. This means that gathering source code at a later time than image creation might not yield the corresponding source code for the image created earlier.
  2. Layers can be composed at different times and source code for some layers might have disappeared.
  3. Source code might need to be gathered from various places. Focusing on just system packages could lead to missing packages.
  4. Gathering source code needs to be done for all layers.

This is currently an unsolved problem.

A checklist for Docker license compliance

The following section is a compliance checklist that should help companies distributing containers to understand the license obligations better.

Is any software distributed?

The first question to ask is: is any software distributed at all? If the only thing that is distributed is a Dockerfile recipe that needs to be instantiated by the user, and software gets pulled from repositories and the company publishing the Dockerfile does not run the repository and also did not push (base) images that are used in that Dockerfile into that repository, then the company is likely not distributing any software other than the Dockerfile itself. This would require a thorough investigation of the used Dockerfile files and the build process.

What software is distributed?

Knowing which software is shipped and what license this software is under requires analyzing the software in all layers of the container image, not just the final (assembled) layer that is presented to the user. The software might have been hidden from view in the final layer, so a full analysis of all layers is necessary.

How is the software distributed?

Depending on how the software is distributed (as a full image, Dockerfile, etc.), different parties might be responsible for fulfilling license obligations. 

Who is distributing the software?

If you are distributing the container as a whole, then you are responsible for license compliance for all of the software it contains. By contrast, if you are distributing just a Dockerfile which tells people how to build a container, and the recipients are then using your Dockerfile to obtain container layers from third-party locations, then you are perhaps not responsible for license compliance for that software. 

Conclusion

Docker has made the quick deployment of software much simpler, but also introduces a few legal challenges. What the solutions to some of these legal challenges are is currently not clear. 

Evaluating compliance challenges requires a basic understanding of the technical specifics of how containers work and how they are built. With this understanding, it becomes evident how the distribution of containers bears some similarities to more historical means of distributing software while making clearer the aspects that can be obscured.

In our original whitepaper, which will hopefully serve as a starting point for discussions to what the solutions should be, the following challenges were identified:

  1. There are different types of distribution and depending on which form of distribution is chosen you might or might not have an obligation to distribute corresponding source code. It is not yet obvious to casual users when or if obligations are present.
  2. The Docker tools and ecosystem currently do not make it easy to collect complete and corresponding source code and are focused purely on assembling container images and deploying containers.
  3. Because of the layered approach of Docker and only making the final layer visible it is easy to overlook possible distribution of software. A thorough analysis of what is distributed using tools (such as Tern) is necessary in those cases.

Future opportunities to improve the compliance environment for containers should likely focus on further developing tooling and processes that can collect and publish the corresponding source code in a more automated fashion.

To download the “Docker Containers for Legal Professionals” whitepaper, click on the button below. Download whitepaper

The post Docker containers: What are the open source licensing considerations? appeared first on The Linux Foundation.

Docker Containers for Legal Professionals

Sat, 04/25/2020 - 02:03
Docker Containers for Legal Professionals

Docker has had a significant impact on the popularity of containers and has made it much simpler on the technological side of things, but on the legal side, there are potentially increased complexities.

A whitepaper that seeks to uncover the complexities of open source licensing implications when distributing and deploying Docker containers.

Containers make it easier for developers to deploy software, but it also makes it easier to deploy (sometimes inadvertently) the wrong thing. Docker containers hide many of the implementation details, and developers might end up unknowingly shipping all kinds of software without knowing the license compliance issues that occur as a result.

Author: Armijn Hemel, MSc. Download Now

The post Docker Containers for Legal Professionals appeared first on The Linux Foundation.

Virtual event suggestions for open source communities

Sat, 04/25/2020 - 00:00
Virtual event suggestions for open source communities Introduction

With the COVID-19 pandemic affecting every aspect of life across every population and industry around the globe, numerous conferences, events, and meetings have been canceled or postponed. The Linux Foundation events team has been working in overdrive negotiating to cancel or postpone events that were or are impossible to operate this year safely. The health and safety of our communities and staff is our top concern.

The good news is that for those events that can no longer safely take place in person, virtual events still offer the opportunity to connect within our communities to share valuable information and collaborate. While not as powerful as a face-to-face gathering, a variety of virtual event platforms available today offer a plethora of features that can get us as close as possible to those invaluable in-person experiences. Thanks to our community members, we’ve received suggestions for platforms and services that the events team has spent the past several weeks evaluating. 

After researching a large number of possibilities over the last few weeks, the Linux Foundation has identified four virtual event platforms (and a small-scale developer meeting tool) that could serve the variety of needs within our diverse project communities. Our goal was to determine the best options that capture as much of the real-world experience as we can in a virtual environment for virtual gatherings ranging from large to small. After evaluating 86 virtual event platforms, and in the spirit of contributing back, we thought we would share what we learned.

Below is the shortlist of platforms we’ve identified for our potential use, based on which offered features that best replicate our in-person events of different sizes. We’re sharing our findings because these learnings might be a good fit for others in our community, or perhaps save you time looking at options. If you’re evaluating any platform, be prepared to spend a few weeks getting conversations started with salespeople, viewing demos, obtaining pricing, and negotiating features.

Why we chose the platforms listed

There are many virtual conferencing solutions offered in the market today. Each solution varies on price, features, scalability, and technology integration points. The list of every single platform and software solution we looked at, including open source-based solutions, can be viewed here. One of these other solutions might be a better fit for your organization’s needs. 

Finding a virtual event platform, however, is also just one piece of the virtual event puzzle. How you plan, structure, and execute the virtual event will be critical to achieving a successful community engagement. We stumbled across this great Guide to Best Practices for Virtual Conferences put together by the ACM Presidential Task Force, which we thought provided some great practitioner tips for communities running virtual events. 

