Loading…
November 19-21 2024
Napa, California
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for the event to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Pacific Daylight Time (UTC/GMT -8). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

or to bookmark your favorites and sync them to your phone or calendar.
strong>Intermediate [clear filter]
Tuesday, November 19
 

12:15pm PST

(Re)Stabilizing the Open Source Software Supply Chain - Philip Robb, Ericssson Software Technology
Tuesday November 19, 2024 12:15pm - 12:45pm PST
For members of the Linux Foundation, open-source software is recognized as critically essential to modern software development. Without it, the breadth and pace of innovation would plummet, and the costs to develop products and services based on software would skyrocket. Over the past several years, we've seen a destabilization of the open-source supply chain. Projects with poor security practices, malicious repo takeovers, and license rug-pulls are a small sample of the growing list of threats facing open-source users. As the largest commercial benefactors of this software supply chain, we have the most to lose. Efforts to address these issues have begun but are under-resourced and moving slowly. This is a Prisoner’s Dilemma & Free-Rider problem that needs a solution, or we are all worse off. This presentation will explore what methods can be brought to bear to increase development, oversight, and quality assurance in the open-source software supply chain to break out of the prisoner’s dilemma. How do those who invest in such work get an appropriate ROI? Can industry and governments work together to find a solution?
Speakers
avatar for Phil Robb

Phil Robb

Head of Ericsson Software Technology, Ericsson Software Technology
Phil is the Head of Ericsson Software Technology (EST), where he leads a passionate group of engineers developing open source software across a wide range of projects. Prior to Ericsson, Phil was the V.P. of Operations for the Networking Projects at the Linux Foundation for six years... Read More →
Tuesday November 19, 2024 12:15pm - 12:45pm PST
Sebastiani & Beringer
  Building & Managing Healthy OS Projects

12:15pm PST

The Shape of the New OSPO - Nithya Ruff, Amazon
Tuesday November 19, 2024 12:15pm - 12:45pm PST
OSPOs have gone through a lot of changes lately with some shrinking, some becoming distributed and the rise of new industries and government building OSPOs. The challenges that OSPOs were created to solve have also changed. With new areas to address such as regulations, AI, Security and open source software issues becoming more well understood, OSPOs need to change their organization shape and focus. As someone who has led multiple OSPOs through the maturity cycles, I want to cover the new challenges and how OSPOs are evolving to address them. And how OSPOs can remain relevant and influential during these years of change. I will cover writing the new strategy document, the organization structure and working across the organization and outside the organization to accomplish the mission,
Speakers
avatar for Nithya Ruff

Nithya Ruff

Head, Open Source Program Office, Amazon
Nithya is the Head of Amazon’s Open Source Program Office. Amazon’s customers value open source innovation and the cloud’s role in helping them adopt and run important open source services. She drives open source culture and coordination inside of Amazon and engagement with... Read More →
Tuesday November 19, 2024 12:15pm - 12:45pm PST
Silverado West

12:15pm PST

Transitive Maintainers are not Transitory - Jordan Harband, HeroDevs
Tuesday November 19, 2024 12:15pm - 12:45pm PST
Open Source projects in the JS ecosystem that are typically directly depended on are widely known: React, Babel, TypeScript, Vue, node.js, etc. These projects are affirmatively chosen by millions of humans. They get the lion's share of the (wildly insufficient) amount of available funds, contributions, sponsorships, and contributors.

What about the proverbial xkcd 2347 maintainers? Typically transitive dependencies, who are affirmatively selected by a mere dozens of humans, but whose code runs on hundreds of millions of developer machines, and serves billions of users? These projects are unknown, unsung, underfunded, and under-considered. Virtually every impactful security incident in the npm ecosystem has been due to a transitive dependency maintainer either going rogue, having their account taken over, or handing over the reins to an unvetted contributor - what levers can we apply to support these people's stability and vigilance?

As a prolific maintainer of almost entirely this category of package, Jordan Harband will offer his perspective on what proactive steps companies, governments, and individuals can take to improve this reality.
Speakers
avatar for Jordan Harband

Jordan Harband

Principal Open Source Architect, HeroDevs
Jordan Harband is an Open Source maintainer, primarily in JavaScript, and a Principal Open Source Architect at HeroDevs. He maintains many open source projects: see https://npmjs.com/~ljharb and https://github.com/ljharb, participates in TC39 (the JS language specification committee... Read More →
Tuesday November 19, 2024 12:15pm - 12:45pm PST
Silverado East

