Choose another country to see content specific to your location

//Select Country

FOSS Licence Compliance

Certification of Free and Open-Source Software Management Systems

What is FOSS?

Free and Open-Source Software (FOSS) allows anyone to run a program for free and for any purpose they wish. It also allows the user to access the source code, modify it and redistribute either the original or the altered version.

FOSS is increasingly being used in business operations because it enables new software developments to be implemented at a faster pace and a lower cost than writing it in-house. FOSS gives businesses access to the latest software, which they can then use to enhance their own offerings.

While FOSS is free to use, this does not mean that users have no obligations. When the original developer makes their FOSS products available, they may choose to use a FOSS licence, which defines what can or cannot be done with the source code. For example, they may stipulate that anyone who modifies the software must make their modifications available for anyone else to use.

Companies using FOSS are subject to a variety of licence agreements. To maintain compliance and avoid liabilities, these licences must be managed in a structured manner. This requires policies and procedures, the identification of roles responsible for its management, as well as effective skills management and a training strategy.

Why is FOSS LICENCE COMPLIANCE Important?

FOSS licence compliance is an essential element of regulatory, legal and corporate compliance. Proof of FOSS compliance is increasingly a requirement for software vendors during the contract tender process. Failure to comply can also be very damaging for a business's reputation in the open source community.

FOSS compliance verification is therefore a critical factor for the sale of products that integrate FOSS, and for companies seeking to establish partnership-based collaboration. To prevent infringements of licensing agreements, businesses must establish a suitable process for guaranteeing and verifying compliance.


TÜV SÜD assesses your FOSS licence compliance processes

TÜV SÜD's compliance certification is the first of its kind. It is designed to support your corporate compliance with FOSS licences. Thanks to our extensive compliance and software experience, combined with profound regulatory and supply chain management expertise, we are uniquely positioned to conduct a standardised assessment of your FOSS systems and processes.

TÜV SÜD's experts actively participate in international standardisation committees for software, gaining valuable insights on the latest regulatory developments. Our experts’ commitment to instilling compliant operations across industries means that the TÜV SÜD certification mark has become a globally renowned symbol for safety, security and trust.

TÜV SÜD’s FOSS Licence Compliance Certification Scheme

TÜV SÜD’s FOSS Licence Compliance certification scheme simplifies compliance verification through the creation of a standardised process. Based on the OpenChain specification, it enables a business to review its underlying processes and fully document compliance with licencing agreements.

TÜV SÜD’s FOSS audit and certification is delivered through a three-step process:

FOSS three step process 

If you use Free and Open-Source Software in your products and services, our third-party verification of compliance with FOSS licences creates trust with partners and customers alike. Contact TÜV SÜD today to learn more about our FOSS compliance services or to organise a FOSS audit.


Your benefits at a glance

Benefits of a certified FOSS licence compliance system include:

  • Corporate compliance - prevent potential licensing conflicts, avoid liabilities, and prove due diligence to investors and business partners.
  • Competitive advantage - increase business efficiency and effectiveness and use FOSS compliance as a strategy to differentiate your business and grow market share.
  • Enhanced market reputation - work with a global leader that has developed a ground-breaking FOSS certification process that independently verifies your conformance.

EXPLORE

IEC 62443 Certification
Infosheet

IEC 62443 Certification

Enhance the cyber resilience of industrial components and systems

Download

VIEW ALL INDUSTRY RESOURCES

Next Steps

Select Your Location

Global

Americas

Asia

Europe

Middle East and Africa