Open source is a global phenomenon impacting all industries in all parts of the world. To better understand the regional dynamics of open source, Linux Foundation Research is conducting a series of new research projects under the World of Open Source umbrella to explore the state of open source, beginning with a European perspective, focusing on government, enterprise, and non-profit initiatives. 

Commencing with Europe, these studies will investigate ecosystem-wide trends, including:

  • The size and scope of the open source communities in each region 
  • The motivation for contributions to open source
  • Opportunities and challenges in the private and public sector engagement in open source
  • The landscape for consumption and adoption of open source technologies and best practices, such as OSPO formation

This project will seek to understand the state of open source across different European individuals and organizations for decision-makers and influencers alike.

Funded by the Linux Foundation, this research will be led by LF Research in collaboration with FINOS, LF Training & Certification, and LF Public Health. Additional support will be provided by several organizations across the non-profit, for-profit, and academic sectors including Codemotion, Esade, Friedrich Alexander University, Institut de Govern i Polítiques Públiques (IGOP) de la Universitat Autònoma de Barcelona, OpenForum Europe, Sailboard, Scott Logic, TU/Berlin, TU/Eindhoven, TODO Group Europe Chapter, Università di Roma Tre, and the University of Southampton.

The survey will take no more than 10 minutes of your time and will provide valuable data against future studies and serve as a template for studies conducted in other regions. Findings will be shared at Open Source Summit Europe in Dublin in September.

We thank you for your participation. Upon completion of the survey, you will receive a coupon for 25% off any purchase of training and certification from the LF Training & Certification course catalog.

world of open source launch at KubeCon 2022

Key executives to discuss the state of open source initiatives at KubeCon Europe this week

VALENCIA, SpainMay 16, 2022 — The Linux Foundation, a global nonprofit organization enabling mass innovation through open source, today launches the World of Open Source research series with its initial focus on the European community. The initiative will be championed by LF Research in collaboration with several European distribution and research partners. Furthermore, key executives of the Linux Foundation and partners will be speaking at KubeCon in Valencia, Spain this week as they kickstart the research series and meet with the extended open source and cloud native communities.

The Supporting the Flourishing European Open Source Ecosystem birds-of-a-feather session will be hosted on Thursday, 19 May at 14:30 CEST by Gabriele Columbro (Executive Director of FINOS), Hilary Carter (VP, Linux Foundation Research), Astor Nummelin Carlberg (CEO, OpenForum Europe), and Matthew Dunderdale (Delivery Principal, Scott Logic). KubeCon Europe is one of the largest open source developer events hosted on the continent each year.

“FINOS is one of the most globally distributed entities under the Linux Foundation and we are truly excited to support this deep research initiative backed by so many respected institutions across the EU, UK, and Switzerland“, said Gabriele Columbro, Executive Director of FINOS. “A clear European perspective will enhance how we forge deeper collaboration across the FINOS community and will shed new light on cross-border challenges like cybersecurity and sustainability that are important to the Linux Foundation and the open source ecosystem at large.”

Scott Logic is a UK-based consultancy who, alongside our peers, have greatly benefited from the plethora of open source tools and technologies that have recently emerged. However, our collective reliance on open source can reveal the sometimes fragile nature of community-run digital commons. We are delighted to partner with Linux Foundation to better understand the state of open source in Europe“, said Colin Eberhardt, CTO of Scott Logic. “Armed with the research findings, our goal is to ensure everyone can capitalize on the amazing innovations happening within open source and that our ‘digital commons’ are sustained for the long-term”.

“OpenForum Europe is pleased to partner with the Linux Foundation to promote this timely research series and upcoming survey on the state of open source in Europe. Open source software has already been shown to boost the European economy by between EUR 65 to 95 billion annually and to have positive effects on the number of startups and SME growth. As the EU and its Member States continue to invest in digital transformation, better understanding will allow the EU to further benefit from the innovative power of open source software.”

About the World of Open Source Research series

The World of Open Source series will explore the state of open source from a global perspective, scop of open source world of research focusing on government, enterprise, and non-profit initiatives. The research initiative kicks off on Wednesday, 18 May with a “World of Open Source: 2022 Europe Spotlight” survey.

The European open source survey will investigate ecosystem-wide trends, including: (1) the size and scope of the open source communities in the region, (2) the motivation for contributions to open source, (3) opportunities and challenges in the private and public sector engagement in open source, and (4) the landscape for consumption and adoption of open source technologies and best practices, such as open source program office (OSPO) formation. This project will seek to understand key opportunities for collaboration and perceived challenges in the European open source community across sectors for decision-makers and influencers alike.

Funded by the Linux Foundation, this research will be led by LF Research in collaboration with FINOS, LF Training & Certification, and LF Public Health. Additional support will be provided by several organizations across the non-profit, for-profit, and academic sectors including: Codemotion, Esade, Friedrich Alexander University, Institut de Govern i Polítiques Públiques (IGOP) de la Universitat Autònoma de Barcelona, OpenForum Europe, Sailboard, Scott Logic, TU/Berlin, TU/Eindhoven, TODO Group Europe Chapter, Università di Roma Tre, and the University of Southampton.

This research further expands the Linux Foundation’s investment in fostering a flourishing local European ecosystem which already supports critical intra- and inter-region open source collaborations, training, and events. The Linux Foundation will reveal the survey results at Open Source Summit Europe, in Dublin, Ireland, to be hosted 13 – 16 September.

Additional Resources

  • Attend the Birds of a Feather session at KubeCon in Valencia (Spain) on Thursday, 18 May at 14:30 CEST to learn more about the “World Of Open Source” research series
  • Contact us about Linux Foundation activities in Europe
  • Register for Open Source Summit Europe

About the Linux Foundation

Founded in 2000, the Linux Foundation and its projects are supported by more than 1,800 members. The Linux Foundation is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, Hyperledger, RISC-V, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

Media Contacts

Dan Whiting
+1 202-531-9091
dwhiting@linuxfoundation.org

world of open source launch at KubeCon

10-Point Open Source and Software Supply Chain Security Mobilization Plan Released with Initial Pledges Surpassing $30M

WASHINGTON, DC – May 12, 2022 – The Linux Foundation and the Open Source Software Security Foundation (OpenSSF) brought together over 90 executives from 37 companies and government leaders from the NSC, ONCD, CISA, NIST, DOE, and OMB to reach a consensus on key actions to take to improve the resiliency and security of open source software. 

Open Source Software Security Summit II, is a follow-up to the first Summit held January 13, 2022 that was led by the White House’s National Security Council. Today’s meeting was convened by the Linux Foundation and OpenSSF on the one year after the anniversary of President Biden’s Executive Order on Improving the Nation’s Cybersecurity

The Linux Foundation and OpenSSF, with input provided from all sectors, delivered a first-of-its-kind plan to broadly address open source and software supply chain security. The Summit II plan outlines approximately $150M of funding over two years to rapidly advance well-vetted solutions to the ten major problems the plan identifies. The 10 streams of investment include concrete action steps for both more immediate improvements and building strong foundations for a more secure future. 

A subset of participating organizations have come together to collectively pledge an initial tranche of funding towards implementation of the plan. Those companies are Amazon, Ericsson, Google, Intel;, Microsoft, and VMWare, pledging over $30M. As the plan evolves further more funding will be identified, and work will begin as individual streams are agreed upon.

This builds on the existing investments that the OpenSSF community members make into open source software. An informal poll of our stakeholders indicates they spend over $110M and employ nearly a hundred full-time equivalent employees focused on nothing but securing the open source software landscape. This plan adds to those investments.