2:15pm PST

Trust in Open Source - Mike Bursell, Confidential Computing Consortium
Tuesday November 19, 2024 2:15pm - 2:45pm PST
After XZ, OpenJS came the realisation within the community that we don't really understand how trust works within the ecosystem of open source projects, their contributors, maintainers and consumers. This is a socio-technical problem, and in order to understand it and to work out how to build stronger, more secure ties across the ecosystem, we don't just need to engage in technical innovation but also delve in the fields of sociology, behaviour psychology, organisational theory and beyond. This talk will discuss some of the existing work in the field in a relatable (not overly academic!) way and consider plausible research directions and topics. It aims to be a strongly interactive session and the hope is to encourage formation and involvement in this important work.
Speakers
avatar for Mike Bursell

Mike Bursell

Executive Director, Confidential Computing Consortium
Mike Bursell is the Executive Director of the Confidential Computing Consortium. He is one of the co-founders of the Enarx project (https://enarx.dev), and was CEO and co-founder of Profian, a start-up based on Enarx. He has previously served on the Governing Boards of the CCC... Read More →
Tuesday November 19, 2024 2:15pm - 2:45pm PST
Sebastiani & Beringer

3:00pm PST

Zephyr: Overview and Roadmap - Kate Stewart, The Linux Foundation
Tuesday November 19, 2024 3:00pm - 3:30pm PST
This session will provide an overview of the project's accomplishments to date, and provide a roadmap of what is being planned for 2025. Zephyr project is now the 5th most active project hosted by the Linux Foundation. Each release sees about 30% new contributors, and these contributors are resulting in around 3 changes per hour in the code base. Products as diverse as Chromebooks, to Wind Turbines, to Hearings Aids, and Pet Trackers are being built with Zephyr. Learn about the open source and security best practices that have been applied to Zephyr over the years, and why it is now one of the most active open source projects at the Linux Foundation.
Speakers
avatar for Kate Stewart

Kate Stewart

VP Dependable Embedded Systems, Linux Foundation
Kate Stewart works with the safety, security and license compliance communities to advance the adoption of best practices into embedded open source projects. She has launched the ELISA and Zephyr Projects, as well as supporting other embedded projects. With more than 30 years of experience... Read More →
Tuesday November 19, 2024 3:00pm - 3:30pm PST
Silverado West
  OS Project Highlights

4:15pm PST

Alliance for OpenUSD: Building the HTML for 3D Worlds - Guy Martin, NVIDIA
Tuesday November 19, 2024 4:15pm - 4:45pm PST
This session will provide an overview of the Alliance for OpenUSD, an LF Joint Development Foundation project aimed at building a set of specifications to formalize the Pixar Open Universal Scene Description technology. Specific topics covered will include the alliance's purpose, work to date, as well as special focus on collaboration and interaction with the open source community and other Linux Foundation consortia such as the Academy Software Foundation.
Speakers
avatar for Guy Martin

Guy Martin

Director, Open Source & Standards, NVIDIA
Guy Martin is Director of Open Source & Standards at NVIDIA, where he’s responsible for helping shape the strategy of key open source and standards efforts such as Universal Scene Description (OpenUSD) & Material Definition Language (MDL). His experience includes stints building... Read More →
Tuesday November 19, 2024 4:15pm - 4:45pm PST
Silverado West
  OS Project Highlights

4:15pm PST

Introducing the Post-Quantum Cryptography Alliance - Michael Maximilien, IBM
Tuesday November 19, 2024 4:15pm - 4:45pm PST
There is a looming threat to all on the horizon. Today’s data and communications are secured using various forms of public-key encryption. These schemes are all (principally) based on the surprising complexity of factoring large numbers. The issue with modern-based cryptography is that, in 1994, Peter Shor discovered a quantum algorithm that can break modern encryption when executed on large enough quantum computers (QCs). What can we do today to protect from this looming threat? The QC and cryptography communities have been hard at work on devising new encryption algorithms that can be resistant to QCs. Working closely with the Linux Foundation and leaders of the cryptography and OSS community the Post-Quantum Cryptography Alliance (PQCA) was created to host and lead a collection of initial post-quantum projects that can be used to make the world’s software quantum safe. As part of the original representative members of the PQCA, Max has seen the progression of the alliance from its inception at the LF Member’s Summit 2022 to its current form. In this talk, he will present the foundation and its charter along with an overview of the current projects and algorithms.
Speakers
avatar for Michael Maximilien

Michael Maximilien

Distinguished Engineer, IBM
Max is an IBM Distinguished Engineer and leader for the teams contributing to Open Quantum and Serverless. Max has held elected and leadership positions in Cloud Foundry and Knative OSS communities. Max's main expertise are in software engineering and distributed systems. Max published... Read More →
Tuesday November 19, 2024 4:15pm - 4:45pm PST
Silverado East

