September 27-30, 2021
Seattle, Washington, USA + Virtual
View More Details & Registration

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit + Embedded Linux Conference + OSPOCon 2021 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Pacific Daylight Time (UTC -7). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

Back To Schedule
Monday, September 27 • 3:50pm - 4:40pm
(VIRTUAL) SW360 SBOM and License Obligation Management - Michael Jaeger, Siemens AG & Kouki Hama, Toshiba Corporation

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
The SW360 started as a software project for managing license compliance information using SPDX information for products and projects. The foundation for this lies in the software bill-of-material (SBOM), which lists all involved third party components of a product or project. Then, SW360 developed also into supporting other tasks around delivering software using the SBOM: for example, managing vulnerabilities or assessing trade compliance (ECC). With its REST API, SW360 can import and export the SBOM information in an automated way. To support product approval processes, SW360 has extended the support for license compliance information with the import of license obligations, providing the input for delivery approval processes. The obligation information can be imported from the OSADL license checklist.

avatar for Michael C. Jaeger

Michael C. Jaeger

Project Lead, Siemens AG
Michael C. Jaeger is one of the maintainers for Linux Foundation's FOSSology and Eclipse SW360 projects, both available on Github and both in the area of OSS handling w.r.t. license compliance and component management. At Siemens Corporate Technology in Munich, Germany, Michael works... Read More →
avatar for Kouki Hama

Kouki Hama

Researcher in Software engineering, Toshiba Corporation
Kouki Hama is a researcher of software engineering in Toshiba Corporation. He researches open source compliance and these tools. He is also one of the members of OpenChain project Japan workgroup.

Monday September 27, 2021 3:50pm - 4:40pm PDT
MeetingPlay Platform + Virtual Learning Lab
  OS Dependability, SBOM & SPDX