KEY QUOTES

Jim Zemlin – Executive Director, Linux Foundation:  “On the one year anniversary of President Biden’s executive order, today we are here to respond with a plan that is actionable, because open source is a critical component of our national security and it is fundamental to billions of dollars being invested in software innovation today. We have a shared obligation to upgrade our collective cybersecurity resilience and improve trust in software itself.  This plan represents our unified voice and our common call to action. The most important task ahead of us is leadership.”

Brian Behlendorf – Executive Director, Open Source Security Foundation (OpenSSF):  “What we are doing here together is converging a set of ideas and principles of what is broken out there and what we can do to fix it.  The plan we have put together represents the 10 flags in the ground as the base for getting started.  We are eager to get further input and commitments that move us from plan to action.”

Anne Neurenberger, Deputy National Security Advisor, Cyber & Emerging Tech at National Security Council, The White House:

“President Biden signed the Executive Order on Cybersecurity last year to ensure the software our government relies on is secure and reliable, including software that runs our critical infrastructure.  Earlier this year, the White House convened a meeting between government and industry participants to improve the security of Open Source software.  The Open Source security foundation has followed up on the work at that meeting and convened participants from across industry to make substantial progress.  We are appreciative of all participants’ work on this important issue.”

Atlassian

Adrian Ludwig, Chief Trust Officer

“Open source software is critical to so many of the tools and applications that are used by thousands of development teams worldwide. Consequently, the security of software supply chains has been elevated to the top of most organizations’ priorities in the wake of recent high-profile vulnerabilities in open source software. Only through concerted efforts by industry, government and other stakeholders can we ensure that open source innovation continues to flourish in a secure environment. This is why we are happy to be participating in OpenSSF, where we can collaborate on key initiatives that raise awareness and drive action around the crucial issues facing software supply chain security today. We’re excited to be a key contributor to driving meaningful change and we are optimistic about what we can achieve through our partnership with OpenSSF and like-minded organizations within its membership.”

Cisco

Eric Wenger, Senior Director, Technology Policy, Cisco Systems

“Open source software (OSS) is a foundational part of our modern computing infrastructure. As one of the largest users of and contributors to OSS, Cisco makes significant investments in time and resources to improve the security of widely-used OSS projects. Today’s effort shows the stakeholder community’s shared commitment to making open-source development more secure in ways that are measurable and repeatable.”

Dell

Jim Medica, Technologist in Dell Technologies’ Office of the CTO

“Never before has software security been a more critical part of the global supply chain. Today, in a meeting led by Anne Neuberger [linkedin.com], Deputy National Security Advisor for Cyber and Emerging Technology, Dell and my Open Source Security Foundation colleagues committed our software security expertise to execute the Open Source Software Security Mobilization Plan. Dell’s best and brightest engineers will engage with peers  to develop risk-based metrics and scoring dashboards, digital signature methodologies for code signing, and Software Bill of Materials (SBoM) tools – all to address the grand challenge of open source software security. This is an excellent example of the leadership Dell provides to proactively impact software security and open-source security solutions, and reinforces our commitment to the open source software community, to our supply chain and to our national security.”

Ericsson

“Ericsson is one of the leading promoters and supporters of the open source ecosystem, accelerating the adoption and industry alignment in a number of key technology areas. The Open Source Security Foundation (OpenSSF) is an industry-wide initiative with the backing of the Linux Foundation with the objective of improving supply chain security in the open source ecosystem.

“As a board member of OpenSSF, we are committed to open source security and we are fully supportive of the mobilization plan with the objective of improving supply chain security in the open source ecosystem. Being an advocate and adopter of global standards, the initiatives aim to strengthen open source security from a global perspective.”

GitHub

Mike Hanley, Chief Security Officer

“Securing the open source ecosystem starts with empowering developers and open source maintainers with tools and best practices that are instrumental to securing the software supply chain. As home to 83M developers around the world, GitHub is uniquely positioned and committed to advance these efforts, and we’ve continued our investments to help developers and maintainers realize improved security outcomes through initiatives including 2FA enforcement on GitHub.com and npm, open sourcing the GitHub Advisory Database, financial enablement for developers through GitHub Sponsors, and free security training through the GitHub Security Lab

“The security of open source is critical to the security of all software. Summit II has been an important next step in bringing the private and public sector together again and we look forward to continuing our partnerships to make a significant impact on the future of software security.”

Google

Eric Brewer, VP of Infrastructure at Google Cloud & Google Fellow

“We’re thankful to the Linux Foundation and OpenSSF for convening the community today to discuss the open source software security challenges we’re facing and how we can work together across the public and private sectors to address them. Google is committed to supporting many of the efforts we discussed today, including the creation of our new Open Source Maintenance Crew, a team of Google engineers who will work closely with upstream maintainers on improving the security of critical open source projects, and by providing support to the community through updates on key projects like SLSA, Scorecards; and Sigstore, which is now being used by the Kubernetes project. Security risks will continue to span all software companies and open source projects and only an industry-wide commitment involving a global community of developers, governments and businesses can make real progress. Google will continue to play our part to make an impact.”

IBM

Jamie Thomas, Enterprise Security Executive

“Today, we had the opportunity to share our IBM Policy Lab’s recommendations on how understanding the software supply chain is key to improving security. We believe that providing greater visibility in the software supply chain through SBoMs ( Software Bill of Materials) and using the Open Source Software  community as a valuable resource to encourage passionate developers to create, hone their skills, and contribute to the public good can help strengthen our resiliency. It’s great to see the strong commitment from the community to work together to secure open source software. Security can always be strengthened and I would like to thank Anne Neuberger today  for her deep commitment and open, constructive, technical dialogue that will help us pave the way to enhancing OSS security. ”

Intel

Greg Lavender, Chief Technology Officer and General Manager of the Software and Advanced Technology Group

“Intel has long played a key role in contributing to open source. I’m excited about our role in the future building towards Pat’s Open Ecosystem vision. As we endeavor to live into our core developer tenets of openness, choice and trust – software security is at the heart of creating the innovation platforms of tomorrow.”

Melissa Evers, Vice President, Software and Advanced Technology, General Manager of Strategy to Execution

“Intel commends the Linux Foundation in their work advancing open source security. Intel has a history of leadership and investment in open source software and secure computing: over the last five years, Intel has invested over $250M in advancing open-source software security. As we approach the next phase of Open Ecosystem initiatives, we intend to maintain and grow this commitment by double digit percentages continuing to invest in software security technologies, as well as advance improved security and remediation practices within the community and among those who consume software from the community.”

JFrog

Stephen Chin, Vice President of Developer Relations

“While open source has always been seen as a seed for modernization, the recent rise of software supply chain attacks has demonstrated we need a more hardened process for validating open-source repositories. As we say at JFrog, ‘with great software comes great responsibility’, and we take that job seriously. As a designated CNA, the JFrog Security Research team constantly monitors open-source software repositories for malicious packages that may lead to widespread software supply chain attacks and alerts the community accordingly. Building on that, JFrog is proud to collaborate with the Linux Foundation and other OpenSSF members on designing a set of technologies, processes, accreditations, and policies to help protect our nation’s critical infrastructure while nurturing one of the core principles of open source – innovation.” 

JPMorgan Chase

Pat Opet, Chief Information Security Officer

“We are proud to have worked with Open Source Security Foundation (OpenSSF) and its members to create the new Open Source Software Security Mobilization Plan, This plan will help to address security issues in the software supply chain which is critical to making the world’s software safer and more secure for everyone.”

Microsoft

Mark Russinovich, CTO, Microsoft Azure

“Open source software is core to nearly every company’s technology strategy. Collaboration and investment across the open source ecosystem will strengthen and sustain security for everyone. Microsoft’s commitment to $5M in funding for OpenSSF supports critical cross-industry collaboration. We’re encouraged by the community, industry, and public sector collaboration at today’s summit and the benefit this will have to strengthen supply chain security.”

