Online / 6 & 7 February 2021

visit

D.composition


Day Start End Track(s)
Sunday 14:00 18:00 Software Composition
09 10 11 12 13 14 15 16 17 18
Sunday Software Composition Analysis Devroom Welcome
What is SCA?		 OSS Review Toolkit - project update ScanCode projects update
Open source scanning		 FOSSology SCA integration SCANOSS: Democratising Open Source Risk Management
Open Source Inventorying designed for modern development (DevOps) environments		 Tern and the State of Cloud Native Compliance OSS Projects Update - Concluding Q&A
This slot is for Q&A covering the preceding presentations		 Overview Software Bill of Materials (SBOM) Automating creation of Software Bills of Materials
Generating SPDX documents for CMake and Zephyr		 CycloneDX Software Bill of Materials Double Open: An automated open source compliance pipeline for Yocto built on SPDX
Automating embedded Linux open source compliance with open tools		 Eclipse SW360
Web application for managing software Bill-Of-Material		 Software Composition and SBOM - Concluding Q&A
This slot is for Q&A covering the preceding presentations		 Building the world’s first free open source database of FOSS and their vulnerabilities.
Learn why and how we are building VulnerableCode, a free and open source database of FOSS components and their vulnerabilities. 		Evolving vulnerabilities in CycloneDX DeepScan - assessing your code for effective licenses
Gaining insights and profit from sharing		 Automating your license compliance policy with OSS Review Toolkit Usages of Software Composition - Concluding Q&A
This slot is for Q&A covering the preceding presentations		 Devroom Software Composition: Concluding Remarks

Events

Title Track Start End

Sunday
  Software Composition Analysis Devroom Welcome
What is SCA?		 Software Composition 14:00 14:05
  OSS Review Toolkit - project update Software Composition 14:05 14:20
  ScanCode projects update
Open source scanning		 Software Composition 14:20 14:35
  FOSSology SCA integration Software Composition 14:35 14:50
  SCANOSS: Democratising Open Source Risk Management
Open Source Inventorying designed for modern development (DevOps) environments		 Software Composition 14:50 15:05
  Tern and the State of Cloud Native Compliance Software Composition 15:05 15:20
  OSS Projects Update - Concluding Q&A
This slot is for Q&A covering the preceding presentations		 Software Composition 15:20 15:30
  Overview Software Bill of Materials (SBOM) Software Composition 15:30 15:35
  Automating creation of Software Bills of Materials
Generating SPDX documents for CMake and Zephyr		 Software Composition 15:35 15:50
  CycloneDX Software Bill of Materials Software Composition 15:50 16:05
  Double Open: An automated open source compliance pipeline for Yocto built on SPDX
Automating embedded Linux open source compliance with open tools		 Software Composition 16:05 16:20
  Eclipse SW360
Web application for managing software Bill-Of-Material		 Software Composition 16:20 16:35
  Software Composition and SBOM - Concluding Q&A
This slot is for Q&A covering the preceding presentations		 Software Composition 16:35 16:45
  Building the world’s first free open source database of FOSS and their vulnerabilities.
Learn why and how we are building VulnerableCode, a free and open source database of FOSS components and their vulnerabilities. 		Software Composition 16:45 17:00
  Evolving vulnerabilities in CycloneDX Software Composition 17:00 17:15
  DeepScan - assessing your code for effective licenses
Gaining insights and profit from sharing		 Software Composition 17:15 17:30
  Automating your license compliance policy with OSS Review Toolkit Software Composition 17:30 17:45
  Usages of Software Composition - Concluding Q&A
This slot is for Q&A covering the preceding presentations		 Software Composition 17:45 17:55
  Devroom Software Composition: Concluding Remarks Software Composition 17:55 18:00