5:00pm PST

A Secure, Stable Linux Kernel for the Long Run - Gustavo Padovan, Collabora Ltd
Tuesday November 19, 2024 5:00pm - 5:30pm PST
We all depend on the Linux kernel for critical parts of our society's infrastructure. Yet, our capacity to keep our Linux systems up to date with the latest features, security, and stability fixes is rather limited. Companies are collectively wasting millions and millions of dollars upgrading their systems to new kernels. I am sure you can relate to that! The Linux kernel community does a fantastic job developing the Linux kernel. It is an ever-evolving operating system that becomes more secure, stable, and feature rich every day. However, rebasing existing infrastructure on new kernels is not straightforward at all. We still lack processes, tools, and culture to make that job smoother in the Linux kernel ecosystem. KernelCI, a project under the Linux Foundation, is on a mission to change that. Our goal is to support the community and companies to ensure the quality, stability, and long-term maintenance of the Linux kernel while also reducing product integration costs drastically. In this talk, you will learn what KernelCI is, what we are doing to improve this situation, and, more importantly, what you can do to help!
Speakers
avatar for Gustavo Padovan

Gustavo Padovan

Kernel lead, Collabora Ltd
Gustavo leads Linux kernel strategy at Collabora - a well respected Open Source Software consultancy that helps top companies in the world create the next generation of technology with Open Source Software inside. He is also one of the driving forces behind the KernelCI Foundation... Read More →
Tuesday November 19, 2024 5:00pm - 5:30pm PST
Silverado East

5:00pm PST

Implementing the EU Cyber Resilience Act: Workstreams and Key Outcomes - Mirko Boehm, LF Europe
Tuesday November 19, 2024 5:00pm - 5:30pm PST
All votes have passed on the EU CRA. It will now become the law after a short transition period. As the neutral steward of many essential small and large open source projects, the Linux Foundation aims to lead the way for the open source ecosystem in implementing the CRA. Beginning from an assessment of the state of the art of cybersecurity best practises in leading open source projects and an analysis of the gaps to the requirements of the CRA, the Linux Foundation is driving three multi-year work streams that reflect the required adaptation of the open source ecosystem - formalizing community best practices into standards, building awareness within the open source community, and implementing updated processes and tooling. Many of these changes will require deeper collaboration between the manufacturers of products with digital elements and the upstream communities and stewards.


This presentation will provide an overview of the CRA implementation roadmap developed by the Linux Foundation. It will also dive into how the CRA shapes the future of the relationship between manufacturers and upstream communities.
Speakers
avatar for Mirko Boehm

Mirko Boehm

Senior Director, Community Development, Linux Foundation Europe
Tuesday November 19, 2024 5:00pm - 5:30pm PST
Sebastiani & Beringer

5:00pm PST

The State of Open Source Funding and Guided Workshop: Insights and Best Practices for Improving Open Source Funding - Sam Boysel, Harvard Business School; Kevin Crosby & Stephanie Lincoln, GitHub; Emma Irwin, Microsoft
Tuesday November 19, 2024 5:00pm - 5:45pm PST
Understanding organizations funding behaviors is not well understood. Join us for a live read out of the inaugural 2024 Open Source Funding Funding report that found organizations invest over $7.7B annually in open source. We’ll explore potential misalignments and opportunities to improve funding at a top-level, and provide defined strategies, frameworks, and tools to help your organization measure the value created and the impact received from those investments. The primary audience for the session are OSPOs, Heads of Engineering and Product, C-Level Executives, and other individuals with a varying levels of understanding of their organization's open source engagement.
Speakers
avatar for Emma Irwin

Emma Irwin

Principal TPM, Microsoft
Emma Irwin is a Principal TPM with Microsoft's Open Source Program's Office. She has over 20 years' experience building with and for open source projects and their communities. Her experience spans multiple ‘open’ ecosystems including open data, education, science, access and... Read More →
avatar for Stephanie Lincoln

Stephanie Lincoln

Sr. Product Manager, GitHub
avatar for Kevin Crosby

Kevin Crosby

Open Source Funding, Sr. Dir., GitHub
Kevin Crosby is Senior Director of Open Source Funding. Prior to GitHub, Kevin led business development for VC and Accelerators at Carta and spent 8 years at Amazon in corporate venture and leading product, engineer, and business teams. He is an active investor and advisor to venture... Read More →
avatar for Sam Boysel

Sam Boysel

Postdoctoral Fellow, Harvard Business School
Sam is a postdoctoral fellow at the Laboratory for Innovation Science at Harvard. His research interests lie at the intersection of digital economics, labor and productivity, industrial organization, and socio-technical networks. Specifically, his work has centered around the private... Read More →
Tuesday November 19, 2024 5:00pm - 5:45pm PST
Silverado West
 
Wednesday, November 20
 

9:00am PST

Adapting Open Source License Practices in the Age of LLMs - Brian Warner, Fidelity Investments
Wednesday November 20, 2024 9:00am - 9:30am PST
For many years, the landscape of open source licensing seemed stable and predictable. However, the advent of large language models (LLMs) has introduced new licenses and raised numerous questions about the application of existing open source licenses. At Fidelity, our Open Source Program Office (OSPO) and legal team have evolved our processes to navigate these changes and better understand what they require of us. This session will provide a practical case study and an accessible discussion on how OSPOs and legal teams can collaborate effectively in this evolving landscape.
Speakers
avatar for Brian Warner