OWASP Foundation

Andrew van der Stock, Executive Director

“OWASP’s mission is to improve the state of software security around the world. We are contributing to the Developer Education and Certification, as well addressing the Executive Order for improving the state and adoption of SBOMs. In particular, we would like to see a single, consumable standard across the board.” 

Mark Curphey (founder of OWASP) and John Viega (author of the first book on software security), Stream Coordinators

“We’re excited to see the industry’s willingness to come together on a single ‘bill of materials’ format. It has the potential to help the entire industry solve many important problems, including drastically improving response speed for when major new issues in open source software emerge.” 

SAP

Tim McKnight, SAP Executive Vice President & Chief Information Security Officer

“SAP is proud to be a part of the Open Source Software Security Summit II and contribute to the important dialogue on the topic of Open Source software security.

“SAP is firmly committed to supporting the execution of the Open Source Software Security Mobilization Plan and we look forward to continuing our collaboration with our government, industry, and academic partners.”

Sonatype

Brian Fox, CTO of Sonatype and steward of Maven Central

“It’s rare to see vendors, competitors, government, and diverse open source ecosystems all come together like they have today. It shows how massive a problem we have to solve in securing open source, and highlights that no one entity can solve it alone. The Open Source Software Security Mobilization Plan is a great step toward bringing our community together with a number of key tactics, starting with securing OSS production, which will make the entire open source ecosystem stronger and safer.” 

Wipro

Andrew Aitken, Global Head of Open Source

“Wipro is committed to helping ensure the safety of the software supply chain through its engagement with OpenSSF and other industry initiatives and is ideally suited to enhance efforts to provide innovative tooling, secure coding best practices and industry and government advocacy to improve vulnerability remediation.

“As the only global systems integrator in the OpenSSF ecosystem and in line with its support of OpenSSF objectives, Wipro will commit to training 100 of its cybersecurity experts to the level of trainer status in LF and OpenSSF secure coding best practices and to host training workshops with its premier global clients and their developer and cybersecurity teams. 

“Further, Wipro will increase its public contributions to Sigstore and the SLSA framework by integrating them into its own solutions and building a community of 50+ contributors to these critical projects.”

KEY BACKGROUND

Three Goals of the 10-Point Plan

  • Securing Open Source Security Production
      1. Make baseline secure software development education and certification the new normal for pro OSS developers
      2. Establish a public, vendor-neutral, objective-metrics based risk assessment dashboard for the top 10,000 open source components.
      3. Accelerate the adoption of digital signatures on software releases
      4. Eliminate root causes of many vulnerabilities through replacement of non-memory-safe languages.
  • Improving Vulnerability Discovery and Remediation
      1. Accelerate discovery of new vulnerabilities by maintainers and experts.
      2. Establish the corps of “volunteer firefighter” security experts to assist open source projects during critical times.
      3. Conduct third-party code reviews (and any necessary remediation work) of 200 of the most-critical open source software components yearly
      4. Coordinate industry-wide data sharing to improve the research that helps determine the most critical open source software.
  • Shorten ecosystem Patching Response Time
    1. Software Bill of Materials (SBOM) Everywhere – improve SBOM tooling and training to drive adoption
    2. Enhance the 10 most critical open source security build systems, package managers, and distribute systems with better supply chain security tools and best practices.

The 10-Point Plan Summarized (available in full here)

  1. Security Education Deliver baseline secure software development education and certification to all. 
  2. Risk Assessment Establish a public, vendor-neutral, objective-metrics-based risk assessment dashboard for the top 10,000 (or more) OSS components.
  3. Digital Signatures Accelerate the adoption of digital signatures on software releases.
  4. Memory Safety Eliminate root causes of many vulnerabilities through replacement of non-memory-safe languages.
  5. Incident Response Establish the OpenSSF Open Source Security Incident Response Team, security experts who can step in to assist open source projects during critical times when responding to a vulnerability.
  6. Better Scanning Accelerate discovery of new vulnerabilities by maintainers and experts through advanced security tools and expert guidance.
  7. Code Audits Conduct third-party code reviews (and any necessary remediation work) of up to 200 of the most-critical OSS components once per year. 
  8. Data Sharing Coordinate industry-wide data sharing to improve the research that helps determine the most critical OSS components.
  9. SBOMs Everywhere Improve SBOM tooling and training to drive adoption. 
  10. Improved Supply Chains Enhance the 10 most critical OSS build systems, package managers, and distribution systems with better supply chain security tools and best practices.

Media Contact

Edward Cooper
openssf@babelpr.com

The leading vendor-neutral open source event for technical and community contributors continues to focus on covering the most critical topics, innovative technologies and pivotal open source projects through its 14 sub-conferences.

SAN FRANCISCO, April 21, 2022 —  The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced the full schedule for Open Source Summit North America, the leading conference for open source developers and community leaders, taking place June 21-24 in Austin, Texas and virtually. The schedule can be viewed here and the previously announced keynote speakers can be viewed here.

Comprised of 14 events, including LinuxCon, Embedded Linux Conference, SupplyChainSecurityCon, CloudOpen, OSPOCon, Emerging OS Forum, ContainerCon and more, Open Source Summit North America 2022 will cover the most important and cutting edge topics and technologies touching open source today.  The schedule features 300 talks (keynote presentations, conference sessions, tutorials, and BoFs) and includes something for everyone, across a range of topics and skill levels.

“The 14 events that make up Open Source Summit North America’s conference umbrella cover the open source projects and technologies that are fundamental across software and other industries, while also highlighting those that are poised for growth and widespread use. The event provides the collaborative environment and knowledge sharing needed to drive innovation across the fold,” says Angela Brown, SVP & General Manager of Events at The Linux Foundation.

2022 Conference Session Highlights Include:

  • LinuxCon: Memory Folios – Matthew Wilcox, Oracle
  • CloudOpen: Peta Scale Telemetry Backend With Opentelemetry – Kranti Vikram Anugola & Weain Deng, Walmart Global Tech
  • Embedded Linux Conference: V4L2 M2M as the Driver Framework for Video Processing IP – Karthik Poduval, Amazon Lab126
  • OSPOCon: F5’s Open Source Journey – Christine Abernathy, F5, Inc.
  • Open AI + Data Forum: Delta Lake: Diving into Data Lakes Without the Downsides – Kelly O’Malley, Databricks
  • SupplyChainSecurityCon: Authenticating Supply-Chain Metadata: Building Remote Code Attestations on GitHub – Asra Ali & Laurent Simon, Google
  • Embedded IoT Summit: AI/ML at the Extreme Edge with WebAssembly: A Path Forward – Michael Tanenbaum, Mycelial
  • Global Security Vulnerability Summit: Scalable Management of Vulnerabilities in Open Source – Oliver Chang, Google & Kate Catlin, GitHub
  • Emerging OS Forum: OpenCost: An Open Source Tool for Your K8s Cost Management Problem – Webb Brown & Ajay Tripathy, Stackwatch
  • Diversity Empowerment Summit: “Did You Miss My Comment or What?” Understanding Toxicity in Open Source Discussions – Courtney Miller, Carnegie Mellon University
  • ContainerCon: Sustainability the Container Native Way – Huamin Chen, Red Hat & Chen Wang, IBM
  • Community Leadership Conference: Scaling Your Community From a Few Hundred to Tens of Thousands – Anna Filippova, dbt Labs
  • Open Source On-Ramp: Peeling Back the Layers of Storage – John Hawley, VMware
  • Critical Software Summit: Using FOSS as Part of a System Safety Mechanism – Paul Albertella, Codethink

