Name: Using CHAOSS Metrics, Models, and Software to Identify the Most Significant At-Risk Dependencies in Your Portfolio - Sean Goggins, CHAOSS Project and the University of Missouri - Columbia
Start: 2022-06-24T14:00:00-0500
End: 2022-06-24T14:40:00-0500

June 21-24, 2022
Austin, Texas, USA + Virtual
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit North America 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Central Daylight Time (UTC -5). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

Back To Schedule

Using CHAOSS Metrics, Models, and Software to Identify the Most Significant At-Risk Dependencies in Your Portfolio - Sean Goggins, CHAOSS Project and the University of Missouri - Columbia

Feedback form is now closed.

The Linux Foundation's CHAOSS project includes metrics, metrics models, and software focused on overall open-source software project health. During the past 18 months, the CHAOSS Risk working group developed a set of implementations for recording OSSF Scorecard status over time, software dependency age-based upstream package dependencies for 14 languages, and implementations of portfolio-based metrics that enable OSPO's to evaluate risk exposure based on known vulnerabilities, and current dependency risk at the portfolio level.

This workshop will show, tell, and inform participants so they leave knowing how to rapidly deploy CHAOSS risk metrics in their environment using Augur.

Our dependency-based metrics complement an existing set of Augur tools that provide detailed Software Bills of Material and file-based license enumeration.

Speakers

Sean P. Goggins

Professor, CHAOSS Project and University of Missouri-Columbia

Sean is a Professor of Electrical Engineering and Computer Science at the University of Missouri, where his research foci are open source software and human-centered data science. Sean is a founding member of the Linux Foundation’s working group on community health analytics for... Read More →

Friday June 24, 2022 2:00pm - 2:40pm CDT
Room 301/302 (Level 3)

OSPOCon

Experience Level Mid-level
Session Type In-person Speaker(s)

Open Source Summit North America 2022

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Sean P. Goggins