Brian Warner

Director, OSPO Architect, Fidelity Investments
Brian is the architect of the Fidelity Investments OSPO. He is responsible for setting internal open source policies and standards, identifying improvements to the open source contribution and consumption experience, architecting tools that improve Fidelity's engagement with open... Read More →
Wednesday November 20, 2024 9:00am - 9:30am PST
Vintner's Court
  Legal Track Sessions

10:00am PST

Improving License Information in Fedora - Jilayne Lovejoy & Richard Fontana, Red Hat
Wednesday November 20, 2024 10:00am - 10:30am PST
The licensing of open source software, as embodied in source code and package metadata, has long suffered from lack of clarity and consistency. This has become more evident with the use of sophisticated license scanning tools. Discussions among open source legal and compliance experts often express the desirability of having such problems addressed upstream.

We will describe the progress on an initiative driven by Red Hat and the Fedora Project community to revitalize its traditional role of curating a distribution with careful attention to licensing. This initiative includes: improved documentation and explanation of license policies, evolution of "allowed" and "not allowed" license lists from a project wiki to a repository of machine-readable data; the use of SPDX identifiers in package license metadata, including close collaboration with the SPDX-legal community; and traceable license review process. We will cover an overview of the process, challenges faced and overcome, and planned next steps.

By sharing the Fedora approach, we hope others can learn or borrow from this work and also contribute to improving license information upstream.
Speakers
avatar for Jilayne Lovejoy

Jilayne Lovejoy

Product Counsel, Red Hat
Jilayne is a US lawyer and community leader and has held various community and in-house roles related to open source. She is a product counsel at Red Hat working on a variety of topics.Jilayne leads the Linux Foundation sponsored Software Package Data Exchange® (SPDX) legal team... Read More →
avatar for Richard Fontana

Richard Fontana

Senior Commercial Counsel, Red Hat
Richard Fontana is a lawyer at Red Hat and a member of the Products, Privacy and Innovation team in the Red Hat legal department. He specializes in legal matters relating to software development, with a significant focus on open source strategy and compliance as well as AI/machine... Read More →
Wednesday November 20, 2024 10:00am - 10:30am PST
Vintner's Court
  Legal Track Sessions

10:00am PST

Chasing the White Whale of Open Source - ROI - Bob Killen, Cloud Native Computing Foundation
Wednesday November 20, 2024 10:00am - 10:30am PST
Have you ever found yourself trying to justify a commitment to an open source project and struggled to communicate the value beyond the usual suspects, such as increased influence or attracting talent? You are not alone. In today’s economic climate, organizations are looking for more concrete returns; they want to know how their investment impacts their business goals. In this talk, Bob will go over some proven successful strategies and tools to help you convey the impact of your organization’s open source investment and provide a lightweight framework that can be used to continue to tell this story over-time and in a sustainable way.
Speakers
avatar for Bob Killen

Bob Killen

Senior Technical Program Manager, Cloud Native Computing Foundation
Bob is a Senior Technical Program Manager at the Cloud Native Computing Foundation (CNCF), where he works to streamline processes, puts into practice projects aimed at connecting users and maintainers, and finds ways to surface the value of open source. Before this, Bob was an OSS... Read More →
Wednesday November 20, 2024 10:00am - 10:30am PST
Sebastiani & Beringer

10:00am PST

The Open Strategies of GenAI: Unlocking Potential Through Collaboration and Transparency - Anni Lai, Futurewei & Arnaud Le Hors, IBM
Wednesday November 20, 2024 10:00am - 10:30am PST
In the evolving landscape of GenAI, open strategies are key drivers of innovation and widespread adoption. This preso explores how transparency, collaboration, and shared resources shape the future of GenAI. We will highlight fundamental principles, successful initiatives, and real-world case studies demonstrating how open-source models and datasets accelerate research and democratize access to cutting-edge AI capabilities. The discussion will address the challenges and opportunities of open strategies, balancing openness with security, and the impact on IP and community governance. Insights from recent research and industry trends will shed light on the implications for enterprise AI deployment and the broader AI ecosystem. Attendees will gain a comprehensive understanding of how open strategies in GenAI can unlock potential, foster innovation, and drive sustainable growth. This session is valuable for developers, researchers, policymakers, and business leaders seeking to harness the power of openness in AI.
Speakers
avatar for Arnaud Le Hors

Arnaud Le Hors

Senior Technical Staff Member, Open Technologies, IBM
Arnaud Le Hors is Senior Technical Staff Member of Open Technologies at IBM, primarily focusing on Open Source security. He has been working on standards and open source for over 25 years. Arnaud was editor of several key web specifications including HTML and DOM and was a pioneer... Read More →
avatar for Anni Lai