2022 Keynote Speakers Include:

  • Alena Analeigh, Founder, Brown STEM Girl
  • Jennings Aske, Senior Vice President & Chief Information Security Officer, NewYork-Presbyterian Hospital
  • Aeva Black, Open Source Hacker, Ethical Agitator, and Consent Advocate
  • Eric Brewer, Vice President of Infrastructure, Google
  • Matt Butcher, Chief Executive Officer, Fermyon Technologies
  • Taylor Dolezal, Head of Ecosystem, Cloud Native Computing Foundation
  • Melissa Evers, Vice President & General Manager, Strategy to Execution, Software and Advanced Technology Group, Intel Corporation
  • Amy Gilliland, President, General Dynamics Information Technology (GDIT)
  • Orion Jean, TIME 2021 Kid of the Year, Author and Kindness Activist
  • Todd Moore, Vice President – Open Technology and Developer Advocacy, CTO DEG, IBM
  • Melissa Smolensky, Vice President, Corporate Marketing, GitLab
  • Linus Torvalds, Creator of Linux & Git in conversation with Dirk Hohndel, Founder, DH Consulting
  • Chris Wright, Senior Vice President and Chief Technology Officer, Red Hat

Additional keynote speakers will be announced in the coming weeks. 

Registration (in-person) is offered at the early price of $850 through April 26. Registration to attend virtually is $25. Members of The Linux Foundation receive a 20 percent discount off registration and can contact events@linuxfoundation.org to request a member discount code. 

Applications for diversity and need-based scholarships are currently being accepted. For information on eligibility and how to apply, please click here. The Linux Foundation’s Travel Fund is also accepting applications, with the goal of enabling open source developers and community members to attend events that they would otherwise be unable to attend due to a lack of funding. To learn more and apply, please click here.

Health and Safety
In-person attendees will be required to be fully vaccinated against the COVID-19 virus and will need to comply with all on-site health measures, in accordance with The Linux Foundation Code of Conduct. To learn more, visit the Health & Safety webpage.

Event Sponsors
Open Source Summit North America 2022 is made possible thanks to our sponsors, including Diamond Sponsors: Google and IBM, Platinum Sponsors: Cloud Native Computing Foundation, Databricks, Intel and Red Hat, and Gold Sponsors: Camunda, Checkmarx, Coder, Dell Technologies, GitLab, InfluxData, Kubecost, Styra and Whitesource. For information on becoming an event sponsor, click here or email us.

Press
Members of the press who would like to request a press pass to attend should contact Kristin O’Connell.

About the Linux Foundation
Founded in 2000, the Linux Foundation is supported by more than 2,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit linuxfoundation.org.

The Linux Foundation Events are where the world’s leading technologists meet, collaborate, learn and network in order to advance innovations that support the world’s largest shared technologies.

Visit our website and follow us on Twitter, Linkedin, and Facebook for all the latest event updates and announcements.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds. 

###

Media Contact
Kristin O’Connell
The Linux Foundation
koconnell@linuxfoundation.org

Leading open source network operating system enabling dis-aggregation for data centers now hosted by the Linux Foundation to enable neutral governance in a software ecosystem

SAN FRANCISCOApril 14, 2022  Today, the Linux Foundation, the nonprofit organization enabling mass innovation through open source, announced the Software for Open Networking in the Cloud (SONiC, an open source networking operating system), is now part of the Linux Foundation. The Linux Foundation provides a venue for continued ecosystem, developer growth and diversity, as well as collaboration across the open source networking stack.  

“We are pleased to welcome SONiC to the Linux Foundation family of open networking projects,” said Arpit Joshipura, general manager, Networking, Edge, and IoT, the Linux Foundation. “SONiC is a  leader in open source data center NOS deployments, and we’re looking forward to growing its developer community.” 

The Linux Foundation will primarily focus on the software component of SONiC, and continue to partner with Open Compute Platform(OCP) on aligning hardware and specifications like SAI. 

“Microsoft founded SONiC to bring high reliability and fast innovation to the routers in Azure cloud data centers. We created it as open source so the entire networking ecosystem would grow stronger.  SONiC already runs on millions of ports in the networks of cloud scalers, enterprises, and fintechs.  The SONiC project is thrilled to be joining the Linux Foundation to take the community to its next jump in scale, participation, and usage,” said  Dave Maltz, Technical Fellow and Corporate Vice President, Microsoft Azure Networking.

About SONiC

Created by Microsoft for its Azure data centers, SONiC is an open source network operating system (NOS)  based on Linux that runs on over 100 different switches from multiple vendors and ASICs. It offers a full-suite of network functionality, like BGP and RDMA, that has been production-hardened in the data centers of some of the largest cloud-service providers. It offers teams the flexibility to create the network solutions they need while leveraging the collective strength of a large ecosystem and community. 

Existing Ecosystem

SONiC brings a strong existing ecosystem, with premier members including Alibaba, Broadcom, Dell, Google, Intel, Microsoft, NVIDIA and 50+ global partners. The SONiC community will host its first hackathon later this year. Stay tuned for details and registration information. More information about SONiC, including how to join, is available at SONiC (azure.github.io).

Support from Key Stakeholders & Customers

Alibaba

“This is a big milestone for the SONiC community. After joining the Linux Foundation, the SONiC community will play a much more important role in the networking ecosystem,” said Dennis Cai, Head of Network Infrastructure, Alibaba Cloud. “Congratulations!  As one of the pioneering SONiC users and contributors, Alibaba Cloud has widely deployed SONiC- based whitebox switches in our data centers, edge computing cloud, P4- based network gateways, and will extend the deployment to Wide Area Networks. With modern network OS design and operation- friendly features, we already gained tremendous value from the large-scale deployments. Alibaba is committed to the SONiC community, and will continue bringing our large-scale deployment best practices to the community, such as open hardware specs , network in-band telemetry, high performance networking, and network resiliency features, SRv6, etc.” 

Broadcom

“Large hyperscalers agree that merchant silicon, hardware independence, and open source protocol and management stack are essential for running their data center networks. Broadcom has wholeheartedly supported this vision with leading-edge, predictable silicon execution and contributions to the SONiC project. We are excited to see the SONiC initiative join the Linux Foundation and look forward to working with the streamlined ecosystem to drive the data center and hyperscale needs of the future,” said Mohammad Hanif, senior director of engineering, Core Switching Group, Broadcom.

Dell Technologies 

“We believe SONiC will continue its accelerated adoption into the modern data center, delivering the scale, flexibility and programmability needed to run enterprise-level networks,” said Dave Lincoln, vice president of product management at Dell Technologies. “As a leading SONiC contributor, we see the advantages it brings to the supporting open source community and customers. As we continue the drive to take open-source-based solutions mainstream, we look forward to working with the Linux Foundation and its supporting communities to drive SONIC’s development and adoption.”

EBay

“eBay operates a large-scale network infrastructure to support its growing global business. eBay cares about the openness and quality of NOS to operate its network infrastructure. eBay is an active participant in the SONiC community and deploys SONiC at scale in its infrastructure. eBay is excited to see this next step of growth of the SONiC community,” said Parantap Lahiri, vice president, Network and Datacenter Engineering at eBay. 

EPFL

“At EPFL, we have been looking for a vendor neutral and flexible NOS that can provide HaaS capabilities for our Private Cloud Environment. SONiC OS provides us the solution we have been looking for in our Data Centre, allowing us to migrate to a powerful and modern Data Centre network. We are looking forward to this next phase in the SONiC community,” said Julien Demierre, Network and System architect at EPFL.