Our goal was to find solutions for our events team that met the following three requirements: 

    • The ability to deliver the required content
    • The ability for attendees to network and collaborate with each other
    • The ability to deliver sponsor benefits in the platform for those companies supporting these events financially

Due to these requirements, we did not focus as much on web conference solutions, such as the now popular Zoom. However, if you are looking for a simple web solution, many of the typical web conferencing platforms are easy, quick options to set up a small virtual gathering. In many cases, you might not need all the features of the virtual events platforms.

There are even some wonderful open source options out there including:

    • Jitsi Meet, which has some very useful features like streaming, screen sharing tabs, sharing videos, and more that are not found in other solutions.
    • Open Broadcaster Software if you’re looking to record and stream session content, which can also be usefully paired with conferencing tools.
    • EtherPad, which many of our communities use and it’s exciting to see that there’s also video support to connect and talk while editing.
    • Big Blue Button that’s designed for teachers and students, but open source for anyone to use (and we know many of you have kids at home and might find this useful).
Linux Foundation virtual event platform shortlist

These tools are designed for medium to large events with multiple concurrent tracks, in-depth attendee networking and collaboration needs, and robust sponsor requirements. The pricing for each of these will depend on the specific event details, such as number of conference tracks, the number of chat rooms/attendee collaboration spaces, length of the event, number of attendees, and number of sponsor booths.

All of these event platforms (with the exception of QiQo Chat) have all the following standard functionality:

    • Web-based (HTML5) supporting Linux desktops/browsers (and also Windows and Mac)
    • Registration integrations that will comply with GDPR and privacy regulation requirements
    • Webhooks or REST APIs to integrate with security systems like SSO (Auth0) and SFDC.
    • Can be white labeled for your community’s event branding
    • Speaker Q&A chat available within sessions
    • Attendee networking capabilities
    • Integrated scheduling tools and agenda builder
    • Attendee analytics: booths visited, session attendance, etc.
    • Gamification options to drive attendee engagement
    • Pop-up notifications throughout the platform (‘Keynotes starting in 5 minutes!’, ‘Visit [Sponsor’s] booth’)
    • Guaranteed uptime, redundancies and autoscaling
inXpo Intrado Best for large events with high budgets requiring a virtual conference experience with few compromises.

InXpo Intrado has robust hosting capabilities and uses hyper-scale cloud providers for its infrastructure to provide highly reliable and resilient performance. The company uses its own platform for session broadcast and integrates with third-party CRM and registration platforms. It offers 3D virtual environments throughout the platform as well as robust attendee networking options and sponsor benefits, including virtual booths. 

Benefits:
    • Extremely customizable, very immersive event experience. 3D environments & virtual booths (VR representation of physical world exhibit hall that looks like a video game)
    • A good user interface for attendees to access all content
    • No limit on concurrent sessions or live sessions so you will not have to worry about maxing out session/attendee capacities on this platform
    • The solution provider uses its own network infrastructure backbone that is fault-tolerant enough to support 98% of 911 call centers in the US
    • Real-time translation and closed captioning capabilities without requiring third-party platforms or plugins
    • Works from within China — used by Chinese companies to run in-country virtual events
    • Extra layer of attendee privacy protection with optional ‘pop up’ message for attendees to confirm before sponsors can gather any information about the attendee
Additional Considerations:
    • One of the most expensive platforms we evaluated
    • Potential longer turnaround time needed for event onboarding and setup
    • Sponsor booth templates are customizable for a fee
    • Does not allow you to plug in your own open source video streaming/video conferencing solution
vFAIRS Best for medium to large events with smaller budgets that want to offer a 3D environment/booth experience.

vFAIRS is more appropriate for medium or large events. It has many of the same robust features for sponsors, virtual trade shows, concurrent sessions, and attendee networking features that InXpo Intrado does, but at a lower cost of entry. While it does not have its own built-in session broadcasting platform, they do have Zoom integration built-in, and you can choose to use other video streaming solutions as well. They also offer integration with numerous CRM and registration platforms.

Benefits:
    • Highly customizable
    • Great sponsor exposure and look and feel with customizable booths (dozens of templates available)
    • Attendee networking lounges and chat rooms 
    • Works from within China
    • Built-in web content accessibility — participants can change colors and font size to ease accessibility
    • Ability to incorporate closed captioning via a 3rd party solution
    • Flexibility on video broadcasting systems
Additional Considerations:
    • The lower price tag comes with more limited support than InXpo (the company is based in Toronto with many staff overseas)
    • External infrastructure dependencies (vs all-in with InXpo)
    • Capacity constraints for larger live sessions (4,000 max)
    • While the pricing is more competitive, the price increases with additional booths and/or additional sessions
MeetingPlay Best for any size event where attendee networking tools are a priority and sponsor ‘booths’ aren’t required.

This platform can accommodate events of all sizes but does not have a 3D virtual exhibit hall/booth capability. That said, the sponsor benefits built into this platform are robust, and they have excellent attendee networking capabilities. As with vFAIRS, you can use Meeting Play’s own integrated video conferencing solution for content delivery, or use your own. 

Benefits:
    • Heavy focus on “attendee” experience
    • AI-driven content, chat room and attendee suggestions — based on initial questions you can customize and ask of all participants
    • Allow for gated content with in-app registration upgrade options (freemium model) similar to offering a free “hall pass” and then requiring a higher registration to attend sessions
    • Sponsor pages are very robust offering sponsors the ability to chat 1:1 with attendees, show videos/demos, sharing resources, and more
    • Option to use MeetingPlay integrated video streaming solution, or the one of your choice via your own account
    • Works from within China — they support a number of customers in China and have virtual machines in-country that they use to test before going live for an event

Additional Considerations:

    • No 3D virtual exhibit hall or booth — sponsors receive a dynamic page that allows for real-time chat with attendees, downloadable resources, and a video player for demos or welcome videos
    • Looks more like a website rather than a virtual event
    • Only 2 concurrent live sessions at a time w/out additional fee. They recommend pre-recording most sessions and playing “simulive” (meaning it is played at a specific time, and speakers join real-time to do a text-based Q&A.) The platform has a limit of 8 concurrent live sessions at any one time
    • Collaboration spaces (used for sponsor booths, attendee ‘meeting rooms’ and any live sessions that have multiple speakers or require a two-way communication) are charged by the hour and by the number of attendees, which makes using these freely a bit difficult
QiQo Chat QiQo is best for smaller technical gatherings that don’t need all the bells and whistles of an industry event focus. This is a great option for a focus on small group collaboration, such as developer meetings and hackathons.

