 Hello, I'm Masato Endo from Toyota Motor Corporation. I'm engaged in planning and development of biosense service. At the same time, I'm focused on developing OSS compliance structure in Toyota. Furthermore, I'm also engaged in Openchain project. Openchain is a Linux foundation project to develop open source compliance standard. I'm a leader of Openchain, a Japanese promotion subgroup, and automotive chair of Openchain project. Today, we have a joint presentation about Openchain, titled, The Way Forward to Obtain the Openchain Certification. Toyota and Fujitsu are already for Openchain certification. So today, Osaki-san from Fujitsu and Tanaka-san from Toyota will introduce the experience for Openchain certification. Osaki-san, please introduce you. Thank you, Endo-san. Hi, my name is Tomo Osaki and I'm working for Fujitsu. I'm working in OSS compliance in Japan and foreign countries in Fujitsu Group, and also working for the Openchain working group in Japan, and also Openchain project in the Linux foundation. And I'm just some member of the Openchain board attending. Thank you very much. Thank you, Osaki-san. Next, Tanaka-san. Tanaka-san is my car worker and had great effort for Openchain certification. Please, Tanaka-san. Thank you, Endo-san. Hello everyone. I'm Miyu Tanaka from Toyota IP Division. I'm in gas name process development and in-house education for using and contributing to the open source software at Toyota Motor Corporation. Thank you. Back to you, Endo-san. Yeah, thank you so much. So, I'd like to start at first. I'd like to share what is Openchain and what is Openchain standard. Please for a moment. Can she? No problem? Okay, yeah. Yes. So, at first, I'd like to explain about the copyright management open source software. Every open source software had licenses. And we have to respect each license because I think open source license is an intention of each developer. So, at the same time, if the company is not satisfied with each condition of open source license, they will involve some legal risk and another risk such as litigation risk or security risk and so on. So, we have to manage open source license appropriately. And recently, the scale of the software development become larger and larger. So, for example, even if many companies in supply chain can handle open source software appropriately, but even if only one company can't handle open source software, the risk of the license spread whole supply chain. So, it is very important each company has a good open source governance structure system inside the company. But it is very difficult to develop such type of structure in itself. So, I think process standard was needed for all companies to develop software. So, Linux Foundation people and the community people decided to make the OpenGen project. OpenGen project is a Linux Foundation's official project to develop standard of OSS license compliance. And a Platinum member in this list. So, many companies supported this project. For example, platformers such as Facebook, Google, Microsoft, Uber supported this project. And many industries such as semiconductor, automotive and media companies also supported it. So, of course, many Japanese companies, six Japanese companies, Platinum members of OpenGen project. Fujitsu, Hitachi, Panasonic, Sony, Toshiba and Toyota. Of course, OpenGen project is an open source project. So, everyone can join this project freely and everyone can contribute and everyone can use output of OpenGen project freely. And purpose of OpenGen is very simple because to make the standard for the open source process of each company. If each company can get the open gen component, each company's level of the open source compliance are stable and become very high. So, whole supply chains level is also become bottom up. And so, I think to improve and to... Everyone can handle the open source program appropriately and the final product becomes very safety for the open source license. And three major output of OpenGen is specification, curriculum and conformance. Specification is an OpenGen standard itself. And if the companies get the... No, if the company satisfy with each condition of the specification, companies can get conformance. And I think education is very important to get conformance. So, each member of the OpenGen community developed educational materials. This is a content of the OpenGen spec 2.0. This is overall image of the OpenGen spec. For example, OpenGen spec called for the open source policy. And the company have to making the policy and inform engineers by the internet and so on. And education and the responsibility and the liaison structure have to define. And each company have to make process to make the build materials and review the license and how to release copyright or source code. This is also have to making the process. So, if each company can get the conformance of the OpenGen, I already say the level of the open supply chain will improved. At the same time, some company, for example, can appeal. We already got the OpenGen conformance. So, we are safety, please use our software. So, the company can use OpenGen conformance for sales point. So, already many, many companies got the conformance. And at the same time, another company also seek for the open source conformance right