Today, open source has become the most important software construction and management model in the global software industry, and has profoundly affected the development of the digital industry. In the "14th Five-Year Plan" released in March 2021, it is mentioned that it is necessary to support the development of innovative consortia such as digital technology open source communities, improve open source intellectual property rights and legal systems, and encourage enterprises to open software source code, hardware design and application services. . So far, open source has officially become one of my country's strategic development directions, and the industry has achieved considerable development in the past year.

On May 20, the 2022 OSCAR Open Source Pioneer Day was successfully held. The conference is hosted by China Academy of Information and Communications Technology and China Communications Standards Association, supported by Cloud Computing Standards and Open Source Promotion Committee, hosted by Cloud Computing Open Source Industry Alliance, open source technology application community in the financial industry, open source community in the communication industry, and open source technology application in technology manufacturing Co-organized by the community, trusted open source community community, etc. The conference released the trusted open source assessment results and a number of research results in the first half of 2022, and established three open source communities, including the automotive industry open source community, the Trusted Open Source Compliance Program (TWOS-C), and the China Academy of Information and Communications Technology - Apache ShardingSphere Financial User Community. industrial organization.

The latest trusted open source assessment results announced

Since 2018, CAICT has adhered to the principle of "openness + transparency + compliance + security = trustworthiness", established a series of trusted open source standard systems based on the open source life cycle, and implemented evaluation tests to regulate the market and help enterprises Reduce the risk of using open source software and promote the establishment of a trusted open source ecosystem. The latest trusted open source assessment results in the first half of 2022 are as follows:

The first batch of trusted open source supply chain-OpenChain double evaluation: ZTE Corporation Trusted open source supply chain (enterprise) evaluation: Dalian Yiheng Technology Co., Ltd. Trusted open source supply chain (product) evaluation: ZXVMAX-O V8, Flomesh service Grid Software V1.0.1

-The first batch of credible open source community grading evaluation

Tencent Blue Whale CI community governance capacity community operation capability community development capabilities
Enhanced Enhanced Enhanced
openEuler community governance capacity community operation capability community development capabilities
Advanced Advanced Advanced
openGauss community governance capacity community operation capability community development capabilities
Advanced Advanced Advanced
MindSpore community governance capacity community operation capability community development capabilities
Advanced Advanced Advanced
openLooKeng community governance capacity community operation capability community development capabilities
Advanced Advanced Advanced
OceanBase community governance capacity community operation capability community development capabilities
Enhanced Advanced Enhanced
Apache RocketMQ community governance capacity community operation capability community development capabilities
Advanced Advanced Enhanced

-In the first half of 2022, the evaluation of trusted open source projects will be added

OceanBase (version number: 3.1.3_CE)
PolarDB-PG (version number: 1.1.20)
Tencent Blue Whale CI (version number: 1.7.36)

- Added Trusted Open Source Governance Tool (SCA) assessment in the first half of 2022

Huawei Cloud Computing Technology Co., Ltd. R&D Security Service (Component Analysis) (SaaS Version)
Beijing Yuxin Technology Group Co., Ltd. YUCC OSG open source software governance platform (local deployment version)

A total of 62 credible open source assessments have been completed by the China Academy of Information and Communications Technology

Three major open source organizations were established

In order to better standardize the application of open source technologies in the industrial field and help all walks of life establish a healthy and reliable open source ecosystem, CAICT has been committed to the establishment and support of industrial open source communities. At this conference, a total of three open source organization establishment ceremonies were held.

In recent years, the application rate of open source in the automotive industry has continued to increase. At the same time, due to the long supply chain in the automotive industry, the open source governance scenarios are complex. In order to promote the progress of open source technology in the automotive industry and promote the formation of a healthy and sustainable open source development ecosystem in the automotive industry and its entire industrial chain, the China Academy of Information and Communications Technology has joined forces with China Electronics Technology Co., Ltd., Wuhan Lotus Technology Co., Ltd., and SAIC Motor. Passenger Cars, SAIC-GM-Wuling Automobile Co., Ltd., Hezhong New Energy Vehicle Co., Ltd., Zhejiang Jikr Intelligent Technology Co., Ltd., FAW Jiefang Automobile Co., Ltd., Zero Beam Technology Co., Ltd., Great Wall Motor, Anhui Jianghuai Automobile Group Co., Ltd. , Geely Automobile Research Institute, BYD Automobile Industry Co., Ltd., Jiangling Motors Co., Ltd., Guangzhou Xiaopeng Technology Co., Ltd., China Automotive Engineering Research Institute Co., Ltd., Weichai Power Co., Ltd., Yixing Intelligent (Guangzhou) Co., Ltd., Zhejiang Huanfu Technology Co., Ltd., PATEO Internet of Vehicles Technology (Shanghai) Co., Ltd., Hubei Yikatong Technology Co., Ltd., Hangsheng Electronics, Moss Zhilian Technology Co., Ltd., Xiamen Yaxun Network Co., Ltd., Salon Mecha Technology The China Academy of Information and Communications Technology Co., Ltd. formed an open source community for the automotive industry at the opening ceremony of this "OSCAR Open Source Pioneer Day".