QiQo acts as a Zoom wrapper for attendees collaboration and session broadcasting and is ideally suited for smaller events that have a more narrow focus, where communication and collaboration needs are more back and forth, versus one-way delivery. One unique feature of QiQo is it offers the ability to collaborate on Google Docs and Etherpad as both are both integrated into QiQo’s interface. 

Benefits:
    • Inexpensive
    • An affordable option for small meetings that only need an elevated video conferencing option for collaboration. Each live event on Qiqo comes with 10 Zoom breakout rooms by default
    • Great for small group collaboration in multiple workspaces – as a Zoom wrapper, it creates more of a virtual environment around an event with multiple breakout rooms for discussions
    • Includes a large number of built-in integrated tools for collaboration and productivity: Slack, Google Calendar, Google Docs, and Etherpad
    • While Zoom is their default, their support team will work with you to set this up with Jitsi or another video conferencing solution of your choice
    • Works from within China depending on webcasting platform availability
Additional Considerations:
    • Simple Zoom wrapper to add collaboration features on top of Zoom – can be used with other video conferencing tools as well
    • Very limited sponsor elements
    • A little more challenging interface and workflow than other options — a lot of options, but definitely let ‘out of the box’
    • Minimalistic approach for collaboration
Conferencing platform feature comparison Screenshots gallery

Conclusion

With over 40 events remaining this year under the Linux Foundation umbrella of events, we have several conferences that might go virtual. Each of these will have different requirements, so to support our diverse communities, we needed a range of options and features. We do think that this portfolio of options together meets most of our various community needs, and we hope you find value in us sharing them, along with the list of all the other platforms we examined. 

The post Virtual event suggestions for open source communities appeared first on The Linux Foundation.

Linux Foundation Expands Mentorship Program in Response to COVID-19

Thu, 04/23/2020 - 23:00
Program will support hundreds of displaced developer interns across diverse set of open source projects and communities

SAN FRANCISCO, Calif. – April 23, 2020– The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced it’s expanding its Mentorship Program in response to COVID-19 with seed funding from Intel. The Program will grow to support interns who have been displaced as a result of the global pandemic and to give individuals an opportunity to reskill for some of the most sought-after, highly paid careers in the world.

Intel is leading funding for this expansion with a $250,000 commitment. The Linux Foundation is investing an additional $100,000 and is calling on leaders throughout the industry to match this support in order to provide opportunities to aspiring technical talent during these unprecedented times.

“During these challenging times, our ability to come together to help cultivate the next generation of software developers is more important than ever,” said Melissa Evers-Hood, vice president at Intel. “The Linux Foundation’s Community Bridge program will engage the community building mission-critical applications and Intel is proud to support developers as they participate in this initiative.”

The Linux Foundation Mentorship Program is designed to enable developers to experiment, learn and contribute to open source communities while strengthening open source projects and building an increasingly skilled and diverse talent pool of developers. Job placements as a result of the program are common and have included interns taking positions at leading technologies companies that include Intel, Google, Red Hat, IBM and more.

“Our commitment today and always is to protect the health and safety of our communities and staff and support the ongoing needs required to continue building the world’s most critical software infrastructure,” said Jim Zemlin, executive director at the Linux Foundation. “One of the ways we can do that is to ensure the rising stars from throughout the developer community can learn, grow and contribute no matter the circumstances.”

The Mentorship Program offers interns and mentees the opportunity to work on some of the world’s most popular open source projects, including Linux, Kubernetes, LF Networking and Hyperledger, among others. Mentors of the Program have included key developers from the world’s largest open-source software initiatives. Mentees enhance their technical skills while learning the open-source culture and collaboration norms, including tools and infrastructure.

Due to this unprecedented moment for those who have been displaced from internships or full-time employment, the Linux Foundation’s expanded Mentorship Program will accept applications and conduct enrollments on a rolling basis. To apply, please visit: https://communitybridge.org

About the Linux Foundation

Founded in 2000, The Linux Foundation is supported by more than 1,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more.  The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

Media Contact
Jennifer Cloer
reTHINKit Media
for Linux Foundation
503-867-2304
jennifer@rethinkitmedia.com

The post Linux Foundation Expands Mentorship Program in Response to COVID-19 appeared first on The Linux Foundation.

Automotive Grade Linux Releases UCB 9.0 Software Platform

Thu, 04/23/2020 - 00:00

Latest release includes new features for audio, connectivity, security, OTA and speech recognition

SAN FRANCISCO, CA, April 22, 2020 — Automotive Grade Linux (AGL), an open source project developing a shared software platform for in-vehicle technology, today announced the latest code release of the AGL platform, UCB 9.0, also known under the codename “Itchy Icefish.”

Developed through a joint effort by dozens of member companies, the AGL Unified Code Base (UCB) is an open source software platform that can serve as the de facto industry standard for infotainment, telematics and instrument cluster applications. 

“The AGL platform continues to evolve and mature based on input and requirements from automakers, several of which are currently using AGL in production vehicles” said Dan Cauchy, Executive Director of Automotive Grade Linux at the Linux Foundation. “This latest code release includes audio, connectivity and security enhancements, improvements to speech recognition, and many HTML5 demo apps.” 

Many AGL members have already started integrating the UCB into their production plans. The 2020 Subaru Outback and Subaru Legacy uses open source software from the AGL UCB, Mercedes-Benz Vans is using AGL as a foundation for a new onboard operating system for its commercial vehicles, and Toyota’s AGL-based infotainment system is now in Toyota and Lexus vehicles globally.