now. And in this fall, great news was coming because OpenGen specification will become the ISO standard. This process started in this May and already approved is finished. So, waiting for the publication of the ISO. So, if ISO publication is happened, I think OpenGen specification becomes more popular and many people want to get the OpenGen certification. So, today's presentation from the Toyota and Fujitsu is very useful for them. So, I'm looking forward to Tanaka-san and Osaka-san's presentation. So, at first, I'd like to start Toyota's presentation. Please, for a moment. Can you hear me? Okay. Okay. Tanaka-san, please. Thank you, Endo-san. I'm Miya Tanaka from Toyota IP Division. Today, I'd like to talk about our process of OpenGen certification. And there's a pattern of efforts for OpenGen certification. Some people may not be familiar with OpenGen certification frameworks. Also, others may not be sure how to start with for the purpose of OpenGen certification. That's why we'll talk about what is OpenGen certification at first. And then, we'll focus on what kind of process is required to get certification and how did Toyota do. First, I'd like to introduce two reasons why Toyota focused on OpenGen certification. The first reason we will show and explain in this slide. And the other one will be on the next page. As many of you may know, Toyota has set the goal of making a formal change from a company. That makes cars to a mobility company. Therefore, software development is very active in Toyota, and software development using OSS is accelerating in our company. For example, the activities of Automated Gray Linux, which is a project under the Linux Foundation, are performed. Please next page. The second reason for obtaining OpenGen certification is related to issues unique to the automotive industry. As the scale of software development has been expanding over the years, it is difficult for OEM company to complete the software development by only OEM. So Toyota is developing software with a large number of suppliers. As many suppliers are involved in the software development, following the supply chain like Tier 2, Tier 1, OEM. It was important to understand what OSS is used of chain basis. However, the awareness and the governance as to OSS was different in each supply chain, or different with each supplier. That's why we focused on OpenGen certification for the establishment of OSS compliance at supply chain overload. To build a relationship with mutual trust and real first, try to obtain certification as a leverage entity of supply chain. Now I'd like to introduce our five challenges for OpenGen certification. The first challenge is related to the question. We understand the requirements for certification, but we don't know how to start with. In order to answer for the question, we defined the necessary documents for each certification condition supported by Fujitsu. These documents are called TOCP, Toyota OpenGen packages in short. The policies and processes are described in TOCP and it is on the internal website so that each organization can easily find when necessary. The next challenge is related to the question corresponding to 3.2 management program. The only more process and corresponding documents is not sufficient in our company, as many kinds of development are in our company. Therefore, we have prepared four processes, one in-house development, two supplier development, three L&D in-house tools, and four contribution. Basically, we focused on in-house development process at first and we considered the last three types of process based on the in-house development process. For example, regarding to supplier development, we designed a process that allows OSS information to be exchanged properly and allows OSS license to be reviewed internally. Regarding three L&D in-house tools, the process is relaxed as compared to the in-house development process. Regarding four contribution, the process was focused on how quickly can Toyota contribute to the community because we wanted to encourage engineers to contribute to the community. The third challenge is related to the question corresponding to 3.1 bond process. We don't know how to manage OSS information. Therefore, we have prepared a template for the OSS information management. The template is named OSS evidence format. In this template, three kinds of check process by the person in charge, approval and creator is described for the successful OSS information exchange. The template is based on the SBDX rights format defined by the Open Change Japan working group. The fourth challenge is related to the question corresponding to 1.3 review process. It takes time to understand the license. As you know, the license text is all written in English. It takes time to check its license condition in detail. Therefore, we are using the simple OSS license viewer. This tool allows employees to easily understand the obligations and the discrimers. So it is on the internal website and widely used by the engineers. The fifth challenge is related to the question corresponding to education in 1.2. How can we notify the necessity of OSS compliance to the employee who are not familiar with software development such as purchasing department and sales department? Therefore, we have prepared educational