November 2-4 | Napa, California
View More Details

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for the Linux Foundation Member Summit 2021 to participate in the sessions.

Please note that the schedule is subject to change.
Back To Schedule
Thursday, November 4 • 9:30am - 9:50am
Keynote: SPDX: Open Source Risk Management at Scale - Gary O'Neall, Chief Executive Officer, Source Auditor & Kate Stewart, Vice President of Dependable Embedded Systems, The Linux Foundation

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
When SPDX project started in 2009, one key use case was identifying licensing to manage risk in mergers and acquisitions.   The hardest part of license risk management is generating an accurate software bill of materials.  Today, having a software bill of materials is an emerging regulatory mandate for managing security risk, and a challenge for companies in that software today is predominantly open source.   Lifecycle, usage, quality, provenance and pedigree are additional areas of risk when using open source, so we need to be able to evolve system bill of materials, that works at scale.  

SPDX and the Linux Foundation have a long history of inclusive collaborative development of standards and tools with corporations and individuals, which enabled the ISO certification of SPDX earlier this year. The next challenge for the SPDX specification is enabling automated risk management for these additional use cases.

avatar for Gary O'Neall

Gary O'Neall

CEO, Source Auditor
Gary O’Neall is a contributor to the Software Package Data Exchange® (SPDX™) - a standard format for communicating the components, licenses and copyrights associated with a software package. He has contributed several open source tools which can be found at http://spdx.org/s... Read More →
avatar for Kate Stewart

Kate Stewart

VP Dependable Embedded Systems, Linux Foundation
Kate Stewart is Vice President of Dependable Embedded Systems at the Linux Foundation. She works with the safety, security and license compliance communities to advance the adoption of best practices into embedded open source projects. Since joining The Linux Foundation, she has launched... Read More →

Thursday November 4, 2021 9:30am - 9:50am PDT
Silverado Ballroom