UCB 9.0/Itchy Icefish includes an operating system, middleware and application framework. New updates to the AGL platform include:

  • Over-the-Air (OTA): Update for ostree (SOTA)
  • Application Framework: improvements including implementing Token Logic based security
  • Speech Recognition: Alexa Auto SDK 2.0; improved Speech-API and voiceagent integration; new open source version of display cards for Speech Recognition
  • Audio: enhancements to PipeWire and WirePlumber
  • Connectivity: improved networking support and network settings; reworked bluetooth APIs and extended to pbap and map protocols
  • HTML5 Apps: security converted to using Token Logic; HTML5-only image available using Web App Manager (WAM) and Chromium; HTML Demo apps available for Home Screen, Launcher, Dashboard, Settings, Media Player, Mixer, HVAC, and Chromium Browser
  • Instrument Cluster: QML Reference Apps: Steering Wheel Controls via LIN to IVI Apps, refreshed Instrument Cluster app that includes CAN messages from Steering Wheel/IVI
  • Board Support Package updates: Renesas RCar3 BSPs updated to v3.21 (M3/H3, E3, Salvator); enhanced support for SanCloud BeagleBone Enhanced + Automotive Cape support; i.MX6 using etnaviv (cubox-i target); enhanced Raspberry Pi 4 support

The full list of additions and enhancements to UCB 9.0 can be found here.

###

About Automotive Grade Linux (AGL)
Automotive Grade Linux is a collaborative open source project that is bringing together automakers, suppliers and technology companies to accelerate the development and adoption of a fully open software stack for the connected car. With Linux at its core, AGL is developing an open platform from the ground up that can serve as the de facto industry standard to enable rapid development of new features and technologies. Although initially focused on In-Vehicle-Infotainment (IVI), AGL is the only organization planning to address all software in the vehicle, including instrument cluster, heads up display, telematics, advanced driver assistance systems (ADAS) and autonomous driving. The AGL platform is available to all, and anyone can participate in its development. Automotive Grade Linux is hosted at the Linux Foundation. Learn more at automotivelinux.org.

About the Linux Foundation
Founded in 2000, the Linux Foundation is supported by more than 1,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure, including Linux, Kubernetes, Node.js and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at LinuxFoundation.org. 

Media Inquiries
Emily Olin
Automotive Grade Linux, the Linux Foundation 

The post Automotive Grade Linux Releases UCB 9.0 Software Platform appeared first on The Linux Foundation.

Linux Foundation Fosters Laminas Community

Wed, 04/22/2020 - 23:00

The Laminas Project, formerly known as the Zend Framework, is among the latest projects to be hosted at the Linux Foundation. With the community’s desire to evolve its PHP tooling for the next generation of web services and APIs, now is a natural time to tailor an open governance structure for the Project that can sustain the community for decades to come.

The Laminas Project already has incredible support with 1.2 million commits, hundreds of releases every year and thousands of lifetime contributors. The Project has 400 million lifetime installs across e-commerce, entertainment, embedded and healthcare environments, among others, with more than 140 million added every year. It warrants a neutral forum with an open governance structure that supports this level of adoption and innovation and its intentional focus on tooling for new web services and APIs.

The Linux Foundation will foster collaboration by bringing together stakeholders throughout the PHO ecosystem to sponsor development through hires and grants; maintain the legacy of the Zend Framework’s components; develop new features, particularly around middleware and APIs; and promote critical PHP development practices via documentation, tutorials and presentations.

For more information about the evolution of the Zend Framework and the Laminas Project, please read longtime contributor Matthew Weier O’Phinney’s blog post.

The post Linux Foundation Fosters Laminas Community appeared first on The Linux Foundation.

Open Shading Language Becomes Sixth Academy Software Foundation Project

Fri, 04/17/2020 - 00:01

Developed by Sony Pictures Imageworks, Open Shading Language is the de facto standard shading language for VFX and animation

LOS ANGELES, CA, April 16, 2020 – The Academy Software Foundation (ASWF), a collaborative effort to advance open source software development in the motion picture and media industries, announced that Open Shading Language (OSL) has been approved as the Foundation’s sixth hosted project. Initially developed by Sony Pictures Imageworks, Open Shading Language is the de facto standard shading language for VFX and animation and was recognized with an Academy Scientific and Technical Award in 2017.

OSL was released as open source in 2010 so it could be used by other visual effects and animation studios and rendering software vendors. It has since become the main embedded language in several industry-standard renderers, and it has been used in 100+ films including Spider-Man: Far From Home, The Angry Birds Movie 2, and Men in Black: International.

“Over the past ten years, Open Shading Language has grown to become a critical component of the vfx and animation ecosystem, widely used in production and embedded into several industry-standard renderers,” said Rob Bredow, SVP, Executive Creative Director and Head of Industrial Light & Magic, and Governing Board Chair of Academy Software Foundation. “Many of our members and projects rely on and support OSL, so it’s a natural fit for the Foundation. We look forward to working with the OSL community and supporting the project’s continued development and growth.”

OSL is a small, but rich, language for programmable shading in advanced renderers and other applications, ideal for describing materials, lights, displacement, and pattern generation. It is embedded in many commercial products and used as a dependency in other open source projects. A full list of renderers and other systems utilizing OSL is available here.

“We have seen firsthand how other projects have grown as part of the Academy Software Foundation, and we believe that joining the Foundation is the next step to help us expand the Open Shading Language community,” said Larry Gritz, Software Engineering Architect at Sony Pictures Imageworks and Open Shading Language founder and chief architect. “We have some major development efforts underway, including bringing OSL to a full GPU ray traced implementation, and the additional resources, support, and increased community involvement that the Foundation facilitates will be highly beneficial.”

The Academy Software Foundation will maintain and further develop the project with oversight provided by a technical steering committee. All newly accepted projects, including Open Shading Language, start in incubation while they work to meet the high standards of the Academy Software Foundation and later graduate to full adoption. This allows the Academy Software Foundation to consider and support projects at different levels of maturity and industry adoption, as long as they align with the Foundation’s mission to increase the quality and quantity of contributions to the content creation industry’s open source software base.