In order to further promote the compliance level of my country's open source industry, gather talents, integrate resources, and improve standards, the Trusted Open Source Team of the China Academy of Information and Communications Technology, together with enterprise users, scientific research institutions, and legal experts, jointly prepared the "Trusted Open Source Compliance Plan (TWOS-C)" , and held an inauguration ceremony on the spot.



CAICT continues to track open source projects in key areas, assists in the exchange of upstream and downstream partners of the project, builds an industry exchange platform for open source projects, and continues to promote the implementation of open source projects in the industry. This time, in order to solve the pain points of financial users in the use of open source projects, China Academy of Information and Communications Technology will jointly establish a financial user community with the Apache ShardingSphere open source project to provide community members with technical support, security, user mobilization, business empowerment, etc. Serve. The first 13 members of the community are China Academy of Information and Communications Technology, Beijing Sifei Software Technology Co., Ltd., Industrial and Commercial Bank of China Co., Ltd. Software Development Center, Ganzhou Bank Co., Ltd., Jiangsu Rural Credit Cooperative Association, and Shanghai Bank Co., Ltd. Co., Ltd., Ping An Bank Co., Ltd., China Pacific Insurance (Group) Co., Ltd., ZhongAn Online Property Insurance Co., Ltd., Sichuan Tianfu Bank Co., Ltd., Wuhan Zhongbang Bank Co., Ltd., Agricultural Bank of China Co., Ltd., China Minsheng Bank Co., Ltd.


Four new members of the open source community join

In October 2018, the China Academy of Information and Communications Technology, together with Shanghai Pudong Development Bank and other financial institutions, established the first open source technology application community (FINOC) in the financial industry in China, mainly serving financial institutions and jointly promoting the healthy development of the open source ecosystem in the financial industry. In the first half of 2022, the open source technology application community in the financial industry has added 2 new members, and there are currently 58 members.

The communication industry open source community was officially established on September 17, 2021, aiming to promote open source exchanges and industrial cooperation in the communication industry. In the first half of 2022, the open source community of the communication industry has added 3 new member units, and currently has 19 total members.

The technology manufacturing open source community was officially established on September 17, 2021, aiming to promote open source exchanges and industrial cooperation in the technology manufacturing industry. In the first half of 2022, a total of 2 new member units will be added to the technology manufacturing open source community, with a total of 15 members.

At the 2021 OSCAR Open Source Industry Conference, the China Academy of Information and Communications Technology officially established a trusted open source community community. The trusted open source community community is composed of many open source projects and open source communities. The purpose is to guide the establishment of a healthy, credible and sustainable open source community. In the first half of 2022, a total of 19 new member units will be added to the trusted open source community community, and there are currently 71 members.

Release and interpretation of multiple plans, white papers and standards

CAICT has always been committed to promoting the development of domestic open source projects in the fields of compliance application, ecological construction, and industrial empowerment. On this year's "OSCAR Open Source Pioneer Day", CAICT brought a series of action plans, industry white papers, and open source standards, and released and interpreted them on the spot.