Google

“We believe moving SONiC to the Linux Foundation is very important as it will further enhance collaboration across the open source network, community and ecosystem. Google has more than a decade of experience in SDN; our data centers and WAN are exclusively SDN controlled, and we are excited to have helped bring SDN capabilities to SONiC . We fully support the move to the LF and intend to continue making significant upstream contributions to drive feature velocity and make it easier for operators to realize the benefits of SDN with PINS/SONiC and P4,” said  Dan Lenoski, vice president, Engineering, Network Infrastructure, Google. 

Intel 

“Intel has a strong history of working with SONiC and the Linux Foundation to help to propel innovation in an open, cooperative environment where ideas are shared and iterated.  We continually promote open collaboration, encompassing open-source technologies such as the Infrastructure Programmer Developer Kit and P4 integrated networking stack (PINS), using Intel Xeon Scalable processors, Infrastructure Processing Units and Tofino Intelligent Fabric Processors as base hardware,” said Ed Doe, vice president and general manager, Switch and Fabric Group at Intel. “Joining the Linux Foundation will help SONiC to flourish, and in turn create greater benefit for cloud service providers, network operators and enterprises to create customized network solutions and transform data-intensive workloads from data center to the edge.”

NVIDIA

“This is an important milestone for SONiC and the community behind it,” said Amit Katz, vice president of Ethernet Switches at NVIDIA. “NVIDIA is committed to supporting the community version of SONiC that is 100 percent open source, enabling data center operators to control the code inside their cloud fabrics, accelerated by state-of-the-art platforms with SONiC support, such as NVIDIA’s Spectrum family of switches.” 

Open Compute Project 

“The Open Compute Project Foundation is pleased to continue its collaboration with SONIC as part of the OCP’s new hardware – software co-design strategy. The open source SONiC Network Operating System is enabling rapid innovation across the network ecosystem, and it began with the definition of the Switch Abstraction Interface (SAI) at OCP.   Hardware – software co-design focuses on software that requires intimate knowledge of the hardware to drive maximum hardware performance, and speed time-to-market for hardware where system performance and ecological footprint can be highly dependent on software and hardware interactions,” said George Tchaparian, CEO Open Compute Project Foundation.

About the Linux Foundation

The Linux Foundation is the organization of choice for the world’s top developers and companies to build ecosystems that accelerate open technology development and commercial adoption. Together with the worldwide open source community, it is solving the hardest technology problems by creating the largest shared technology investment in history. Founded in 2000, The Linux Foundation today provides tools, training and events to scale any open source project, which together deliver an economic impact not achievable by any one company. More information can be found at www.linuxfoundation.org.

# # #

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

Premier event for open source developers and community contributors will feature visionary speakers offering insights on a range of topics: WASM, Cloud Native Computing, Diversity, Community Leadership, Linux and more.

SAN FRANCISCO, April 13, 2022 – The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced the first round of keynote speakers taking the stage at Open Source Summit North America, June 21-24, in Austin, TX and virtually.

Open Source Summit North America is the premier event for open source developers, technologists, and community leaders to collaborate, share information, solve problems, and gain knowledge, furthering open source innovation and ensuring a sustainable open source ecosystem. It is a conference umbrella comprising 14 events covering the most important technologies and topics in open source including Linux, Embedded Systems, Supply Chain Security, AI + Data, Cloud, Community Leadership, OSPOs, Software Vulnerabilities, Diversity, IoT, Critical Systems, Containers and more.

2022 Keynote Speakers Include:

  • Alena Analeigh, Founder, Brown STEM Girl
  • Eric Brewer, Vice President of Infrastructure, Google
  • Matt Butcher, Chief Executive Officer, Fermyon Technologies
  • Taylor Dolezal, Head of Ecosystem, Cloud Native Computing Foundation
  • Melissa Evers, VP and General Manager, Strategy to Execution, Software and Advanced Technology Group, Intel Corporation
  • Amy Gilliland, President, General Dynamics Information Technology (GDIT)
  • Orion Jean, TIME 2021 Kid of the Year, Author and Kindness Activist
  • Todd Moore, Vice President – Open Technology and Developer Advocacy, CTO DEG, IBM
  • Melissa Smolensky, Vice President, Corporate Marketing, GitLab
  • Linus Torvalds, Creator of Linux & Git in conversation with Dirk Hohndel, Founder, DH Consulting
  • Chris Wright, Senior Vice President and Chief Technology Officer, Red Hat

The full schedule of sessions will be announced on April 21, with additional keynotes also being announced in the coming weeks.

Registration (in-person) is offered at the early price of $850 through April 26. Regisration to attend virtually is $25. Members of The Linux Foundation receive a 20 percent discount off registration and can contact events@linuxfoundation.org to request a member discount code.

Applications for diversity and need-based scholarships are currently being accepted. For information on eligibility and how to apply, please click here. The Linux Foundation’s Travel Fund is also accepting applications, with the goal of enabling open source developers and community members to attend events that they would otherwise be unable to attend due to a lack of funding. To learn more and apply, please click here.

Health and Safety
In-person attendees will be required to be fully vaccinated against the COVID-19 virus and will need to comply with all on-site health measures, in accordance with The Linux Foundation Code of Conduct. To learn more, visit the Health & Safety webpage.

Event Sponsors
Open Source Summit North America 2022 is made possible thanks to our sponsors, including Diamond Sponsors: Google and IBM, Platinum Sponsors: Cloud Native Computing Foundation, Intel and Red Hat, and Gold Sponsors: Camunda, Checkmarx, Coder, Dell Technologies, GitLab, InfluxData, Kubecost, Styra and Whitesource. For information on becoming an event sponsor, click here or email us.

Press
Members of the press who would like to request a press pass to attend should contact Kristin O’Connell.

About the Linux Foundation
Founded in 2000, the Linux Foundation is supported by more than 2,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit linuxfoundation.org.

The Linux Foundation Events are where the world’s leading technologists meet, collaborate, learn and network in order to advance innovations that support the world’s largest shared technologies.

Visit our website and follow us on TwitterLinkedin, and Facebook for all the latest event updates and announcements.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

###

Media Contact

Kristin O’Connell
The Linux Foundation
koconnell@linuxfoundation.org

New Open Source Project at the Linux Foundation brings Cloud, Telecom and Network functions providers together in a Kubernetes world 

San Francisco—April 12, 2022  Today, the Linux Foundation, the nonprofit organization enabling mass innovation through open source, announced the formation of project Nephio in partnership with Google Cloud and leaders across the telecommunications industry. The Linux Foundation provides a venue for continued ecosystem, developer growth and diversity, as well as collaboration across the open source ecosystems.

Building, managing and deploying scalable 5G networks across multiple edge locations is complex. The Telco industry needs true cloud-native automation to be faster, simpler and easier, while achieving agility and optimization in cloud based deployments. To address these challenges, Google Cloud and the Linux Foundation have founded “Nephio.”  The project has support from several founding organizations including Service providers: Airtel, Bell Canada, Elisa, Equinix, Jio, Orange, Rakuten Mobile, TIM, TELUS, Vapor IO, Virgin Media O2, WINDTRE as well as Network Function, Service and Infrastructure Vendors: Aarna Networks, ARM, Casa-systems, DZS, Ericsson, F5, Intel, Juniper, Mavenir, Nokia, Parallel Wireless, VMware. 

Cloud Native Principles have come a long way and as we see Cloud Service Providers collaborating with Telecom Service Providers and Enterprises, a new way of simplifying automation of network functions is emerging. 

Nephio aims to deliver carrier-grade, simple, open, Kubernetes-based cloud native intent automation and common automation templates that materially simplify the deployment and management of multi-vendor cloud infrastructure and network functions across large scale edge deployments. 

