August 19-21 - Co-Located Events
August 21-23 - Conference
Hilton San Diego Bayfront - San Diego, CA
More information for Open Source Summit + Embedded Linux Conference North America 2019
Back To Schedule
Wednesday, August 21 • 3:15pm - 5:45pm
Workshop: Hands On FOSSology, SW360 and SPDX - Michael C. Jaeger, FOSSolgy.org / Siemens AG*

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
FOSSology and SW360 are both software projects in the area of OSS license compliance. FOSSology can run license, copyright and export control scans and has a Web user interface providing a compliance workflow. SW360 allows organizations for maintaining a component inventory – the software bill-of-material (S-BOM). SW360 generates license compliance documentation for all involved (OSS) components of a product. It enables other use cases in the area of vulnerability management or export control. SPDX is a specification for exchanging license compliance (and more) information about software deliveries.

This tutorial performs a walkthrough on how to implement license compliance. From a java build, dependency information is sent to an SW360 server. In SW360, sending source code to FOSSology triggers license scanning resulting in SPDX documents. Then, SW360 generates license compliance documentation. The tutorial will provide an example case based on a Java software project.

avatar for Michael C. Jaeger

Michael C. Jaeger

Project Lead, Siemens AG
Michael C. Jaeger is one of the maintainers for Linux Foundation\\'s FOSSology and Eclipse SW360 projects, both available on Github and both in the area of OSS handling w.r.t. license compliance and component management. At Siemens Corporate Technology in Munich, Germany, Michael... Read More →

Wednesday August 21, 2019 3:15pm - 5:45pm PDT
Indigo D
  Automating Compliance  Workshops
  • Session Slides Included Yes