Balancing the Supply Chain Act
Session Abstract
Corporate users, volunteer maintainers, and everything in between, how can they work together? In this panel, we bring together different voices to explore: What does each side intend, expect, and need? And how can we bridge tensions in today’s open source supply chain?
Session Description
The typical software supply chain has many participants: open source communities, maintainers, companies, and others. There is a rising number of regulations, policies, and processes around that, for example, the Cyber Resilience Act or other security requirements. Expectations of companies sometimes do not match what the community can or wants to offer, and vice versa. The misalignment creates stress on both sides. How can this stress be resolved, so that all participants can benefit from one another and reap the advantages of open source, which has become ubiquitous wherever software is?
In the panel, we bring together representatives of different perspectives to discuss these questions. It will cover open source maintainers, companies using open source for internal services and for basing products on, and people working on processes.
List of participants:
* Moderator: Melanie Wollnik (OpenRail Association and DB Systel)
* Sven Erik Jeroschewski (Bosch Digital)
* Cornelius Schumacher (DB Systel)
* Dr. Lina Böcker (Osborne Clarke)
* TBA
Together we’ll ask:
* What drives users vs maintainers in the open source supply chain?
* Where do expectations clash?
* How can process, governance and community shape better alignment?
* How can organizations and projects adapt to serve each other, not just co-exist?