Additionally, Nephio will enable faster onboarding of network functions to production including provisioning of underlying cloud infrastructure with a true cloud native approach, and reduce costs of adoption of cloud and network infrastructure.

Google Cloud

“Telecommunication companies are looking for new solutions for managing their cloud ready and cloud native infrastructures as well as their 5G networks to achieve the scale, efficiency, and high reliability needed to operate more cost effectively,” said Amol Phadke, managing director, Telecom Industry Products & Solutions, Google Cloud. “We look forward to working alongside The Linux Foundation, and our partners, in the creation of Nephio to set an industry open standard for Kubernetes-based intent automation that will result in faster and better connected cloud-native networks of the future.” 

Linux Foundation 

“Collaboration across Telecom and Cloud Service Providers is accelerating and we are excited to bring Nephio to the open source community,” said Arpit Joshipura, GM Networking, Edge & IOT, The Linux Foundation, “As end users demand end to end open source solutions, projects like Nephio complement the innovation across LFN, CNCF, LF Edge for faster deployment of telecom network functions in a cloud-native world.” 

More information about Nephio is available at www.nephio.org

Service Providers

Airtel

“Zero touch deployment, configuration and operations of network functions predominantly on the edge of the network and in multi-cloud and multi-vendor scenarios is a significant challenge for all operators across the globe. A cloud-native orchestration and automation approach is the absolute need of the hour. Airtel is looking forward to being part of the LF and Google initiative to develop innovative solutions to simplify network operations,” said Manish Gangey, SVP and Head – R&D, Bharti Airtel.

Bell

“Similar to our early participation in the Linux Foundation ONAP initiative, Bell Canada is thrilled to collaborate in this next chapter of Telco softwarization,” said Petri Lyytikainen, VP Network, Bell Canada. “With innovations like 5G, ORAN and a new era of distributed cloud computing, Nephio and its community will be key in accelerating network and infrastructure automation towards a true cloud-native and intent-driven approach. This important work will help drive the evolution of network technology that will benefit Bell customers and the telecoms industry in Canada for years to come.”

Elisa   

“Elisa has a long history of network automation and cloud services. That has been utilized by the leading network analytics and automation solution provider Elisa Polystar,” said Anssi Okkonen, CEO of Elisa Polystar. “We are looking forward to working together with Linux Foundation, Google Cloud and Nephio community to enable new cloud-native automation solutions for building the tools for self-driving networks.” 

Equinix

“We believe in innovation through collaboration and are pleased to join the Nephio project to help build advanced digital infrastructure orchestration capabilities for telco (5G) cloud native network functions,” said Justin Dustzadeh, CTO at Equinix. “We look forward to collaborating with the developer community and members of the Nephio project to make it easier for developers to manage distributed infrastructure and help businesses drive digital transformation.”

Jio

“Jio is excited to be part of the Nephio initiative. At a time when 5G Standalone deployments are rapidly coming on-stream globally, Nephio will play a pivotal role in the journey of telcos towards adopting a cloud native 5G Network,” said Aayush Bhatnagar, SVP, Jio. 

Orange

“For telecom operators, Cloud Native technologies will unleash many new opportunities. By providing a cloud native intent automation framework, Nephio should play a key role in the telecommunications ecosystem by enabling on-demand connectivity and zero touch operator capabilities, thus benefiting the entire industry, developers, vendors, integrators, operators,” said Laurent Leboucher, group CTO and SVP, Orange Innovation Networks.

Rakuten Mobile

“The telecommunications industry is undergoing transformative change, with cloud native technologies bringing the industry into the modern era. When building Rakuten Mobile’s cloud native network in Japan, we understood the challenges of an open ecosystem and also realized the many benefits of cloud architecture, including automation, zero-touch provisioning and unprecedented agility. We’re excited to join Nephio in working to reimagine what telecommunications can be in the cloud era,” commented Sharad Sriwastawa, CTO, Rakuten Mobile.

TIM

“We believe that the adoption of Cloud Native technology and philosophy will represent a cornerstone for the future of telecommunications, merging the world of cloud services and the world of telco services into one single digital platform. The automation framework is probably the most sensitive and strategic part of this platform that will be able to stimulate innovation during coming years,” said Crescenzo Micheli, VP Technology & Innovation at Telecom Italia (TIM). “We believe the Nephio project could play a fundamental role to speed up this process.” 

TELUS

“TELUS is excited to be contributing to this Linux Foundation project. Innovation and collaboration have been a life-long journey for us; accelerating the adoption of Cloud Native technologies is a must to meet our customers’ ever-changing expectations,” said Ibrahim Gedeon, CTO at TELUS. “We are excited to build on our 10-year strategic partnership with Google Cloud and collaborate with the Linux Foundation. Together we will maximize the scalability and agility of our global-leading network, simplifying and rethinking the operating digital models of our customers while building a better future for all Canadians and globally. This cannot be more true than with 5G and fiberizing the world as we enter a new era of hyper-connectivity. Combining high speeds, bandwidth and reliability with cloud computing and automation will transform the way we operate, enabling solutions like smart cities and connected cars and transforming key verticals across agriculture, healthcare and manufacturing.”

Vapor IO

“Nephio depends on critical underlying infrastructure like Vapor IO’s Kinetic Grid to automate the deployment of carrier-grade network functions,” said Cole Crawford, founder & CEO of Vapor IO. “Automating at-scale operations across multiple clouds is a complicated task. We applaud Google for selecting the Linux Foundation for bringing these capabilities to market via an open source platform. This could be a watershed moment in the telecom industry, transforming historically complicated network deployments and operations into cloud-native workflows with high degrees of automation. This will lower the cost of 5G deployments and increase the overall competitiveness of the telecom industry.”

Virgin Media O2

“We are continually looking at improving and evolving our automation strategies, especially around Kubernetes.  We are incredibly motivated to work closely with the Linux Foundation and Nephio toward network automation and the process of using software to automate network and security provisioning and management to maximize network efficiency and functionality continuously,” said Paul Greaves, head of Automation and Orchestration Virgin Media O2.

WINDTRE

“Cloudnative platforms are an essential offering for accelerating the enterprises’ digitization journey plans over the next few years. Nephio, the new automation model based on Kubernetes, is the step to support the evolution of 5G networks and the edge infrastructures for dynamic services. We are pleased to be part of the Nephio community,” said Massimo Motta, Architecture and governance director of WINDTRE.

Network Function, Service and Infrastructure Vendors

Aarna Networks

“We actively utilize and contribute back to Linux Foundation Networking projects to help customers simplify the orchestration, lifecycle management, and automated service assurance of 5G networks and edge computing applications,” said Amar Kapadia, co-founder and CEO, Aarna Networks. “Similarly, we look forward to collaborating on the Nephio project to simplify numerous platform, infrastructure, and network pain points of 5G and edge deployments.” 

Arm

​​“5G is expected to be the fastest-deployed mobile technology in history, but only if we can remove the barriers to efficient large-scale deployment. The founding of Nephio brings the benefits of cloud native technology to 5G networks, improving operational agility and reducing deployment costs so that we can economically meet the surge in connectivity demand,” said Eddie Ramirez, VP, Infrastructure Line of Business, Arm.

Casa Systems 

“Next-generation networks require the flexibility and agility of the cloud at the network edge. We are pleased to be working with the Linux Foundation, Google and the broader community of partners on the Nephio initiative to develop industry standards for cloud-native, Kubernetes-based automation and orchestration solutions that will enable tomorrow’s all-connected world,” said Gibson Ang, vice president of Technology and Product Management, Casa Systems

DZS

“As an advocate of open standards-based solutions for the network edge, DZS enthusiastically supports this joint initiative with the Linux Foundation and Google. We look forward to collaborating with global converged carrier customers of DZS and other ecosystem partners on the Nephio project as we usher in a new era of connectivity by addressing the industry demand for multi-domain, software-driven automation and orchestration across distributed cloud-native networks for 5G and beyond,” said Andrew Bender, CTO, DZS. 

