This is a proposal for "OpenSSF Japan Working Group (Japan WG)".
OpenSSF Japan Working Group
List of interested individuals (name, affiliation, GitHub ID)
- Teppei Asaba, Fujitsu Limited, teppeitherock
- Kenta Goto, Cybozu, Inc., gokken-roko
- Muuhh IKEDA, Cybertrust Japan Co. Ltd, Muuhh-CTJ
- Takehisa Katayama, Renesas Electronics Corporation, Takehisa-K
- Yuta Kiyoumi, Honda Motor Co.,Ltd., y-kiyo
- Taku Shimosawa, Hitachi, Ltd., shimos
- Akihiko Takahashi, Fujitsu, Ltd., akihiko0208
- Taichi Takemura, Cybozu, Inc., zeroalphat
- Tsukasa Yobo, Renesas Electronics Corporation, TYobo
Brief description of the initiative
The OpenSSF Japan Working Group serves as a regional coordination and engagement hub that connects Japan’s public sector, industry, and academic stakeholders with the global OpenSSF community.
The WG acts as an organizational bridge, aligning OpenSSF global best practices with Japan-specific cybersecurity and software supply chain security needs while feeding local insights back into global OpenSSF initiatives.
Motivation
Background / use cases of the problem to be solved
Cybersecurity and software supply chain security priorities, regulations, and adoption models vary significantly by country and are often driven by national governments.
In Japan, software security and supply chain initiatives are primarily led by government ministries such as the Ministry of Economy, Trade and Industry (METI). Effective engagement with these stakeholders requires sustained local presence, contextual understanding, and trusted coordination aligned with global best practices.
While OpenSSF provides globally recognized frameworks, tools, and guidance, there has been no formally recognized structure dedicated to:
- Coordinating OpenSSF-aligned activities in Japan
- Supporting localized adoption and education
- Representing Japan’s perspectives and requirements in global discussions
The Japan WG formalizes and aligns existing Japan-based OpenSSF activities with OpenSSF governance, enabling deeper collaboration with OpenSSF Global and its existing Working Groups.
At present, there are no similar regional Working Groups established in other countries. Given this context, the Japan WG is proposed as an initial, country‑focused Working Group to address concrete needs in Japan. Should similar initiatives emerge in other regions in the future, this structure could naturally evolve into a broader Regional Working Group model, with country‑specific activities organized as Special Interest Groups (SIGs) under that regional framework.
Objective
What is to be achieved with this initiative
- Establish a formally recognized OpenSSF Working Group focused on Japan
- Serve as a liaison between:
- Japanese public sector, industry, and academia
- OpenSSF Global Working Groups, TAC, and staff
- Promote the adoption of OpenSSF projects, tools, and best practices in Japan
- Localize and disseminate OpenSSF educational materials and guidance
- Share Japan-specific requirements, feedback, and insights with global OpenSSF initiatives
- Strengthen Japan’s contribution to global software supply chain security efforts
OKRs (initial / indicative)
- Objective: Establish a sustainable OpenSSF-aligned community in Japan
-- KR1: Hold regular WG meetings, with participation from government, industry, and academia invited as appropriate.