material suitable for each level. For example, what is OSS? What kind of risk will there be in the case of distribution? Our return due to the important matters. We created online documents for our employees as well. And 60,000 employees are currently educated. For engineers who are familiar with OSS, we have created a manual that explains the condition of typical OSS licenses in detail. In addition, we are providing online courses and corresponding confirmation checkpoints for better understanding as to OSS licenses. As you may know, this OpenChain spec was approved as an ISO standard in November. And Toyota will release the acquisition of OpenChain certification at the same time. As I mentioned earlier, there were various challenges for the certification, but we were able to successfully obtain the certification supported by Fujitsu. Thank you so much, Aokisan and Osexan and all members of this project. We hope that more companies will use this framework in the future. Finally, I'd like to talk about the next step. We'll promote the acquisition of OpenChain certification to the automobile industry because the certification by only OEMs are acquired for the moment. More suppliers in the automotive industry, including companies in our supply chain, we were able to establish or improve OSS compliance using OpenChain framework. Through this kind of activity, we would like to create an environment where all engineers in OEMs and suppliers can make the best use of open source. The photos in this slide is taken at the exhibition at this year's CES. We will continue to actively participate in OpenChain community activities and continue to inform everybody on the information related to OpenChain certification with the community. Furthermore, as a member of the Japan Working Group, Automated Working Group in OpenChain, we would like to work on solving any OSS compliance issues in Japan companies and automobile companies. Thank you. That's all for my part. End of summary, please continue to the presentation. Thank you so much. I think I also proceeded to get the performance in Toyota. We have many issues inside my company. Community people such as Fujitsu-san, Hitachi-san and Sonisa can give know-how or knowledge of the open source compliance. At the same time, for example, the partners of the following companies such as Facebook, Google, Qualcomm, IBM can also give us know-how about the open source license compliance. So if you also join OpenChain project, you can get many knowledge or many know-how of the open source license compliance. So please join the project. Yes, this is a Toyota presentation. I think Toyota is a hardware-oriented company. So this is many headaches about the change hardware to software. But the next case is Fujitsu-san is a very long history IT company. So they are more advanced from Toyota. So I think I remember about one year ago Fujitsu-san already got the OpenChain performance. And half a year ago, they expand the employees of open source compliance. So please, Osaki-san, introduce your presentation. Okay. Thank you, Endo-san, and let me explain my part. Hi, I'm Tomo Osaki, and I'm working for Fujitsu and working for the OpenChain Conformance project. As Endo-san said, last year we first got an OpenChain Conformance for the software unit. That's November. And following that this March, we got a second Conformance for the platform software unit. And it exceeded 3,000 people related to the OpenChain Conformance. And we are now expanding the OpenChain Conformance to the subsidiary companies or network-related divisions and also foreign companies. And before saying this, the way for the OSS involvement differs from the organization to organization. So my presentation is focusing on that OpenChain international standards can be yet another path for the OSS involvement. And first, the simple question, how to involve non-development related people or organization into OSS in your company? It's a very simple question. And the reasoning matters. That means the Open OSS is just impressive for the development people and OSS advantages like a code base or just in a security or quality, many kind of things are very impressive to the development people. However, the OSS advantages that move developers are sometimes not impressive to non-development related to people or organizations. This kind of thing is something like a quality control people or sales people or procurement people. Many people are not motivated by the OSS advantages by the developers. And also the subsidiary companies or foreign companies have a different motivation for the OSS. And so it's not simple to just do the way to proceed in getting a conformance that we get in last November or this March. And the message of this presentation is that now OpenChain international standards can be yet another path for OSS involvement. That means OSS compliance is just a breach of the non-development related people and organization to OSS. And first, the OpenChain is about compliance. This is the first part. For the non-development people or organization, the OSS is just not conforming with their everyday work at the glance. But OpenChain focuses on OSS compliance governance and just checking the internal procedures or rules and the OSS OpenChain description. And so for them, the