View Source

Date/Time

Apr. 1, 2025, 12:00am (UTC) / 09:00pm(JST) via Zoom

Attendees

Masanori Itoh (Toyota)
Hiroyuki Ishii (Panasonic)
Masato Endo (Toyota)
Walt (Linux Foundation)
…

Discussion Materials

Presentation deck under review: https://docs.google.com/presentation/d/1xOR1PVTob6HcsxVgw6_DID2x3-dEvgHT/edit
- Snapshot of the above deck under review on Mar. 25, 2025 10:50am(JST)/01:50am(UTC)
- Snapshot of the above deck under review on Apr. 1, 2025 6:00pm(JST)/9:00am(UTC)
  - …

Next Meeting

Apr. 15, 2025

Agenda/Minutes

Executive Presentation Deck v1 Finalize
1. Completed to reflect comments to the final draft
2. Need help for English check and artwork improvement
3. Publish v1.0 (initial release) after the above check and improvement ASAP
Discussion of Next Actions (Brain Storming)
x

Discussion

Some additional materials for the (Executive) Presentation deck
- Matrix of ways to use the presentation depending on the target and company’s maturity level
Consultation/support for establishing OSPO for companies (meeting base)
- Explanation story depending on company’s maturity level
- Actual operations of OSPO after its launch
- Japan team already began a trial under LF Anti Trust Policy

Brain Storming Seeds

How to accelerate contribution
1. Not only AGL
2. How to set KPI of contribution
Creating a FAQ for front line engineers
1. How to handle Corporate CLA
Concrete activities of 'Contribution' (Improve Understanding what todo)
1. In preparation of an explanation deck of ‘Illusion and Reality of Contribution’
Hands-on of Contribution (Improve technical skills)
OSPO-EG as the OSPO of AGL?
Other issues/pain points
1. …

From Mar. 4 meeting

Recap of Recent Events
1. AGL AMM Spring
  1. Two in-person meetings regarding OSPO-EG (Feb. 25 before SC, Feb. 26 OSPO-EG Updates session), and we got several important comments / questions and discussion.
    1. What is the most important among OSPO activities (Strategy, Compliance, Contribution)?
    2. (Quantitative) KPI of OSPO activities
    3. …
2. OpenChain JapanWG Community Day Recall
  1. Mar. 3-4
    1. Panel Discussion
      - “Your OSPO is not my OSPO“
      - Some companies started OSPO formation from SBOM handling.
      - Renesas case was interesting because their contribution activity was driven/promoted by marketing team not engineering team.
    2. Day2 panel
      - Lots of companies are still handling SBOM using Excel. We have to support those companies/people and ease their pains by offering .
      - Q. What is the use case of SBOM files?
        (1) License Compliance, (2) Security Assurance, …
        Some people mentioned configuration management too. E.g., Dependency management
        Now, there is no clear standard/guideline for SBOM quality. Some organizations/documents mention SBOM quality, but not clear. For example, what kind of information an SBOM file contain? Supplier name, package name, version, etc. Fluctuations in abbreviation. This causes difficulties to handle SBOMs.
        Q. Linux kernel case?
        D. Yocto kernel, Renesas kernel…
Executive Deck Review Status
- English Expression Improvement → Reflected comments from Philipp
- Section 1.3 wording: “Consumption” instead of “Usage“ → “Usage”
- Chapter 2 cover slide wording: “Opportunities” or “Benefits” --> “Opportunities”
- “Usage or Contribution” per each slide
  - Section 1.3 “Usage and Contribution” is not described/mentioned later chapters, especiially Chapter 2(“Opportunities”) and Chapter 3(“Management” to control “Risks”).
  - Discussion to put badge(s) (“Usage“ or/and “Contribution“ ) in the title line of each slide. But, many slides have both aspects. Endo-san will update slides.
- “2.1 Ecosystem“
  - Ecosystem has 2 sides. One is to be the leader of leaders as a winner of competition, the other is sharing a set of software components as a kind of common property to be maintained/improved collectively. Philipp’s statement (already reflected) covers both (IMHO). Endo-san has another idea.
- Consider to add (example) KPIs