Ericsson

“The openness and flexibility of the 5G cloud native architecture brings significant opportunities for CSPs to expand existing business as well as building new business for enterprise customers. For CSPs to scale the business, simplification and automation of lifecycle and workload management across hybrid and multi cloud environments is key,” said Anders Vestergren, head of strategy portfolio and technology, Business Area Digital Services, Ericsson. “We look forward to collaborating with other industry leaders as part of the Nephio project to enhance Kubernetes with an industry-standard automation framework for cloud native deployments.”

F5 

“F5 has been partnering with many service providers in their transformation journey building and operating cloud-native infrastructure for 5G, with special focus on scaling and securing telco protocols and workloads. We are excited to join the Linux Foundation and the Nephio project to help accelerate our customers’ digital initiatives,” said Ankur Singla, SVP, GM, Distributed Cloud Services, F5.

Intel 

“Innovation at the edge is the next frontier of business opportunity. Nephio is a ground-breaking step to provide Cloud Service Providers with a carrier-grade, open, and extensible Kubernetes-based cloud-native automation framework, and common automation templates that simplify large scale edge deployment. We are pleased to be working in collaboration with the Linux Foundation and broader Nephio community to help simplify edge automation,” said  Rajesh Gadiyar, VP and CTO, Network Platforms Group at Intel.

Juniper

“Kubernetes-centric automation, leveraging cloud native principles, is an integral part of Juniper Networks’ experience-first networking strategy. We are therefore excited to join the Nephio project at the Linux Foundation as a founding partner, continuing Juniper’s long-standing tradition as a major supporter of and active contributor to the open source community. We look forward to working with other leading technology companies and mobile operators, as well as the broader Kubernetes open source community, to ensure that Nephio helps to advance cloud native automation at scale, for the benefit of all.” Constantine Polychronopoulos, VP of 5G & Telco Cloud at Juniper Networks.

Mavenir

“Network automation is a key driver for Telco network cloudification. A Kubernetes native automation framework with proven success in other vertical applications automation is promising for the Telco space. We are pleased to be part of the Google/Linux  Foundation initiative to accelerate this move on the public cloud and look forward to collaborating with the Nephio community,” said Bejoy Pankajakshan, CTSO of Mavenir.

Nokia           

“Nokia has always led in the drive to deliver open cloud-based networks and services that usher new value and possibilities of customer experience that fuel revenue growth for everyone. Automation of deployment, configuration and operations of network functions, that work seamlessly in a complex multi-cloud and multi-vendor network environment, are key to achieving the above goals. Nokia is pleased to join its customers and partners in a collaboration to co-innovate on the ‘democratic’ building blocks for the right tools of tomorrow’s networks.” Jitin Bhandari, CTO, Cloud and Network Services, Nokia

Parallel Wireless     

Steve Papa, CEO, Parallel Wireless, said, “Parallel Wireless is cloudifying 2G 3G 4G and 5G Open RAN and the Google/Linux Foundation initiative cloud-native architecture will allow fast deployment of RAN services on site, fast and fault-proofed upgrades and scalability — where resources can be scaled in an instant based on the end-user needs. Parallel Wireless is proud to join this initiative to help mobile operators modernize their networks via cloudification and bring innovation and cost savings.”

VMware

Lakshmi Mandyam, vice president of product management and partner ecosystems, Service Provider & Edge, VMware, said, “CSPs are embracing multi-cloud to create revenue-accelerating services, reduce operational costs and simplify network operations.  VMware’s vision for CSPs enables a cloud-first approach to management and orchestration across the core, RAN and edge, aligning with the goals of the Linux Foundation and Nephio project. We look forward to contributing to this initiative that will foster a multi-vendor ecosystem and support faster on-boarding, automation and life-cycle management for cloud-native networks.”

About Nephio

Nephio’s goal is to deliver carrier-grade, simple, open, Kubernetes-based cloud-native intent automation and common automation templates that materially simplify the deployment and management of multi-vendor cloud infrastructure and network functions across large scale edge deployments. Nephio enables faster onboarding of network functions to production including provisioning of underlying cloud infrastructure with a true cloud native approach, and reduces costs of adoption of cloud and network infrastructure. More information can be found at www.nephio.org.

About the Linux Foundation

The Linux Foundation is the organization of choice for the world’s top developers and companies to build ecosystems that accelerate open technology development and commercial adoption. Together with the worldwide open source community, it is solving the hardest technology problems by creating the largest shared technology investment in history. Founded in 2000, The Linux Foundation today provides tools, training and events to scale any open source project, which together deliver an economic impact not achievable by any one company. More information can be found at www.linuxfoundation.org.

#####

Registration opens for FINOS’ Open Source in Finance Forum (OSFF) London, taking place alongside partner event Fintech Week London 

London, UK – March 8, 2022 – FINOS, the Fintech Open Source Foundation and financial sector arm of the Linux Foundation, and The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced its partnership with Fintech Week London. Their annual event, Open Source in Finance Forum (OSFF), will take place in London on 13 July, during Fintech Week London, which will run from 11 – 14 July.

This partnership highlights the elevated presence of open source software and open collaboration in the financial services industry, and will allow attendees of both conferences an opportunity to learn more about integrating open source software into their technology strategies. Through partnering with Fintech Week London, FINOS bolsters its European footprint – one it is focused on expanding over the course of 2022.

“Partnering with Fintech Week London signifies the growing recognition and appetite for financial services and fintechs to adopt and contribute to open source,” said Gabriele Columbro, Executive Director of FINOS. “Each year, our goal with OSFF is to not only inspire attendees to foster the open source community within financial services, but also bring industry leaders from financial institutions, fintechs and the regulatory space together to discuss how open source can drive innovation across the industry. This partnership is a natural way to bridge the efforts of Fintech Week London and FINOS in fostering technological innovation in the financial services industry.”

The Open Source in Finance Forum is dedicated to driving collaboration and innovation in financial services through open source software and standards. The first iteration of this conference, previously known as the Open Source Strategy Forum, took place in 2017, and it has since then grown to become the flagship event for the fast growing open source movement in financial services and its unique challenges. OSFF will also be held in New York City, USA on 8 December. The call for proposals is open for both events – view suggested topics and submit talks for each event at the links provided here: 

“The momentum of financial institutions looking to and relying on open source technology to scale and grow their businesses is growing at a rapid rate.” said Jim Zemlin, Executive Director, The Linux Foundation. “Holding Open Source in Finance Forum London as part of Fintech Week London will allow us to make even more financial institutions – especially in the UK – open source ready.”

Fintech Week London shines a light on the most interesting topics in financial

technology. Traditional financial institutions come together with fintechs and other financial services companies, in one of the world’s oldest leading financial districts. The event brings together high-street banks, challengers, technology giants, and disruptors, to discuss and showcase fintech’s global presence and the forces driving innovation in the industry. 

“I’m very excited that we have the Open Source in Finance Forum as part of the official programme this year,” said Raf De Kimpe, CEO of Fintech Week London. The overall theme for #FTWLondon 2022 is ‘The Coming of Age of the Fintech Industry’; the industry is moving past its infancy to be a full-blown player in finance services. With so many mergers, acquisitions and partnerships taking place, collaboration and innovation are cornerstones of our programme. A day dedicated to open source software and standards is essential to have a well rounded view on evolutions in the Fintech Industry for all our attendees. On the third day of Fintech Week London, etc. Venues 133 Houndsditch will be transformed into the place to be for our attendees to learn how to best and safely leverage open source software to solve industry challenges”

FINOS’ commitment to fostering the adoption of open source reaches beyond US institutions, with an even distribution of contributors in both the United States and Europe. In recognition of its strong European grassroots, FINOS actively invests in nurturing its relationships across seas. Partnerships such as this bring an increased awareness to the collaborative work of developers, contributors and financial institutions driving adoption around the world.    