-- KR2: Maintain active collaboration with at least two existing OpenSSF WGs or SIGs (Assuming Cyber Policy WG and Education SIG)
-- KR3: Publish or contribute Japan-focused materials aligned with OpenSSF priorities
KR4: Hold quarterly offline meetups to enhance OSS security in Japan
Scope
In scope
The OpenSSF Japan WG focuses on activities fully aligned with OpenSSF’s Mission, Vision, Values, Strategy, and Roadmap, including:
- Community building and outreach in Japan aligned with OpenSSF goals
-- Regular meetups, workshops, and conference tracks
-- Participation in Linux Foundation and OpenSSF-related events in Japan
- Education, awareness, and knowledge sharing
-- Presentations and tutorials on OpenSSF projects (e.g., SLSA, sigstore, protobom)
-- Translation and localization of OpenSSF documentation and training materials
- Regional engagement and coordination
-- Acting as a communication bridge between Japanese stakeholders and OpenSSF Global
-- Supporting OpenSSF Global initiatives through Japan-specific outreach
- Policy and ecosystem awareness
-- Sharing global cybersecurity and supply chain security trends (e.g., CRA)
-- Providing non-binding, informational feedback from the Japanese ecosystem
- Collaboration with existing OpenSSF Working Groups and SIGs
-- Including (but not limited to) the Global Cyber Policy WG and Education SIG
Out of scope
- Acting as a regulatory or standards‑setting authority on behalf of governments
- Issuing official policy positions or regulatory interpretations
- Developing proprietary or closed-source solutions
- Activities that conflict with OpenSSF’s Mission, Vision, Values, Strategy, and Roadmap
Prior Work
Prior and related activities in Japan
- Regular OpenSSF Japan community meetups (2024–2026)
-- Quarterly sessions held consistently since 2024
- Japanese-language introductions to OpenSSF and global events
-- OSSEU, OSSNA, and other OpenSSF-related initiatives
- Outreach and presentations on OpenSSF projects and practices
-- SLSA
-- sigstore
-- protobom
-- Secure Software Development
-- Secure MLOps / MLSecOps
- Translation and publication efforts
-- LFD121: Secure Software Development (published)
-- Visualizing Secure MLOps (published Feb 18, 2026)
-- OpenSSF 2025 Annual Report (published Mar 31, 2026)
- Hosting the Security Track at LF Japan Community Days 2025
- Collaboration with the Linux Foundation Japan Evangelist Program
Active Projects
- Japan-focused OpenSSF community engagement and education
- Localization and translation of OpenSSF materials
- Coordination with OpenSSF Global WGs and SIGs
Inactive Projects
Get Involved
- Official communications:
-- OpenSSF Japan WG mailing list
-- Official communications will be conducted via an OpenSSF Japan WG mailing list (to be created upon Sandbox approval).
- Slack:
-- OpenSSF Slack – #japan-chapter jJapan WG channel (planned)
-- This Slack channel will be used for informal discussions and coordination.
- OpenSSF mailing list management: https://lists.openssf.org/
Quick Start
The OpenSSF Japan Working Group is currently in the Sandbox phase. We welcome participation from individuals and organizations interested in strengthening software supply chain security and advancing OpenSSF activities in Japan.
What this WG aims to achieve is that:
- Strengthening software supply chain security by promoting OpenSSF best practices
- Acting as a two-way bridge between the global OpenSSF community and the Japanese public sector and ecosystem.
Areas that contributions are currently welcome
- Community outreach and engagement within Japan
- Planning and supporting Japan-based meetups, workshops, and events
- Translation and review of OpenSSF materials and educational materials
- Sharing feedback, requirements, and insights from the Japanese ecosystem
- Coordination with existing OpenSSF Working Groups and SIGs
How to get started?
- Join the OpenSSF Japan WG communication channels
- Participate in WG meetings and discussions
- Contribute ideas or feedback during meetings or via the mailing list
Where to file issues
- GitHub repository (to be created during the Sandbox phase)
Meeting Times
- Meeting cadence: Weekly(initially)
- Schedule: Every Tuesday 4pm - 4:30pm
- Time zone: Japan Standard Time (JST)
- Calendar: TBD (to be added after Sandbox approval)
- Meeting minutes: 【TBD (to be published after each meeting)】
Governance
The OpenSSF Japan Working Group (Japan WG) will adopt a governance structure aligned with OpenSSF expectations while reflecting its primary focus on regional coordination, community engagement, and collaboration with public-sector stakeholders in Japan.
- CHARTER.md: To be created during the Sandbox phase in alignment with OpenSSF governance guidelines.
Technical Steering Committee (TSC)
The Japan WG will establish a Technical Steering Committee (TSC) as its primary decision-making and coordination body.
The role of the TSC is to provide overall direction, coordination, and oversight of WG activities. This includes setting priorities, organizing initiatives, coordinating collaboration across stakeholders, facilitating communication, and ensuring alignment with OpenSSF’s mission and objectives. Given the nature of the Japan WG, the TSC will primarily focus on coordination, outreach, and ecosystem alignment rather than software or specification-level technical direction.
TSC Membership
Participation in the Technical Steering Committee (TSC) is limited to OpenSSF member companies/organizations that participate in the Japan WG.
Each participating member company/organization may nominate up to three (3) individuals to serve as TSC members.
