Eclipse Foundation Launches Open Regulatory Compliance Working Group
Written by Sue Gee   
Tuesday, 24 September 2024

The Eclipse Foundation has announced the formation of the Open Regulatory Compliance Working Group (ORC WG), which they say will support participants across the open source community in navigating and adhering to evolving regulatory frameworks.

The group will aim to help developers, enterprises, industries, and open source foundations, and will also work closely with governments and regulatory bodies "to enhance their understanding of the unique open source development model".

Eclipse Fdn

The driver for creating the group is the increasingly regulated software supply chain, according to the foundation. Mike Milinkovich, executive director of the Eclipse Foundation, said in a statement:

"Given the impact of software technology on the global economy, it is unsurprising that governments worldwide are enacting new regulations to safeguard privacy, security, and accessibility. The Open Regulatory Compliance Working Group was created to bridge the gap between regulatory authorities and the open source ecosystem."

The group will work to formalise industry best practices and offer resources to help organisations. In practical terms, its immediate focus will be the European Cyber Resilience Act (CRA). The act, which is due to be implemented before the end of 2024, covers products or software with a digital component, and requires the introduction of mandatory cybersecurity requirements.

There has been support for establishing the working group from a broad range of open source organisations and private companies and participant organisations at the time of the launch include:

Apache Software Foundation (ASF), Blender Foundation, Robert Bosch GmbH, CodeDay, The Document Foundation, FreeBSD Foundation, iJUG, Lunatech, Matrix.org Foundation, Mercedes-Benz Tech Innovation GmbH, Nokia, NLnet Labs, Obeo, Open Elements, OpenForum Europe, OpenInfra Foundation, Open Source Initiative (OSI), Open Source Robotics Foundation (OSRF), OWASP, Payara Services, The PHP Foundation, Python Software Foundation, Rust Foundation, SCANOSS, Siemens, and Software Heritage.

The new working group will focus on ensuring compliance with the new legislation, and will look at the development of cybersecurity process specifications and best practices aligned with the requirements of the CRA. The group has already secured formal liaison status with the European Committee for Standardization (CEN) and the European Committee for Electrotechnical Standardization (CENELEC), and is now actively pursuing working relationships with other European and National Standards Organizations to expand its contribution on regulatory standards.

The group is also offering a series of webinars with European Commission staff to help inform the open source community about the EU's legislative process. It is also developing a central resource to house all relevant CRA-related content, including webinars, glossaries, flowcharts, and FAQs. 

Eclipse Fdn

More Information

Open Regulatory Compliance Working Group Participation Page

European Cyber Resilience Act

Related Articles

Eclipse Launches Dataspace Working Group

EU Cyber Resilience Act Reduces Python Risk

Python Software Foundation Raises EU Open Source Concerns

Eclipse Foundation Forms Open VSX Working Group

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

Banner


Microsoft Releases Dev Proxy 0.21
08/10/2024

Microsoft has released an update to Dev Proxy, its command-line API simulator. The updated version, v0.21, adds the ability to simulate authentication and authorization using API keys and OAuth2 among [ ... ]



Oracle Code Assist Now In Beta
19/09/2024

Oracle Code Assist is now available in beta. The coding assistant was first announced in May, when Oracle said it would be optimized for Java, SQL, and Oracle Cloud Infrastructure-based applicati [ ... ]


More News

kotlin book

 

Comments




or email your comment to: comments@i-programmer.info

Last Updated ( Thursday, 26 September 2024 )