Developers interested in learning more or contributing to Open Shading Language can sign up to join the mailing list.

# # # 

About the Academy Software Foundation

Developed in partnership by the Academy of Motion Picture Arts and Sciences and the Linux Foundation, the Academy Software Foundation was created to ensure a healthy open source community by providing a neutral forum for open source software developers in the motion picture and broader media industries to share resources and collaborate on technologies for image creation, visual effects, animation and sound. The Academy Software Foundation is home to OpenVDB, OpenColorIO, OpenEXR, OpenCue, OpenTimelineIO, and Open Shading Language. For more information about the Academy Software Foundation, visit https://www.aswf.io/.

Media Inquiries
Emily Olin
Academy Software Foundation

 

The post Open Shading Language Becomes Sixth Academy Software Foundation Project appeared first on The Linux Foundation.

AMD and DockYard join Academy Software Foundation

Thu, 04/16/2020 - 23:59
AMD Joins Academy Software Foundation as a Premier Member

DockYard joins as a General member

LOS ANGELES, CA, August 16, 2020 – The Academy Software Foundation (ASWF), a collaborative effort to advance open source software development in the motion picture and media industries, a neutral forum for open source software development in the motion picture and media industries, today announced that AMD has joined the Foundation as a Premier member and DockYard as a General member.

The Academy Software Foundation also announced today that Open Shading Language (OSL) has joined as the Foundation’s sixth hosted project. Initially developed by Sony Pictures Imageworks, Open Shading Language is the de facto standard shading language for VFX and animation and was recognized with an Academy Scientific and Technical Award in 2017.  You can read the announcement here: Open Shading Language Joins Academy Software Foundation.

“We passed our goals of $1M in funding and five new projects in our first year; now we are pleased to welcome AMD and DockYard as new members, and Open Shading Language as our sixth Foundation project. We look forward to working with AMD and DockYard, and leveraging their expertise in graphics, rendering, and software development,” said David Morin, Executive Director of the Academy Software Foundation. “Today, our Foundation is strong and our community of engineers is committed. We are ready to face the COVID-19 pandemic and do our part, which is to continue growing the open source model in the motion picture industry so that anyone can use or contribute to our projects from wherever they are, safely at home now or later back at work. We are ready to welcome more projects, host discussions about new projects, and help our open source community of engineers wherever they are in the motion picture industry. We will get through this storm and emerge on the other side, stronger together.

Member Quotes:

AMD:

“Feature film visual effects and post production are areas of significant focus and interest to us. At AMD, we have a long history of supporting and contributing to open source communities, and we are elated to support the Academy Software Foundation,” said James Knight, VFX & Virtual Production Director, AMD. “With the ever-increasing use of AMD’s CPUs in the motion picture industry, and as we collaborate with more and more studios, we feel it is imperative to help drive best practices as a major technology provider. It’s encouraging to see the Academy Software Foundation membership grow, and we are humbled and grateful to be a part of it.” 

DockYard:

“The motion picture and media industries are ripe for the development of digital experiences that not only captivate viewers, but also empower their teams to continue to make ‘movie magic’,” said Jon Lacks, CEO of DockYard, a digital product consultancy. “As evangelists of the open-source community, we’re thrilled to support the Academy Software Foundation in its mission to establish best practices for technology collaboration within the entertainment industry.”

# # #

 About the Academy Software Foundation

Developed in partnership by the Academy of Motion Picture Arts and Sciences and the Linux Foundation, the Academy Software Foundation was created to ensure a healthy open source community by providing a neutral forum for open source software developers in the motion picture and broader media industries to share resources and collaborate on technologies for image creation, visual effects, animation and sound. The Academy Software Foundation is home to OpenVDB, OpenColorIO, OpenEXR, OpenCue, OpenTimelineIO, and Open Shading Language. For more information about the Academy Software Foundation, visit https://www.aswf.io

 

Media Inquiries
Emily Olin
Academy Software Foundation

The post AMD and DockYard join Academy Software Foundation appeared first on The Linux Foundation.

Linux Foundation Executive to Give Keynote Webinar on Momentum, Direction of Open Source Networking & Edge

Thu, 04/16/2020 - 00:00

SAN FRANCISCO, April 15, 2020 — The  Linux Foundation, the nonprofit organization enabling mass innovation through open source, will host a keynote webinar — “The State of Open Source Networking & Edge” — featuring Arpit Joshipura, general manager, Networking, Edge, & IOT. The webinar takes place April 30 at 9:00 AM PT and is open to anyone interested in attending.

Hosted by LF Networking (LFN) and LF Edge, the webinar serves as a virtual update on the current state of the open networking and edge landscapes. Due to the COVID-19 outbreak, the Open Networking & Edge Summit (ONES) North America, which was initially scheduled to take place in Los Angeles, Calif. later this month, has been rescheduled to September 28-29. However, the important work of the ecosystem continues and it’s time for an update on that progress.

“We are all learning to adapt and be more nimble than ever before,” said Arpit Joshipura, general manager, Networking, Edge & IoT, the Linux Foundation. “While we aren’t able to meet face to face with our communities physically, we continue to accelerate community collaboration and momentum while evolving critical industry initiatives that impact how the world accesses information. Please join us April 30 to hear how open networking and edge communities are moving the needle.”

The webinar will not only cover critical industry initiatives such as the Common NFVI Telco Taskforce (CNTT), OPNFV Verification Program (OVP), new project inductions and releases, but Joshipura will present compelling evidence on how community collaboration is accelerating the path forward. This will include an update on deployments, business value-add, R&D, developer engagement, and challenges the community is addressing in 2020. The webinar also presents an opportunity to hear these major LF Networking and LF Edge announcements first-hand. Attendees are encouraged to engage and participate in an open Q&A session following the presentation.