Anni Lai

Head of Open Source Operations & Marketing, www.futurewei.com
Anni drives Futurewei’s open source (O.S.) governance, process, compliance, training, project alignment, and ecosystem building. Anni has a long history of serving on various O.S. boards such as OpenStack Foundation, LF CNCF, LF OCI, LF Edge, and is on the LF OMF board and LF Europe... Read More →
Wednesday November 20, 2024 10:00am - 10:30am PST
Silverado East

10:45am PST

Dependency Risk Management: A Guide for OSPOs - Ashley Wolf, GitHub
Wednesday November 20, 2024 10:45am - 11:15am PST
Open source software is ubiquitous and forms the backbone of modern digital infrastructure, yet it often hides dependency risks that can impact organizations significantly. At GitHub, where we depend on tens of thousands of open source packages, we have leveraged open source frameworks from OpenSSF and other communities and created strategies to assess and mitigate these risks. Join us as we explore how OSPOs can use open source tools and standards to create plans for identifying and addressing dependency risks to improve their overall risk profile and improve project health. The talk will cover strategies for engaging with key stakeholders, including security teams, and funding opportunities to build resilient and sustainable open source ecosystems.
Speakers
avatar for Ashley Wolf

Ashley Wolf

Director, Open Source Programs, GitHub
Ashley Wolf is the Director of Open Source Programs at GitHub. She runs initiatives and programs to empower developers to be successful with open source. She is also passionate about helping companies participate in the open source community. Prior to joining GitHub, Ashley led the... Read More →
Wednesday November 20, 2024 10:45am - 11:15am PST
Sebastiani & Beringer

12:00pm PST

Beyond Upstream First: The Contribution Maturity Model - Theodore Ts'o, The Linux Foundation Technical Advisory Board
Wednesday November 20, 2024 12:00pm - 12:30pm PST
Last year, the Linux Foundational's Technical Advisory Board published the Linux Kernel Contribution Maturity Model (CMM). The goal of the CMM is to encourage companies to allow and encourage their engineersto contribute to upstream development in ways that allow them to grow into leadership roles, improving the overall health of the Linux Kernel ecosystem.  This talk explores how companies can improve their overall upstream community maturity, and how this benefits the company; their engineers, and the upstream development community.
Speakers
avatar for Theodore Ts'o

Theodore Ts'o

Staff Programmer, Google
Theodore Ts'o is the first North American Linux Kernel Developer, and started working with Linux in September, 1991. He previously served as CTO for the Linux Foundation, and is currently employed at Google.Theodore is a Debian Developer, and is the maintainer of the ext4 file system... Read More →
Wednesday November 20, 2024 12:00pm - 12:30pm PST
Silverado West

12:00pm PST

The Model Openness Framework and why AI Needs a New Open License - Matt White, PyTorch Foundation
Wednesday November 20, 2024 12:00pm - 12:30pm PST
The rapid evolution of AI has outstripped traditional open source licensing, creating legal uncertainties around copyrightability of model weights, fair use in training, and liability. This session will begin with an overview of the Model Openness Framework, which breaks AI models into 17 components, offering tailored open licensing strategies. However, its complexity has hindered broad adoption.

To that end we will present the OpenMDW License, a permissive license designed specifically for AI models. Covering architecture, data, weights, tools, and documentation, it addresses gaps in existing frameworks and incorporates AI-specific liability considerations. This license offers a standardized solution to the challenges faced by model creators and users.

This session will equip attorneys with critical insights into AI model artifacts, the limitations of current licensing practices, and practical tools for handling openness and completeness in the evolving AI landscape.
Speakers
avatar for Matt White

Matt White

Executive Director, PyTorch Foundation. GM of AI., Linux Foundation
Matt White is the Executive Director of the PyTorch Foundation and GM of AI at the Linux Foundation. He is also the Director of the Generative AI Commons, an open community initiative focused on advancing responsible generative AI under the LF AI & Data Foundation. Matt has nearly... Read More →
Wednesday November 20, 2024 12:00pm - 12:30pm PST
Vintner's Court
  Legal Track Sessions

12:00pm PST

Verifiable Credentials: What Every OSS Project Needs to Know - Daniel Goldscheider, OpenWallet Foundation
Wednesday November 20, 2024 12:00pm - 12:30pm PST
W3C Verifiable Credentials are spreading like wildfire, fed by a growing number of governments who are piloting and putting VC-based systems into production. The EU will be mandating their use by the end of 2025 for certain key citizen services. VCs and Digital Wallets can be used in privacy-preserving ways, opening the door to a different, better, more decentralized paradigm for granting access and permissions to web sites, apps, and key services. Come to hear about the use cases, the regulations, and the underlying technology that will likely emerge as a requirement for most meaningful open source projects to adopt at some point soon.
Speakers
DG