OSS is not related to the code or just itself. But they can just know that the influence for the OSS compliance governance to their everyday procedure work. So the thing that OpenChain is about compliance is the best way to just involve the non-development related people. And the second thing is that now OpenChain becomes an international standard. As Anderson said, OpenChain is now getting ready for the publishing of the international standard ISO IEC 5230. And after OpenChain becomes an international standard, the OSS compliance governance request from the OSS related organization is not from the inner rule or rather inner rule. It's an outer rule and maybe some other companies like your customers or upstream or downstream companies will ask you. It's another rule. And so no politics related to the issue occurs. And also the international standard related to the environment or other restrictions that the non-development organization are just complying. And so this is the second reason that OpenChain becomes an international standard. And then the non-development people organization has just, it's a way to get involved in the OSS compliance. And third is that Fujitsu is an expanding conformance. That's a sign that we are just actually showing that now OpenChain international standard is just a good way to involve non-development people into the OSS. As I said, first, last November Fujitsu gotten our first OpenChain 2.0 conformance and following that second OpenChain conformance for this March and exceeding 3,000 people. And so the first two organizations are very enthusiastic about the OSS and just made many contributions to the OSS community. But if you want to expand the OSS conformance to the subsidiary companies or foreign companies, the situation differs. And in the left bottom is a worldwide number of people in the Fujitsu group. It's in the EMEA or Asia, Australia and America and a lot of people are working outside Japan. And the business procedures and also internal rules are totally different from the Fujitsu's OpenChain conformed organizations. And we are now trying to just adjust such kind of differences. And the thinking of the OpenChain is now the international standard. And so it's not time to adjust the outer loop change. So this thing is that the way that we show that now OpenChain's international standardization is just a good way to become an involvement. That's all for my presentation. Thank you. Thank you, Osaki-san. I'd like, I think this is a very impressive presentation for us because we also have to expand Open Source conformance to inside the Toyota Motor Corporation. And at the same time, we also, our overseas subsidiaries also have to get the conformance. So very impressive and we'd like to exchange information. And I think Osaki-san mentioned the importance of the community. I think community is very important because we can exchange information and the knowledge of the Open Source license compliance. So just a moment. Okay. Yes. Sorry. So we provide the opportunity to exchange inside the community by Japanese language. Of course, OpenChain has not only Japan's work group, but also China, India, Taiwan, and Korea, and UK and Germany also. So you can exchange information and you can discuss about Open Source license compliance by your mother languages. And in Japanese work group case, this work group is very active because over 200 people joined and held all members meeting every two or three months. And seven sub-work groups are also very active and making the output for Open Source license compliance. So everyone can join this work group very freely and everyone can get the output of this sub-work group is also freely. So if interesting in Japanese sub-work group, please access this GitHub site. You can search OpenChain JWG. And if you are interested in joining the OpenChain, please join them at first. Please join the OpenChain mailing list. And if you want to read the article of the OpenChain and the OpenChain specification, please access the Keith Advent calendar. We upload a blog every day in this month. So you can search by Google, OpenChain, and the Advent calendar for Keith. Thank you so much. Osaki-san, they have some additional comments. Yes, thank you Endo-san. Now OpenChain and Japan work group is a very good community. And it's not because we are focusing on the OpenChain specification, but also we are sharing the Open Source compliance itself. And for the characteristic of the OSS compliance, it's related to the internal procedure or politics or some minor rules and not published in the document. So, exchanging the information or impression about the OSS compliance itself is very fruitful to your company's open source licensing governance. And it's also fruitful to all of the other companies because we are connected to the supply chain. So if every company just fulfills an OpenChain conformance, getting an OpenChain conformance, we all have a fruit of an OpenChain conformance and OSS related troubles of real diminution. And we will have just a good result from the OSS development. Yeah, that's my comment. Thank you. Thank you, Osaki-san. That's all presentation. So thank you so much for giving this precious opportunity. Yeah, that's all. Thank you, Osaki-san, and thank you Tanaka-san. Bye-bye.