The webinar serves as the first in a series of LF Networking Webinars to bring the community up to speed on open source networking news, initiatives, and innovations and provide a new opportunity for community engagement. LF Edge’s webinar series, “On the Edge with LF Edge,” kicked off last month with an update on the Akraino project. The next LF Edge webinar, “EdgeX101: Intro, Roadmap, and Use Cases,” takes place April 23.

Registration is required to attend the webinar, which takes place April 30 at 9:00 am PT. Details and registration information available here: https://zoom.us/webinar/register/WN_pt6VgEy2S46T6qW5oNRLPA

Additionally, the important work of the LFN technical communities continues unabated as the LFN Technical Meetings Spring 2020 (initially co-located with ONES North America) are being held virtually from April 21-23. Details and registration: https://www.linuxfoundation.org/calendar/lfn-technical-meetings/

Details on ONES, including registration and final agenda, are available here: https://events.linuxfoundation.org/open-networking-edge-summit-north-america/

 

About the Linux Foundation

The Linux Foundation is the organization of choice for the world’s top developers and companies to build ecosystems that accelerate open technology development and industry adoption. Together with the worldwide open source community, it is solving the hardest technology problems by creating the largest shared technology investment in history. Founded in 2000, The Linux Foundation today provides tools, training and events to scale any open source project, which together deliver an economic impact not achievable by any one company. More information can be found at www.linuxfoundation.org.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage.

Linux is a registered trademark of Linus Torvalds.

The post Linux Foundation Executive to Give Keynote Webinar on Momentum, Direction of Open Source Networking & Edge appeared first on The Linux Foundation.

Update from the CommunityBridge Development Team

Wed, 04/15/2020 - 12:00
Open source powers more than 80% of the technology we all use every day, yet many open source developers and projects face barriers, from generating funding to attracting contributors,  to finding and fixing vulnerabilities in the code base to drive mainstream adoption.

Touted as an industry first, CommunityBridge is a platform created by Linux Foundation engineers to empower open source projects — and the individuals and organizations who support them — to advance sustainability, security, transparency and diversity in open source technology. Since the launch of the platform in the middle of 2019, we have come a long way, and have started making an impact.

CommunityBridge Funding is a trusted crowdfunding service that lets maintainers raise funds to support project activities like development, documentation, mentorships, marketing, travel, etc.

This service is governed and supported by the Linux Foundation with 100% of the funds going right into the hands of the developers. The Linux foundation is currently matching donations for diversity candidates and also underwriting any platform and payment processor fees. Book-keeping, processing of expense reports, reimbursements  and tax reporting is also provided free of charge.

Since inception, the funding platform has helped projects raise a total of $475K+ from 23 corporate and 355 individual sponsors and disbursed a total of ~$74K to contributors in various categories like projects and mentorships.

Acceptance of projects on this platform is selective and prioritized for high impact (based on downstream dependencies, github stars, forks, contributors) but underfunded projects.

Some of the Projects Actively Raising Funds

To apply your project for consideration or to support projects you use actively as an individual or corporate sponsor, please visit CommunityBridge Funding.

CommunityBridge EasyCLA streamlines the process of getting developers authorized under a project’s CLA for everyone:

  • Coders can code more quickly by reducing manual steps to get themselves authorized.
  • Corporations and projects can save time by reducing manual steps managing CLAs and their signatures
  • Both Individual and Corporate CLA signing can be enforced for developers contributing to a project using GitHub or Gerrit

EasyCLA is the only solution in the community which effectively manages both individual and corporate CLA agreements. Since inception, EasyCLA has made CLA management a breeze for 19 open source projects.

Projects
Using EasyCLA
Repositories
Authorized Individual
CLAs 
Corporate
CLAs
CLA
Managers
Companies
Signing CLAs
19 872 9461 4486 1009 746 Projects With the Highest Number of Signed CLAs

Number of ICLAs: 9017
Number of CCLAs: 2488

Number of ICLAs: 89
Number of CCLAs: 54

Number of ICLAs: 60
Number of CCLAs: 707

Number of ICLAs: 51
Number of CCLAs: 448

Number of ICLAs: 68
Number of CCLAs: 28

ORAN Software Community

Number of ICLAs: 44
Number of CCLAs: 88

To learn more about how EasyCLA works or try onboarding your project, please visit CommunityBridge EasyCLA.

CommunityBridge Security enables open source developers to move quickly and securely by automatically finding vulnerabilities in the code and suggesting remediation techniques.

The CommunityBridge team has collaborated with Snyk.io to provide visibility into the security loopholes that get injected over time into the code base. This is how it works:

  • Vulnerability scans run daily on project repositories in GitHub or Git
  • Manifest files are deconstructed to determine the entire dependency chain of the project including transitive dependencies.
  • Issues detected are evaluated against the National Vulnerability Database (NVD) and security experts in the community.
  • Known CVEs and CWEs are linked to the issues if present.
  • Evidence of how to replicate the issue based on community artifacts like hacker reports, GitHub reports, Whitepapers etc are attached.
  • Remediation techniques and potential fixes are also suggested to the users.

We recently started onboarding all Linux Foundation projects on this service and have started publishing vulnerability reports for contributors to analyze and act on.

Some of the Projects With Vulnerabilities

Total Issues: 263
Fixable: 82

Total Issues: 195
Fixable: 140

Total Issues: 153
Fixable: 3

Total Issues: 124
Fixable: 113

Total Issues: 121
Fixable: 114

Total Issues: 117
Fixable: 84

To learn more about how CommunityBridge Security works or try onboarding your project, please visit CommunityBridge Security. Access to detailed vulnerability reports is gated for contributors to the project and you will need to contact admin@communitybridge.org to request access.

CommunityBridge Mentorship helps you increase the number and diversity of developers contributing to your project by providing mentorships and internships.