Daniel Goldscheider

Founder, OpenWallet
Wednesday November 20, 2024 12:00pm - 12:30pm PST
Silverado East

2:00pm PST

OSI Open Source AI Definition Update and Q&A - Stefano Maffulli, Open Source Initiative (OSI)
Wednesday November 20, 2024 2:00pm - 2:30pm PST
The release of v.1.0 of the Open Source AI Definition answers a lot of questions and leaves a few more open. This session will briefly cover the 2+ years of the co-design process that led to the Open Source AI Definition and highlight the unanswered questions. leaving time for a brainstorming session.
Speakers
avatar for Stefano Maffulli

Stefano Maffulli

Executive Director, Open Source Initiative
Stefano is an experienced leader of open source organizations, from non-profits advocacy groups and trade organizations to business ventures and community projects across countries. With a proven track record in community building, he’s also an active contributor to open source... Read More →
Wednesday November 20, 2024 2:00pm - 2:30pm PST
Vintner's Court
  Legal Track Sessions

2:45pm PST

"Open" AI Perspectives - Richard Fontana, Red Hat
Wednesday November 20, 2024 2:45pm - 3:15pm PST
Speakers
avatar for Richard Fontana

Richard Fontana

Senior Commercial Counsel, Red Hat
Richard Fontana is a lawyer at Red Hat and a member of the Products, Privacy and Innovation team in the Red Hat legal department. He specializes in legal matters relating to software development, with a significant focus on open source strategy and compliance as well as AI/machine... Read More →
Wednesday November 20, 2024 2:45pm - 3:15pm PST
Vintner's Court
  Legal Track Sessions

2:45pm PST

Ant Group's 3+ Year's of OSPO Journey to the Global Stage - Richard Sikang Bian & Nadia Jiang, Ant Group
Wednesday November 20, 2024 2:45pm - 3:15pm PST
Ant Group (fintech company with 25K employees) founded Open Source Program Office (OSPO) in 2021. It has been a roller coaster journey to nurture it as the company features primarily a B2B2C business model which doesn't rely heavily on Open Source successes. Building long-lasting open source engagement can be a really challenging, yet rewarding journey. It all began as a technical strategic initiative with 1 individual working on it part time. After 3+ years, the company now has a dedicated OSPO team of 6+ people, a full fledged Open Source Technical Committee, featuring Open Source as a long term Technical Strategy, and starting this year began the global outreach work very seriously in 2024. In this duo-speaker session, we'll share our learnings and reflections of building OSPO in a highly dynamic environment with constant challenges from leadership, peers, and difficulties for building sustainable ecosystem. It aims to provide valuable insights for foundation members, ecosystem players and project leads to work with large corporations, even more useful if there are cultural boundaries to break through.
Speakers
avatar for Nadia Jiang

Nadia Jiang

Head of Open Source Growth and Internationalization, Ant Group
Nadia Jiang is an entrepreneur, open-source enthusiast, and DevRel expert. Currently serving as the COO of SegmentFault, China's largest developer Q&A community, and co-founder of Apache Answer. In addition to her professional accomplishments, Nadia is a dedicated contributor to open-source... Read More →
avatar for Richard Sikang Bian

Richard Sikang Bian

Head of OSPO and Open Source Growth & Strategy, Ant Group
As an engineer by training and father to a toddler, Richard was ex-Square, ex-Microsoft who currently works on the Technical Strategy Initiatives team of Ant Group. Richard is also in charge of Ant Group's Open Source Program Office (OSPO) and enjoys being the evangelist of Open Source... Read More →
Wednesday November 20, 2024 2:45pm - 3:15pm PST
Sebastiani & Beringer

2:45pm PST

ToIP Ecosystem of Ecosystems Model for Decentralized Digital Trust - Judith Fleenor, Trust Over IP Foundation & Wenjing Chu, Futurewei Technologies Inc.
Wednesday November 20, 2024 2:45pm - 3:15pm PST
Trust Over IP Foundation, a JDF project under the Linux Foundation Decentralize Trust umbrella, has long been known for its “dual stack” that combines technical protocols with the governance models and artifacts required to create interoperable decentralized digital trust ecosystems. Starting with our ToIP Governance Architecture Specifications (2021) and ToIP Technology Architecture Specification (2022), this year we have published Implementers Drafts of our Trust Spanning Protocol (TSP) and Trust Registry Query Protocol (TQRP). This session will explain how this decentralized digital trust architecture is being implemented in an ecosystem of ecosystems model to produce Internet-scale solutions to urgent security, privacy, and data governance problems around the world such as content authenticity to protect against AI deep fakes.
Speakers
avatar for Wenjing Chu

