Videos: Webinars  – Industrial Open Source Network

In June Swedsoft’s Industrial Open Source Network held two webinars on the theme of the license and security aspects of the intake of Open Source software.

When bringing in Open Source Software there is always that lingering concern about the licenses, what kind of legal risks could be brought in with the intake, and about the software constructs themselves, which security flaws and vulnerabilities could be built in when incorporating Open Source software with your solution. Thankfully, there are ways and means to reduce and handle those potential risks which were presented in two webinars by members of the Industrial Open Sorce Network.

On June 3rd the focus was on Linux Foundation’s OpenChain Project which defines the key requirements of a quality Open Source Compliance Program.

During the webinar Shane Coughlan, OpenChain Project, held an introduction on OpenChain followed by Jonas Öberg from Scania who talked about how OpenChain shaped Scania’s Open Source Program. Carl-Eric Mols, Addalot held a presentation about experiences form Sony Mobile.

A week later, on Wednesday June 10th, the focus was shifted to SW Security and Vulnerabilities aspects and how to handle those at the point of an intake and/or a continuous integration inflow of Open Source.

Martin Hell, LTH and Debricked gave a brief overview of some software security maturity models and discuss how the HAVOSS model can be used for open source software security. Stefan Andersson, Axis, talked about security at Axis and their thoughts on open source security. The webinar ended with a presentation from Emil Wåreus, Debricked about the ways Debricked tackle some specific challenges with community generated vulnerabilities using machine learning, as well as a short introduction to dependency vulnerability management.

The webinars both endend with a Q&A moderated by Nicolas Martin-Vivaldi, Addalot who is the coordinator for the Industrial Open Source Network.

You can see the webinars at Swedsoft’s YouTube-channel.


News


Report on lifelong learning

Prior to the workshop, the agency presented a series of questions that were discussed during the workshop. In the report

Summer greetings

At the annual meeting, two new members were elected to the board; Linda Örtlund, SKF and Patrik Sandgren, Teknikföretagen. We continue to work

Webinar on Cyber Resilience Act

Since 2022, Rikard has been globally responsible for digital product security at SKF and involved in their digital products. SKF

Swedsoft about standardization of AI

Swedsoft has reviewed the proposal, and our overall strong recommendation is not to standardize AI as a technology, as it