It is in essence a  matchmaking service which lets you:

  • Attract mentees by providing referrals to top companies committed to interviewing your candidates
  • Incentivize participation by offering free training, industry event passes and certifications
  • Expand your community of talented, diverse, and committed developers by offering paid internships with matching diversity grants
  • Attract funding, mentors, and mentees when you are listed on the mentorship leaderboard
Since our launch last summer, the mentorship platform supported 12 projects with mentorships. 27 Mentees were selected from 750 Applicants and used the platform to get stipends. Projects Supported By Mentorship Program Since Summer 2019 Launch 128 potential Mentors applied and 52 Mentors were selected and onboarded onto the platform. Some of the Active Mentors on the Platform

To learn more about mentorships, or to enroll your project, please visit CommunityBridge Mentorship.

The post Update from the CommunityBridge Development Team appeared first on The Linux Foundation.

Linux Foundation, LF Networking, and LF Edge Announce Rescheduled Dates and Full Agenda for Open Networking & Edge Summit North America 2020

Fri, 04/10/2020 - 00:00

Industry’s Premier Open Networking & Edge Conference will feature business, technical and architectural sessions on Edge Computing, Cloud Native Networking, Enterprise IT, and Carrier and Cloud Developer Operations

SAN FRANCISCO, April 9, 2020 — The Linux Foundation, the nonprofit organization enabling mass innovation through open source, along with co-hosts LF Networking, the umbrella organization fostering collaboration and innovation across the entire open networking stack, and LF Edge, the umbrella organization building an open source framework for the edge, announced today the rescheduled event dates for Open Networking & Edge Summit North America (ONES, formerly Open Networking Summit) and the complete session line-up. 

ONES North America 2020 will take place September 28-30 at the JW Marriott LA Live in Los Angeles, California. The summit line-up features prominent speakers from AT&T, eBay, Ericsson, Huawei Technologies, Rancher Labs, Red Hat, Toyota Motor Corporation, Verizon, VMware, Wells Fargo, Yelp, and more. The full event agenda is available here

ONES is the industry’s premier open networking event now expanded to comprehensively cover Edge Computing, Edge Cloud, and IoT. It gathers technologists and executives from enterprises, telecoms and cloud providers for technical, architecture and business discussions that will shape the future of networking and edge computing. ONES enables collaborative development and innovation with a deep focus on both Open Networking and AI/ML-enabled use cases for 5G, IoT, Edge and Enterprise deployment, as well as targeted discussions on Edge and IoT frameworks and blueprints across numerous industries including Manufacturing, Retail, Oil and Gas, Transportation, and Telco Edge cloud. 

“We have an impressive roster of experts lined up to present at Open Networking & Edge Summit North America,” said Arpit Joshipura, General Manager, Networking, Edge & IoT, The Linux Foundation. “With expanded content focused on open source Edge, this year’s event is the place to be for the latest in open innovation and knowledge-sharing across adjacent technologies such as 5G, cloud native, AI/ML, IoT, and more.”

ONES North America 2020 conference session tracks include: Carriers – Core, Edge & Access, Enterprise Networking & Edge, Cloud Networking & Edge, and Business Critical & Innovation.

Content is delivered in a variety of presentation formats including deep-dive technical tracks, panel discussions, tutorials, and case studies. 

Featured Keynote Speakers Include:

  • Andre Fuetsch, Executive Vice President & Chief Technology Officer, AT&T Services, Inc.
  • Dan Kohn, Executive Director, Cloud Native Computing Foundation
  • Alex Choi, Senior Vice President of Strategy and Technology Innovation, Deutsche Telekom AG
  • Farah Papaioannou, Co-Founder and President, Edgeworx, Inc.
  • Anders Rosengren, Head of Architecture & Technology, Ericsson
  • Justin Dustzadeh, Chief Technology Officer, Equinix
  • Aparna Sinha, Director of Product Management, Google Cloud
  • Bill Ren, Chief Open Source Liaison Officer, ICT Infrastructure Open Source GM, Huawei
  • Marisa S. Viveros, Vice President of Strategy and Offerings, IBM
  • Arpit Joshipura, General Manager, Networking, Edge & IoT, The Linux Foundation
  • Heather Kirksey, Vice President, Community and Ecosystem Development, The Linux Foundation

Featured Conference Sessions Include:

  • 5G Slicing is a Piece of Cake! – Alla Goldner, Director, Technology, Strategy & Standardization, Amdocs
  • Injecting Security to the Cloud – Susan Hinrichs, Software Engineer, Verizon Media
  • Architectural Patterns & Best-practices to Avoid Lock-ins with Serverless – Murali Kaundinya, Group CTO and Managing Director, Wells Fargo
  • Securing a Network Virtualized with Containers and Kubernetes: Example Solutions and Current Gaps – Samuli Kuusela, Security Architect, Ericsson & Amy Zwarico, Lead Member of Technical Staff, AT&T
  • Multi-Cluster Federation: Should Networking Impact The Solution? – Anil Kumar Vishnoi, Principal Software Engineer & Thomas D. Nadeau, Technical Director of NFV, Red Hat

Conference Registration is $950 through July 19, 2020 with additional registration options available including $300 Hall Passes, $575 Academic Passes, and $300 Student Passes.  Non-profit and group discounts are available as well; see details on the event registration page Members of The Linux Foundation, LFN and LF Edge receive a 20 percent discount on all registration fees; contact events@linuxfoundation.org to request a member discount code. Applications for diversity and needs-based scholarships are currently being accepted; for information on eligibility and how to apply, please click here. We are continuously monitoring the COVID-19/Novel Coronavirus situation and are committed to converting ONES North America 2020 into a virtual experience should it not be safe to bring attendees together in person. Please continue to visit our website and follow us on Twitter and Facebook for updates. 

Open Networking & Edge Summit North America 2020 is made possible thanks to our sponsors, including Platinum Sponsors Cloud Native Computing Foundation, Ericsson, and Huawei, Gold Sponsor IBM, and Silver Sponsor Red Hat. For information on becoming an event sponsor, click here.

Members of the press who would like to request a press pass to attend should contact Jill Lovato at jlovato@linuxfoundation.org.