Wenjing Chu

Senior Director of Technology Strategy, Futurewei Technologies Inc.
Wenjing is a senior directory of technology strategy at Futurewei leading initiatives on trust in the future of computing. He is a Steering Committee member of the Trust over IP (ToIP) Foundation and co-Chairs the TSP and AI & Metaverse task forces. He is a Board Member of the OpenWallet... Read More →
avatar for Judith Fleenor

Judith Fleenor

Director of Strategic Engagement, Trust Over IP
Judith Fleenor, Director of Strategic Engagement, Trust Over IP (ToIP.)The mission of ToIP is to simplify and standardize how trust is established over a digital network or using digital tools. Judith facilitates the collaborative community of international experts working together... Read More →
Wednesday November 20, 2024 2:45pm - 3:15pm PST
Silverado West
  OS Project Highlights

4:30pm PST

Generating SBOMs for All Critical Linux Foundation Projects - Gary O'Neall, Source Auditor Inc. & Jeff Shapiro, The Linux Foundation
Wednesday November 20, 2024 4:30pm - 5:00pm PST
We’ve been doing source level license scans for LF projects for a long time including generating SPDX formatted files, but what about SBOMs that can meet (and exceed) the government minimum specification? Here at the LF, we are now leveraging our existing scanning capabilities to generate SBOMs for these same critical open source projects.

In the LF spirit, we are using existing open source tools to scan project dependencies to produce an SBOM that meets the minimum spec. We are also producing dependency level license data to compliment our source level scans. In the near future we will be combining these to produce a grand unified SBOM that will meet a newly defined LF minimum specification for SBOMs.

We will talk about our process to generate these SBOMs, the challenges we faced, our future plans, and share more about how you can make use of these for the projects you care about most.
Speakers
avatar for Jeff Shapiro

Jeff Shapiro

Director of License Scanning, The Linux Foundation
Jeff Shapiro is the Director of License Scanning for The Linux Foundation. He has over 30 years of experience in the software industry, including 10 years in software auditing, open source scanning, and training developers in OSS license compliance.
avatar for Gary O'Neall

Gary O'Neall

Founder and Principal Consultant, Source Auditor Inc.
Gary is a contributor to the Software Package Data Exchange® (SPDX™) - an open standard for communicating software bill of material information, including components, licenses, copyrights, and security references. Gary has contributed several open source tools. Gary O’Neall is... Read More →
Wednesday November 20, 2024 4:30pm - 5:00pm PST
Vintner's Court
  Legal Track Sessions

4:30pm PST

Panel Discussion: Open Source: What's Next? - Tony Wasserman, Software Methods & Tools; Chris Aniszczyk, CNCF; Nithya Ruff, Amazon; Stormy Peters, GitHub; Stephen Walli, Microsoft
Wednesday November 20, 2024 4:30pm - 5:00pm PST
This proposed session is a panel discussion covering recent developments and likely future directions for open source software, particularly as it applies to companies that are developing and/or using open source software in their products. The invited panelists all have extensive experience that cover the most significant issues facing open source today, including licensing, security, AI, and OSPOs.
Speakers
avatar for Tony Wasserman

Tony Wasserman

Principal Consultant, Software Methods and Tools
Tony Wasserman has divided his career between academia and industry. He is currently Principal of Software Methods and Tools, and an Advisor in the UC Berkeley SkyDeck accelerator. He was Professor of Sfw Mgmt at CMU-Silicon Valley from 2005-23. Earlier, he was CEO of Interactive... Read More →
avatar for Stephen Walli

Stephen Walli

Principal Program Manager, Microsoft
I'm a principal program manager at Microsoft in the Azure Office of the CTO. I've worked with Docker, been a Distinguished Technologist at Hewlett-Packard, technical director at the Outercurve Foundation, founded a start-up, and been a writer and consultant. I've been around open... Read More →
avatar for Chris Aniszczyk

Chris Aniszczyk

CTO, CNCF
Chris Aniszczyk is an open source technologist with a passion for building a better world through open collaboration. He's currently a CTO at the Linux Foundation focused on developer experience and running the Cloud Native Computing Foundation (CNCF). Furthermore, he's a Partner... Read More →
avatar for Nithya Ruff

Nithya Ruff

Head, Open Source Program Office, Amazon
Nithya is the Head of Amazon’s Open Source Program Office. Amazon’s customers value open source innovation and the cloud’s role in helping them adopt and run important open source services. She drives open source culture and coordination inside of Amazon and engagement with... Read More →
avatar for Stormy Peters

Stormy Peters

Open Source Expert, GitHub
Stormy Peters is VP of Communities at GitHub. She leads the teams responsible for enabling the online creators and open source communities on GitHub, including GitHub’s community product efforts, developer relations, education, and other strategic programs. Throughout her career... Read More →
Wednesday November 20, 2024 4:30pm - 5:00pm PST
Silverado East
 
