TAIPEI, Taiwan – January 19, 2026 by Sun Square Tech
Sun Square, a premier provider of open source compliance and OT cybersecurity solutions, is thrilled to announce a major milestone in its corporate history. The company has been officially recognized by the OpenChain Project as both an Official Partner (Service Provider) and a Third-Party Certifier.
This prestigious dual qualification positions Sun Square as a comprehensive leader in the global software supply chain ecosystem, capable of guiding organizations through the adoption of ISO/IEC 5230 (Open Source License Compliance) and ISO/IEC 18974 (Open Source Security Assurance).
Bridging the Gap: From Consultation to Certification
The OpenChain Project, a Linux Foundation initiative, maintains the international standards for open source compliance. By welcoming Sun Square into its partner network, OpenChain acknowledges Sun Square’s deep technical expertise and its ability to assess organizations against rigorous global standards.
“Becoming a Third-Party Certifier is a game-changer for our clients,” said SZ Lin, Founder of Sun Square. “Many consultancy firms can advise on open source policy, but few have the official mandate to conduct the final certification audit. This recognition validates that our methodologies align perfectly with the strictest international requirements. We can now offer a complete roadmap—from the initial gap analysis to the final certification issuance.”
Empowering the Supply Chain with ISO Standards
As software supply chain attacks rise and regulatory demands for SBOM (Software Bill of Materials) increase, compliance is no longer optional. Sun Square’s new status allows it to address two critical market needs:
As a Service Provider: Sun Square offers training, tooling implementation, and process consulting to help companies build an open source program office (OSPO) and prepare for ISO adoption.
As a Third-Party Certifier: Sun Square provides independent, objective audits to verify that an organization’s processes meet ISO/IEC 5230 and ISO/IEC 18974 standards. This certification serves as a powerful market differentiator for hardware manufacturers and software vendors selling into the EU, US, and Japanese markets.
Strengthening Trust in Open Source
“Sun Square has been a long-time advocate for open source best practices in Taiwan and beyond,” the OpenChain Project noted in its announcement. This partnership reinforces the infrastructure of trust needed for open source software to thrive in enterprise environments.
Whether your organization is looking to streamline its license compliance to avoid legal pitfalls or aims to bolster its security posture against vulnerabilities, Sun Square’s integrated approach ensures you are supported by certified experts every step of the way.
致力於開源合規與 OT 資安解決方案的領導廠商 Sun Square (Sun Square Tech) 今日宣佈一項重大里程碑:我們已正式通過 Linux Foundation 轄下 OpenChain Project 的嚴格審核,同時獲得 「官方合作夥伴 (Official Partner)」 及 「第三方驗證機構 (Third-Party Certifier)」 的雙重資格認證。
這項殊榮標誌著 Sun Square 在軟體供應鏈安全領域的專業實力已達國際頂尖水準,具備協助企業從「導入準備」到「取得認證」的完整服務能力,涵蓋 ISO/IEC 5230 (開源授權合規) 與 ISO/IEC 18974 (開源安全確保) 兩大關鍵國際標準。
雙重身分,定義專業新高度
OpenChain 是目前全球唯一針對開源軟體合規性與安全性流程的 ISO 標準制定組織。Sun Square 此次獲得的「第三方驗證機構」資格尤為關鍵,這意味著我們不僅是顧問,更具備了「裁判」的資格,能夠以獨立、客觀的角度,審核企業是否符合國際標準,並具名簽發具公信力的合規證書。
Sun Square 創辦人林上智 (SZ Lin) 表示:「能夠同時被認可為服務提供商與驗證機構,是對 Sun Square 技術團隊極大的肯定。在過去,許多企業面臨『懂法規但不懂實作』或『懂開發但不懂合規』的困境。現在,Sun Square 能提供一站式的專業支持 — 我們既能教您如何建立 SBOM 管理流程,也能在您準備好後,為您進行正式的 ISO 驗證稽核。」
協助台灣產業接軌國際供應鏈
隨著歐盟《網路強韌法案 (CRA)》與美國行政命令對軟體供應鏈透明度的要求日益嚴格,台灣的硬體製造商與軟體開發商面臨巨大的合規壓力。Sun Square 的新身分將為產業帶來兩大優勢:
- ISO/IEC 5230 授權合規: 解決開源授權衝突風險,確保產品出口無法律疑慮。
- ISO/IEC 18974 安全確保: 建立標準化的漏洞管理與修補流程,滿足國際大廠對供應商的資安要求。
作為第三方驗證機構,Sun Square 所執行的稽核結果將獲得 OpenChain 全球生態系的認可,這對於急需證明自身軟體供應鏈安全能力的企業而言,是一張通往國際市場的關鍵門票。
深耕開源,建立信任
OpenChain Project 在官方公告中指出,歡迎 Sun Square 加入全球合作夥伴網絡,共同推動開源供應鏈的信任基礎。Sun Square 將持續致力於開源治理的推廣,協助企業在享受開源軟體帶來的創新紅利時,也能有效管控潛在風險。
欲了解更多關於 ISO/IEC 5230 及 ISO/IEC 18974 驗證服務,請造訪 sunsquare.tech。
About Sun Square
Sun Square is your digital shield in a changing world. We specialize in independent consulting and training in OT cybersecurity, open-source security, and compliance. With a strong technical foundation built on contributions to critical platforms like Debian and Kali Linux, Sun Square provides end-to-end solutions—from assessing SEMI E187 readiness to implementing ISA/IEC 62443 frameworks. We serve clients across the semiconductor, energy, and transportation sectors, helping them navigate complex regulatory landscapes with confidence.
For more information about our services, please visit sunsquare.tech (https://sunsquare.tech).