Leadership
The initial leadership of the Japan WG is proposed as follows:
- WG Chair: Munehiro Ikeda (Cybertrust Japan)
- Co-Chair(s): Takehisa Katayama (Renesas Electronics)
Term and Reappointment
- The term of the Chair and Co-Chair(s) will be two (2) years.
- Individuals may be reappointed; however, no individual may hold the same role (Chair or Co-Chair) for more than two terms in total (lifetime limit).
Eligibility for Chair and Co-Chair
- The Chair and Co-Chair(s) must be individuals affiliated with an OpenSSF member organization participating in the Japan WG.
Selection Process
- The Chair and Co-Chair(s) will be elected through a vote by OpenSSF member companies/organizations participating in the Japan WG.
- Each participating member company/organization will have one vote, regardless of its membership level (e.g., Platinum or General).
Membership of the Japan WG
Participation in the Japan WG is limited to companies/organizations and individuals that meet the following criteria:
- The organization must be an OpenSSF member.
- At least one participating member must be able to communicate in Japanese.
- Admission to the Japan WG requires unanimous approval from all existing TSC members.
Founding Member Organizations
The initial set of participating member organizations at the time of establishment is expected to include the following, listed in alphabetical order for clarity:
- Cybertrust Japan
- Cybozu, Inc.
- Fujitsu Limited
- Hitachi Ltd.
- Honda Motor Co., Ltd.
- Renesas Electronics Corporation
Intellectual Property
In accordance with the OpenSSF Charter, work produced by this group is licensed as follows:
- Software source code
- Data
- Specifications
- All other documentation
Antitrust Policy Notice
Linux Foundation meetings involve participation by industry competitors, and it is the intention of the Linux Foundation to conduct all of its activities in accordance with applicable antitrust and competition laws. It is therefore extremely important that attendees adhere to meeting agendas, and be aware of, and not participate in, any activities that are prohibited under applicable US state, federal or foreign antitrust and competition laws.
Examples of types of actions that are prohibited at Linux Foundation meetings and in connection with Linux Foundation activities are described in the Linux Foundation Antitrust Policy available at http://www.linuxfoundation.org/antitrust-policy. If you have questions about these matters, please contact your company counsel, or if you are a member of the Linux Foundation, feel free to contact Andrew Updegrove of the firm of Gesmer Updegrove LLP, which provides legal counsel to the Linux Foundation.
This is a proposal for "OpenSSF Japan Working Group (Japan WG)".
OpenSSF Japan Working Group
List of interested individuals (name, affiliation, GitHub ID)
Brief description of the initiative
The OpenSSF Japan Working Group serves as a regional coordination and engagement hub that connects Japan’s public sector, industry, and academic stakeholders with the global OpenSSF community.
The WG acts as an organizational bridge, aligning OpenSSF global best practices with Japan-specific cybersecurity and software supply chain security needs while feeding local insights back into global OpenSSF initiatives.
Motivation
Background / use cases of the problem to be solved
Cybersecurity and software supply chain security priorities, regulations, and adoption models vary significantly by country and are often driven by national governments.
In Japan, software security and supply chain initiatives are primarily led by government ministries such as the Ministry of Economy, Trade and Industry (METI). Effective engagement with these stakeholders requires sustained local presence, contextual understanding, and trusted coordination aligned with global best practices.
While OpenSSF provides globally recognized frameworks, tools, and guidance, there has been no formally recognized structure dedicated to:
The Japan WG formalizes and aligns existing Japan-based OpenSSF activities with OpenSSF governance, enabling deeper collaboration with OpenSSF Global and its existing Working Groups.
At present, there are no similar regional Working Groups established in other countries. Given this context, the Japan WG is proposed as an initial, country‑focused Working Group to address concrete needs in Japan. Should similar initiatives emerge in other regions in the future, this structure could naturally evolve into a broader Regional Working Group model, with country‑specific activities organized as Special Interest Groups (SIGs) under that regional framework.
Objective
What is to be achieved with this initiative
OKRs (initial / indicative)
-- KR1: Hold regular WG meetings, with participation from government, industry, and academia invited as appropriate.
