Online / 6 & 7 February 2021

schedule

D.composition


Day Start End Track(s)
Sunday 14:00 18:00 Software Composition
09 10 11 12 13 14 15 16 17
Sunday Software Composition Analysis Devroom Welcome
What is SCA?
OSS Review Toolkit - project update ScanCode projects update
Open source scanning
FOSSology SCA integration SCANOSS: Democratising Open Source Risk Management
Open Source Inventorying designed for modern development (DevOps) environments
Composition analysis of Docker images and other rootfs OSS Projects Update - Concluding Q&A
This slot is for Q&A covering the preceding presentations
Overview Software Bill of Materials (SBOM) Automating creation of Software Bills of Materials
Generating SPDX documents for CMake and Zephyr
CycloneDX Software Bill of Materials Double Open: An automated open source compliance pipeline for Yocto built on SPDX
Automating embedded Linux open source compliance with open tools
Eclipse SW360
Web application for managing software Bill-Of-Material
Software Composition and SBOM - Concluding Q&A
This slot is for Q&A covering the preceding presentations
Building the world’s first free open source database of FOSS and their vulnerabilities.
Learn why and how we are building VulnerableCode, a free and open source database of FOSS components and their vulnerabilities.
Evolving vulnerabilities in CycloneDX DeepScan - assessing your code for effective licenses
Gaining insights and profit from sharing
Automating your license compliance policy with OSS Review Toolkit Usages of Software Composition - Concluding Q&A
This slot is for Q&A covering the preceding presentations
Devroom Software Composition: Concluding Remarks

Events

Title Track Start End

Sunday

  Software Composition Analysis Devroom Welcome
What is SCA?
Software Composition 14:00 14:05
  OSS Review Toolkit - project update Software Composition 14:05 14:20
  ScanCode projects update
Open source scanning
Software Composition 14:20 14:35
  FOSSology SCA integration Software Composition 14:35 14:50
  SCANOSS: Democratising Open Source Risk Management
Open Source Inventorying designed for modern development (DevOps) environments
Software Composition 14:50 15:05
  Composition analysis of Docker images and other rootfs Software Composition 15:05 15:20
  OSS Projects Update - Concluding Q&A
This slot is for Q&A covering the preceding presentations
Software Composition 15:20 15:30
  Overview Software Bill of Materials (SBOM) Software Composition 15:30 15:35
  Automating creation of Software Bills of Materials
Generating SPDX documents for CMake and Zephyr
Software Composition 15:35 15:50
  CycloneDX Software Bill of Materials Software Composition 15:50 16:05
  Double Open: An automated open source compliance pipeline for Yocto built on SPDX
Automating embedded Linux open source compliance with open tools
Software Composition 16:05 16:20
  Eclipse SW360
Web application for managing software Bill-Of-Material
Software Composition 16:20 16:35
  Software Composition and SBOM - Concluding Q&A
This slot is for Q&A covering the preceding presentations
Software Composition 16:35 16:45
  Building the world’s first free open source database of FOSS and their vulnerabilities.
Learn why and how we are building VulnerableCode, a free and open source database of FOSS components and their vulnerabilities.
Software Composition 16:45 17:00
  Evolving vulnerabilities in CycloneDX Software Composition 17:00 17:15
  DeepScan - assessing your code for effective licenses
Gaining insights and profit from sharing
Software Composition 17:15 17:30
  Automating your license compliance policy with OSS Review Toolkit Software Composition 17:30 17:45
  Usages of Software Composition - Concluding Q&A
This slot is for Q&A covering the preceding presentations
Software Composition 17:45 17:55
  Devroom Software Composition: Concluding Remarks Software Composition 17:55 18:00