“Collaborative efforts through open source adoption go far beyond US financial institutions,” said James McLeod, Director of Community for FINOS. “FINOS recognizes the potential power that world-wide collaboration possesses to drive innovation on a grand scale, and that’s why we continue to nurture relationships with our established European developers, financial organizations and fintechs. To continue this progression, we invest in forming new connections to support and expand the work being done by our community.”

Click here to learn more about and register for Open Source in Finance Forum London. To learn more about and register for Fintech Week London, please click here.

About FINOS

FINOS (The Fintech Open Source Foundation) is a nonprofit whose mission is to foster adoption of open source, open standards and collaborative software development practices in financial services. It is the center for open source developers and the financial services industry to build new technology projects that have a lasting impact on business operations. As a regulatory compliant platform, the foundation enables developers from these competing organizations to collaborate on projects with a strong propensity for mutualization. It has enabled codebase contributions from both the buy- and sell-side firms and counts over 50 major financial institutions, fintechs and technology consultancies as part of its membership. FINOS is also part of the Linux Foundation, the largest shared technology organization in the world. Get involved and join FINOS as a Member.

About the Linux Foundation

Founded in 2000, the Linux Foundation is supported by more than 2,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit linuxfoundation.org.

Linux Foundation Events are where the world’s leading technologists meet, collaborate, learn and network in order to advance innovations that support the world’s largest shared technologies.

Visit our website and follow us on Twitter, Linkedin, and Facebook for all the latest event updates and announcements.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds. 

About Fintech Week London

The Coming of Age of The Fintech Industry

Fintech Week London shines a light on the most interesting topics in financial

technology, with a 2-day conference at its core. Traditional financial institutions come together with fintechs and other financial services companies, in one of the world’s oldest leading financial districts: London. From high-street banks to challengers, technology giants to disruptors, this five-day event showcases some of the best that London and global fintech has to offer. 

Mark your calendars for the second edition on July 11-15, 2022. 

To learn more about Fintech Week London please visit our website : www.fintechweek.london


FINOS Media Contact:
Ross Stevens
Caliber Corporate Advisers for FINOS
ross@calibercorporate.com

Fintech Week London Media Contact:
Raf De Kimpe
Fintech Week London 
raf@fintechweek.london

Census II identifies more than one thousand of the most widely deployed applications libraries that are most critical to operations and security 

SAN FRANCISCO – March 2, 2022 — The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced the final release of “Census II of Free and Open Source Software – Application Libraries.” This follows the preliminary release of Census II, “Vulnerabilities in the Core,’ a Preliminary Report and Census II of Open Source Software” and identifies more than one thousand of the most widely deployed open source application libraries found from scans of commercial and enterprise applications. This study informs what open source packages, components and projects warrant proactive operations and security support.  

The original Census Project (“Census I”) was conducted in 2015 to identify which software packages in the Debian Linux distribution were the most critical to a Linux server’s operation and security. The goal of the current study (Census II) is to pick up where Census I left off and to identify and measure which open source software is most widely deployed within applications developed by private and public organizations. This Census II allows for a more complete picture of free and open source software (FOSS) adoption by analyzing anonymized usage data provided by partner Software Composition Analysis (SCA) companies Snyk, the Synopsys Cybersecurity Research Center (CyRC), and FOSSA and is based on their scans of codebases at thousands of companies.

“Understanding what FOSS packages are the most widely used in society allows us to proactively engage the critical projects that warrant operations and security support,” said Brian Behlendorf, executive director at Linux Foundation’s Open Source Security Foundation (OpenSSF). “Open source software is the foundation upon which our day-to-day lives run, from our banking institutions to our schools and workplaces. Census II provides the foundational detail we need to support the world’s most critical and valuable infrastructure.” 

Census II includes eight rankings of the 500 most used FOSS packages among those reported in the private usage data contributed by SCA partners. These include different slices of the data based on versions, structure, and packaging system.  For example, this research enables identification of the top 10 version-agnostic packages available on the npm package manager that were called directly in applications:

  • lodash
  • react
  • axios
  • debug
  • @babel/core
  • express
  • semver
  • uuid
  • react-dom
  • jquery

To review all of the Top 500 lists in their entirety, please visit Data.World.

The study also surfaces these five overall findings that are detailed in the report: 

1) The need for a standardized naming schema for software components so that application libraries can be uniquely identified

2) The complexities associated with package versioning – SBOM guidance will need to reflect versioning information that is consistent with the public “main” repository for that package, rather than private repositories

3) Much of the most widely used FOSS is developed by only a handful of contributors – results in one dataset show that 136 developers were responsible for more than 80% of the lines of code added to the top 50 packages

4) The increasing importance of individual developer account security – the OpenSSF encourages the use of MFA tokens or organizational accounts to achieve greater account security

5) The persistence of legacy software in the open source space

Census II is authored by Frank Nagle, Harvard Business School; James Dana, Harvard Business School; Jennifer Hoffman, Laboratory for Innovation Science at Harvard; Steven Randazzo, Laboratory for Innovation Science at Harvard; and Yanuo Zhou, Harvard Business School. 

“Our goal is to not only identify the most widely used FOSS but also provide an example of how the distributed nature of FOSS requires a multi-party effort to fully understand the value and security of the FOSS ecosystem. Only through data-sharing, coordination, and investment will the value of this critical component of the digital economy be preserved for generations to come,” said Frank Nagle, Assistant Professor, Harvard Business School. 

Supporting Quotes

FOSSA

“Open source software plays a foundational role in enabling global economic growth. Of course, the ubiquitous nature of OSS means that severe vulnerabilities — such as Log4Shell — can have a devastating and widespread impact. Mounting a comprehensive defense against supply chain threats starts with establishing strong visibility into software — and we at FOSSA are thrilled to be able to contribute our market-leading SBOM capabilities and experience helping thousands of organizations successfully manage their open source dependencies to improve transparency and trust in the software supply chain.” – Kevin Wang, Founder & CEO, FOSSA

Snyk

“The Linux Foundation’s latest multi-party Census effort is further evidence that OSS is at the very heart of not only today’s modern application development process, but also plays an increasingly vital behind the scenes role throughout all of society,” said Guy Podjarny, Founder, Snyk. “We’re honored to have made significant contributions to this latest comprehensive assessment and welcome all future efforts that help to empower the developers building our future with the right information to also effectively secure it.”

Synopsys

“With businesses increasingly dependent upon open source technologies, if those same businesses aren’t contributing back to the open source projects they depend upon, then they are increasing their business risk. That risk ranges from projects becoming orphaned and containing potentially vulnerable code, through to implementation changes that break existing applications. The only meaningful way to mitigate that risk comes from assigning resources to contribute back to the open source powering the business. After all, while there are millions of developers contributing to open source, there might just be only one developer working on something critical to your success.” – Tim Mackey, Principal Security Strategist, Synopsys Cybersecurity Research Center

 

Additional Resources

About the Linux Foundation

Founded in 2000, the Linux Foundation and its projects are supported by more than 1,800 members. The Linux Foundation is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, Hyperledger, RISC-V, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

 

###

 

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

Media Contacts

Jennifer Cloer

503-867-2304

jennifer@storychangesculture.com