Additional Resources: 

About The Linux Foundation
The Linux Foundation is the organization of choice for the world’s top developers and companies to build ecosystems that accelerate open technology development and industry adoption. Together with the worldwide open source community, it is solving the hardest technology problems by creating the largest shared technology investment in history. Founded in 2000, The Linux Foundation today provides tools, training and events to scale any open source project, which together deliver an economic impact not achievable by any one company. More information can be found at www.linuxfoundation.org.

The Linux Foundation Events are where the world’s leading technologists meet, collaborate, learn and network in order to advance innovations that support the world’s largest shared technologies.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage.

Linux is a registered trademark of Linus Torvalds.

The post Linux Foundation, LF Networking, and LF Edge Announce Rescheduled Dates and Full Agenda for Open Networking & Edge Summit North America 2020 appeared first on The Linux Foundation.

Fintech Open Source Foundation Joins Linux Foundation to Expand and Accelerate Development Across Financial Services

Thu, 04/09/2020 - 21:00

Under the Linux Foundation, FINOS will provide a forum for industry-wide collaboration among the world’s biggest financial services firms and tech companies on fintech projects addressing desktop interoperability, data modeling, compliance and more

San Francisco, April 9th, 2020 – The Linux Foundation, the nonprofit organization enabling mass innovation through open collaboration, and the Fintech Open Source Foundation (FINOS), a nonprofit whose mission is to accelerate adoption of open source software, standards and best practices in financial services, today announced that FINOS will become a Linux Foundation organization. To enable this effort, the Linux Foundation has agreed to acquire the FINOS operating assets.

The Linux Foundation will position FINOS as its umbrella project through which to advance further development of open source and standards within the financial services industry. The FINOS team, led by Executive Director Gabriele Columbro, will join the Linux Foundation. Columbro will continue in his role.

The financial services industry has a long history of open source adoption, having been among the earliest industries to embrace Linux. Since then, both large and small fintech firms have been leveraging open source to innovate on new technologies, ranging from cloud computing to decentralized networks and blockchain to machine learning and artificial intelligence. FINOS has been instrumental in bringing key industry stakeholders together around open source contribution and will be empowered now to expand and accelerate that work through the global open source community and Linux Foundation’s services and resources.

“In less than two years FINOS has become the go-to foundation for open source collaboration in financial services. With this sector’s focus on technology-driven solutions, we feel the time is right to bring our two communities together to enable the next stage of innovation for our projects,” said Jim Zemlin, executive director at the Linux Foundation. “We look forward to working with Gab, the FINOS team and its members as we together chart the future of global financial services collaboration.”

“FINOS has achieved tremendous growth across our project portfolio thanks to our 35 members and wider community,” explained Gabriele Columbro. “The FINOS community’s passion and dedication to applying open source practices to address concrete, pressing topics — in areas such as cloud computing, financial modeling, desktop interoperability, messaging, tooling, and data technology — has established the transformative potential of open source within financial services. We are thrilled to join forces with the Linux Foundation to accelerate this growth and welcome an even more diverse set of members and projects under the FINOS umbrella.”

“Open source technology is essential to the future of the financial services industry,” said Alejandra Villagra, FINOS chairperson, Citigroup. “With FINOS becoming part of the Linux Foundation, we can leverage a wider network of resources and further accelerate collaboration that delivers technology solutions to common business issues and industry challenges, shaping the future technology landscape.”

“Over the last few years, FINOS successfully created a community of buy-side, sell-side, fintech and tech companies who work together on a wide range of open source projects and standards,” said Dov Katz, FINOS vice chairperson and distinguished engineer at Morgan Stanley. “Joining the Linux Foundation will extend our pool of partners, talented developers and engineers dedicated to solving similar problems, and will help the community innovate even faster.”

“The global financial community benefits when data and technology can be combined through shared standards,” said Robert Coletti, head of desktop platform, Refinitiv. “We look forward to continued engagement with FINOS and the new opportunities that being part of the Linux Foundation will provide.”

“As a strategic open source partner for financial services firms, we work closely with FINOS and its members to drive open source adoption and best practices within the financial services industry,” said Andrew Aitken, general manager and global open source practice leader, Wipro Limited. “We know that open source plays a critical role in accelerating a bank’s enterprise transformation journey and believe that closer ties with Linux Foundation will help FINOS make inroads even faster.”

Financial services organizations have been rapid adopters of new technology, including large amounts of open source, which they have used to extend market reach and create client value. It is increasingly important for firms to look at enterprise open source and its ability to foster innovation while maintaining stability,” said Chris Wright, senior vice president and chief technology officer, Red Hat. “As active members of the Linux Foundation we see the immense potential this collaboration has to benefit the financial services industry as they adapt to an evolving technology landscape.”

FINOS is a diverse community of developers, financial and technology industry leaders committed to making contributions that will enable open source to flourish in financial services. Having grown rapidly over the last two years, the community today boasts more than 30 member organizations, 300+ contributors and many open source projects delivering value to participants across the industry.

About The Linux Foundation

Founded in 2000, the Linux Foundation is supported by more than 1,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

About FINOS

The Fintech Open Source Foundation (FINOS) is an independent membership organization whose purpose is to accelerate collaboration and innovation in financial services through the adoption of open source software, standards and best practices. FINOS believes that global financial organizations that embrace open source software, together with common standards, will be best positioned to capture the growth opportunities presented by a quickly evolving technological landscape. FINOS has 11 programs driven by more than 30 financial services and technology members, 300+ community contributors and over 75 open source repositories. We enable collaboration in key areas of innovation for the industry including data, cloud, interoperability, and decentralized technologies. FINOS is a 501(c)(6) and is based in Burlingame, CA with offices in New York, NY and London, England. For more information, visit www.finos.org.

###

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

Media Contact
Jennier Cloer
ReTHINKitMedia
jennier@rethinkitmedia.com
503-867-2304

The post Fintech Open Source Foundation Joins Linux Foundation to Expand and Accelerate Development Across Financial Services appeared first on The Linux Foundation.

Pages