-- KR2: Maintain active collaboration with at least two existing OpenSSF WGs or SIGs (Assuming Cyber Policy WG and Education SIG)
-- KR3: Publish or contribute Japan-focused materials aligned with OpenSSF priorities
KR4: Hold quarterly offline meetups to enhance OSS security in Japan
Scope
In scope
The OpenSSF Japan WG focuses on activities fully aligned with OpenSSF’s Mission, Vision, Values, Strategy, and Roadmap, including:
-- Regular meetups, workshops, and conference tracks
-- Participation in Linux Foundation and OpenSSF-related events in Japan
-- Presentations and tutorials on OpenSSF projects (e.g., SLSA, sigstore, protobom)
-- Translation and localization of OpenSSF documentation and training materials
-- Acting as a communication bridge between Japanese stakeholders and OpenSSF Global
-- Supporting OpenSSF Global initiatives through Japan-specific outreach
-- Sharing global cybersecurity and supply chain security trends (e.g., CRA)
-- Providing non-binding, informational feedback from the Japanese ecosystem
-- Including (but not limited to) the Global Cyber Policy WG and Education SIG
Out of scope
Prior Work
Prior and related activities in Japan
-- Quarterly sessions held consistently since 2024
-- OSSEU, OSSNA, and other OpenSSF-related initiatives
-- SLSA
-- sigstore
-- protobom
-- Secure Software Development
-- Secure MLOps / MLSecOps
-- LFD121: Secure Software Development (published)
-- Visualizing Secure MLOps (published Feb 18, 2026)
-- OpenSSF 2025 Annual Report (published Mar 31, 2026)
Active Projects
Inactive Projects
Get Involved
-- OpenSSF Japan WG mailing list
-- Official communications will be conducted via an OpenSSF Japan WG mailing list (to be created upon Sandbox approval).
-- OpenSSF Slack – #japan-chapter jJapan WG channel (planned)
-- This Slack channel will be used for informal discussions and coordination.
Quick Start
The OpenSSF Japan Working Group is currently in the Sandbox phase. We welcome participation from individuals and organizations interested in strengthening software supply chain security and advancing OpenSSF activities in Japan.
What this WG aims to achieve is that:
Areas that contributions are currently welcome
How to get started?
Where to file issues
Meeting Times
Governance
The OpenSSF Japan Working Group (Japan WG) will adopt a governance structure aligned with OpenSSF expectations while reflecting its primary focus on regional coordination, community engagement, and collaboration with public-sector stakeholders in Japan.
Technical Steering Committee (TSC)
The Japan WG will establish a Technical Steering Committee (TSC) as its primary decision-making and coordination body.
The role of the TSC is to provide overall direction, coordination, and oversight of WG activities. This includes setting priorities, organizing initiatives, coordinating collaboration across stakeholders, facilitating communication, and ensuring alignment with OpenSSF’s mission and objectives. Given the nature of the Japan WG, the TSC will primarily focus on coordination, outreach, and ecosystem alignment rather than software or specification-level technical direction.
TSC Membership
Participation in the Technical Steering Committee (TSC) is limited to OpenSSF member companies/organizations that participate in the Japan WG.
Each participating member company/organization may nominate up to three (3) individuals to serve as TSC members.
Leadership
The initial leadership of the Japan WG is proposed as follows:
Term and Reappointment
Eligibility for Chair and Co-Chair
Selection Process
Membership of the Japan WG
Participation in the Japan WG is limited to companies/organizations and individuals that meet the following criteria:
Founding Member Organizations
The initial set of participating member organizations at the time of establishment is expected to include the following, listed in alphabetical order for clarity:
Intellectual Property
In accordance with the OpenSSF Charter, work produced by this group is licensed as follows:
Antitrust Policy Notice
Linux Foundation meetings involve participation by industry competitors, and it is the intention of the Linux Foundation to conduct all of its activities in accordance with applicable antitrust and competition laws. It is therefore extremely important that attendees adhere to meeting agendas, and be aware of, and not participate in, any activities that are prohibited under applicable US state, federal or foreign antitrust and competition laws.
Examples of types of actions that are prohibited at Linux Foundation meetings and in connection with Linux Foundation activities are described in the Linux Foundation Antitrust Policy available at http://www.linuxfoundation.org/antitrust-policy. If you have questions about these matters, please contact your company counsel, or if you are a member of the Linux Foundation, feel free to contact Andrew Updegrove of the firm of Gesmer Updegrove LLP, which provides legal counsel to the Linux Foundation.