Thursday, November 21
 

12:00pm PST

Panel Discussion: Bringing Open Source Governance to a World of Decentralized Trust - Diane Mueller, Bitergia; Christian Taylor, Intersect; & Hart Montgomery, The Linux Foundation
Thursday November 21, 2024 12:00pm - 12:30pm PST
In the transformative era of Web3, which encompasses decentralized trust systems, blockchain, and distributed ledger technologies, the foundational principles of open source governance have never been more critical. This session aims to explore the intersection of open source governance with Web3, providing insights from leading experts. We will delve into the evolution of governance models, their applicability in decentralized contexts, and the resultant challenges and opportunities within blockchain ecosystems. As Web3 technologies continue to evolve, they challenge traditional governance models with their decentralized nature. This session will introduce the significance of adapting open source governance principles—transparency, accountability, and inclusivity—to blockchain and distributed ledger technologies. We will set the stage for a deep dive into how these principles can foster collaboration and innovation in decentralized environments. Attendees will gain a nuanced understanding of how to leverage open source governance to navigate the complexities of Web 3's decentralized systems, ensuring robust, equitable, and forward-looking frameworks for the future.
Speakers
avatar for Hart Montgomery

Hart Montgomery

CTO, Hyperledger Foundation, Linux Foundation
Hart Montgomery serves as the CTO of Hyperledger Foundation and the ED of the Post-Quantum Cryptography Alliance. He has extensive experience in blockchain and cryptography, and previously worked in blockchain and cryptography research at Fujitsu Research. Hart received a Ph.D. in... Read More →
avatar for Diane Mueller

Diane Mueller

DIrector, Research and Advisory Services, Bitergia
Diane comes to Bitergia from Red Hat, where she was a Distinguished Community Architect and Director, Community Development for the OpenShift and Cloud Native ecosystems. She founded and lead the OpenShift Commons community and served as the co-chair of the OKD working group for the... Read More →
avatar for Christian Taylor

Christian Taylor

Head of Open Source Office, Intersect
Christian comes from a diversified delivery background across various industries, most recently leading efforts to integrate Cardano blockchain into the open-source space. He has been part of industry firsts, notably in VVIP aviation custom interiors at JBRND and managing workplace... Read More →
Thursday November 21, 2024 12:00pm - 12:30pm PST
Silverado West

3:45pm PST

Panel Discussion: OSS Viability: Reduce Risk with Metrics, Merges, and Money - Gary White, Verizon; Emma Irwin, Microsoft; Dawn Foster, CHAOSS; Georg Link, Bitergia
Thursday November 21, 2024 3:45pm - 4:15pm PST
Synopsys reports that 95% of codebases contain open source, and of those codebases, 75% of the code is open source. Viability; as a metrics model in the CHAOSS community; provides tools to inform strategic business decisions about open source use and investment. We evaluate open source at milestones such as when initial decision to use/or not use, or at points in time where investment through contribution ensures ongoing security and sustainability. Viability metrics can identify key moments when open source projects require focus and investment. Viability also provides measures for tracking impact of this focus and investment, both for OSS and for internal goals tracking. With metrics, we can make decisions about when it’s the right time to contribute back to communities that have too little support, and when to subsidize the work that our critical projects depend on. Join Dr. Dawn Foster (CHAOSS), Matt Germonprez (University of Nebraska at Omaha/CHAOSS), Emma Irwin (Microsoft), and Gary White (Verizon), as they discuss the approach, complications, failures, and successes of measuring viability and de-risking applications.
Speakers
avatar for Georg Link

Georg Link

Open Source Strategist and Director of Sales, Bitergia
Georg’s mission is to make open source more professional by using community metrics and analytics. Georg cofounded the CHAOSS Project to advance analytics and metrics for open source project health. Georg is an active contributor to several projects and has often presents on open... Read More →
avatar for Emma Irwin

Emma Irwin

Principal TPM, Microsoft
Emma Irwin is a Principal TPM with Microsoft's Open Source Program's Office. She has over 20 years' experience building with and for open source projects and their communities. Her experience spans multiple ‘open’ ecosystems including open data, education, science, access and... Read More →
avatar for Dawn Foster

Dawn Foster

Director of Data Science, CHAOSS
Dr. Dawn Foster works as the Director of Data Science for CHAOSS where she is also a board member / maintainer. She is co-chair of CNCF TAG Contributor Strategy and an OpenUK board member. She has 20+ years of experience at companies like VMware and Intel with expertise in community... Read More →
avatar for Gary White

Gary White

Principal Engineer, Verizon
Gary White Jr. is a technologist, dog dad, meme enthusiast, aspiring gearhead, and has-been musician. He specializes in enterprise companies on solving problems at scale. You can find Gary's previous experience on YouTube from Cloud Foundry Summit, KubeCon, and TremorCon. Most recently... Read More →
Thursday November 21, 2024 3:45pm - 4:15pm PST
Silverado East
 
Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.