China Academy of Information and Communications Technology's "Trusted Open Source" Panoramic Observation Released

At this conference, Guo Xue, deputy director of the Open Source and Software Security Department of China Academy of Information and Communications Technology, officially released and interpreted the panoramic observation of trusted open source, systematically sorted out various evaluations of trusted open source in the first half of 2022, and summarized various types of evaluation industries. development characteristics. In addition, the "Enterprise Empowerment Plan" and "Project Empowerment Plan" were also released. The Enterprise Empowerment Plan helps Chinese enterprises from "open source users" by building a full life cycle empowerment system of open source training, diagnosis, consultation, subscription, and evaluation. " to "Open Source Leader". The project empowerment plan promotes the operation of open source projects in key areas through the industry community. On the one hand, relying on the open source technology application community in the financial industry, the open source community in the communication industry, and the open source community in the technology manufacturing industry, it promotes research on the application requirements of open source projects in various industries, and at the same time attracts industry users to enter the upstream community to realize the industrial scenario application of open source projects; On the one hand, the experience exchange of open source projects is formed through various forms such as community industry exchange activities and community case collections to help open source projects develop in a healthy and orderly manner.

Release and Interpretation of "Open Source Compliance Guide (Enterprise)" of China Academy of Information and Communications Technology

At the meeting, Jun Zhe, engineer of the Open Source and Software Security Department of the Cloud University of the China Academy of Information and Communications Technology, released and interpreted the "Open Source Compliance Guide (Enterprise)" led by the China Academy of Information and Communications Technology. This white paper provides a detailed analysis of open source compliance risks, open source license agreement provisions, and hotspot open source compliance events, and proposes open source compliance risk prevention and control suggestions based on corporate practices.

The "In-depth Research Report on Open Source Security" released by the China Academy of Information and Communications Technology

The security and controllability of open source has always been the biggest challenge for enterprises to adopt open source products. In order to enable enterprises to safely use open source software and better respond to open source security threats, the China Academy of Information and Communications Technology took the lead, and CCB, CCB Jinke and other well-known domestic enterprises participated in the compilation of the "Open Source Security In-depth Observation Report".

Li Xiaoming, engineer of the Open Source and Software Security Department of the Cloud University of China Academy of Information and Communications Technology, released the "In-depth Research Report on Open Source Security" at the meeting and gave a detailed interpretation.

Interpretation of "Opinions on Regulating the Application and Development of Open Source Technology in the Financial Industry" and Release of the Standard for Trusted Open Source Solutions

A mature and qualified open source management system needs to include the use of open source software and supply chain management into the key management scope. In the context of digital transformation and information technology application innovation, the China Academy of Information and Communications Technology took the lead in cooperating with a number of industrial institutions and solution providers to formulate the relevant standards of the "Open Source Software Governance Capability Evaluation Method Part 4: For Open Source Solutions", aiming to improve The three dimensions of supplier capability, delivery quality, and service support level are standardized to provide effective reference for industry users when purchasing commercial solutions.

At the meeting, Wu Qianyu, engineer of the Open Source and Software Security Department of the Cloud University of China Academy of Information and Communications Technology, released and interpreted the standard "Evaluation Method of Open Source Software Governance Capability Part 4: Solutions for Open Source".

Interpretation of the "Trusted Open Source Community Classification Standard" of the China Academy of Information and Communications Technology

At this stage, open source communities have been established in many fields in my country, and many industry open source communities have also been established or certified at this conference. Compared with international well-known open source projects, my country's open source projects are still far behind in terms of community governance and development. In order to help domestic open source projects improve community governance and operation and improve the quality of open source projects, the China Academy of Information and Communications Technology officially released the "Trusted Open Source Community Classification Standard", which regulates community construction from four major parts: community governance, community operation, community development, and infrastructure. Governance and Operations.

Zhang Yiyang, engineer of the Open Source and Software Security Department of the Cloud University of China Academy of Information and Communications Technology, gave an in-depth interpretation of the "Trusted Open Source Community Classification Standard" on the spot.

This year's "OSCAR Open Source Pioneer Day" also invited many well-known technology companies from the open source industry to participate in the conference. Industry experts from Douyin, Huawei, Ant Group, Alibaba Cloud and other companies discussed the use, governance and research and development of open source software in their respective companies. practice was shared.

After years of development and accumulation, "OSCAR Open Source Pioneer Day" has become the most influential exchange platform in the domestic open source ecosystem. With the deepening of industrial digitization and the rapid development of digital technology, "OSCAR Open Source Pioneer Day" keeps pace with the times, keeps innovating and changing, and strives to promote the safe and rapid growth of my country's open source industry.

For more evaluation information and white paper download, please scan the QR code below:


思否编辑部
4.4k 声望117k 粉丝

思否编辑部官方账号,欢迎私信投稿、提供线索、沟通反馈。