FOSDEM 2021
/
Schedule
/
Tracks
/
Developer rooms
/
Software Composition

Software Composition devroom

Room: D.composition
Calendar: iCal, xCal
Video with Q&A: D.composition
Video only: D.composition
Chat: Join the conversation!

	09												10												11												12												13												14												15												16												17												18
Sunday																																																													Software Composition Analysis Devroom Welcome What is SCA?	OSS Review Toolkit - project update			ScanCode projects update Open source scanning			FOSSology SCA integration			SCANOSS: Democratising Open Source Risk Management Open Source Inventorying designed for modern development (DevOps) environments			Tern and the State of Cloud Native Compliance			OSS Projects Update - Concluding Q&A This slot is for Q&A covering the preceding presentations		Overview Software Bill of Materials (SBOM)	Automating creation of Software Bills of Materials Generating SPDX documents for CMake and Zephyr			CycloneDX Software Bill of Materials			Double Open: An automated open source compliance pipeline for Yocto built on SPDX Automating embedded Linux open source compliance with open tools			Eclipse SW360 Web application for managing software Bill-Of-Material			Software Composition and SBOM - Concluding Q&A This slot is for Q&A covering the preceding presentations		Building the world’s first free open source database of FOSS and their vulnerabilities. Learn why and how we are building VulnerableCode, a free and open source database of FOSS components and their vulnerabilities.			Evolving vulnerabilities in CycloneDX			DeepScan - assessing your code for effective licenses Gaining insights and profit from sharing			Automating your license compliance policy with OSS Review Toolkit			Usages of Software Composition - Concluding Q&A This slot is for Q&A covering the preceding presentations		Devroom Software Composition: Concluding Remarks

Read the Call for Papers at https://github.com/software-composition-analysis/fosdem-2021-devroom.

As we all assemble more complex software apps from an ever growing number of free and open source software components, knowing what's in our code is a must for legal, security and operational reasons. Software Composition Analysis (SCA) is the set of techniques to determine which software components we reuse, where and how, as well as their origin, licensing, vulnerabilities, quality and other important attributes. Open source SCA tools are emerging as the best way to help determine which FOSS software components are used in a software system or application.

You are an SCA FOSS tool or project contributor, maintainer, or user? If so, let's meet at FOSDEM 2021 to share our techniques, experiences and bag of tricks and demo or present our FOSS tools to colloborate towards a better SCA FOSS toolchain.

Event		Speakers	Start	End
Sunday
	Software Composition Analysis Devroom Welcome What is SCA?	Kate Stewart, Philippe Ombredanne, Maximilian Huber, Michael C. Jaeger	14:00	14:05
	OSS Review Toolkit - project update	Thomas Steenbergen	14:05	14:20
	ScanCode projects update Open source scanning	Philippe Ombredanne	14:20	14:35
	FOSSology SCA integration	Anupam Ghosh, Gaurav Mishra, shaheemazmalmmd	14:35	14:50
	SCANOSS: Democratising Open Source Risk Management Open Source Inventorying designed for modern development (DevOps) environments	Alan Facey	14:50	15:05
	Tern and the State of Cloud Native Compliance	Rose Judge	15:05	15:20
	OSS Projects Update - Concluding Q&A This slot is for Q&A covering the preceding presentations		15:20	15:30
	Overview Software Bill of Materials (SBOM)	Kate Stewart	15:30	15:35
	Automating creation of Software Bills of Materials Generating SPDX documents for CMake and Zephyr	Steve Winslow	15:35	15:50
	CycloneDX Software Bill of Materials	Patrick Dwyer	15:50	16:05
	Double Open: An automated open source compliance pipeline for Yocto built on SPDX Automating embedded Linux open source compliance with open tools	Mikko Murto	16:05	16:20
	Eclipse SW360 Web application for managing software Bill-Of-Material	Smruti Prakash Sahoo, Jaideep Palit, Abdul Kapti	16:20	16:35
	Software Composition and SBOM - Concluding Q&A This slot is for Q&A covering the preceding presentations		16:35	16:45
	Building the world’s first free open source database of FOSS and their vulnerabilities. Learn why and how we are building VulnerableCode, a free and open source database of FOSS components and their vulnerabilities.	Shivam Sandbhor	16:45	17:00
	Evolving vulnerabilities in CycloneDX	Gareth Rushgrove	17:00	17:15
	DeepScan - assessing your code for effective licenses Gaining insights and profit from sharing	Jan Thielscher	17:15	17:30
	Automating your license compliance policy with OSS Review Toolkit	Thomas Steenbergen	17:30	17:45
	Usages of Software Composition - Concluding Q&A This slot is for Q&A covering the preceding presentations		17:45	17:55
	Devroom Software Composition: Concluding Remarks	Kate Stewart, Philippe Ombredanne, Maximilian Huber, Michael C. Jaeger	17:55	18:00

FOSDEM21

Online / 6 & 7 February 2021

Software Composition devroom

Sunday

FOSDEM

This year

Practical information

Media and press