Litcius/Paper detail

A Viewpoint on Knowing Software: Bill of Materials Quality When You See It

Santiago Torres-Arias, Dan Geer, John Speed Meyers

2023IEEE Security & Privacy13 citationsDOIOpen Access PDF

Abstract

Software bills of materials (SBOMs) have become a required mechanism to communicate software supply chain information. However, even though they experience wide and increasing adoption, using them to improve supply chain security remains a challenge. We posit that, in order to achieve the intended goal of SBOMs, we must first develop mechanisms to measure their quality.

Topics & Concepts

Supply chainQuality (philosophy)SoftwareOrder (exchange)Computer scienceMeasure (data warehouse)Risk analysis (engineering)Mechanism (biology)Software qualityComputer securityProcess managementBusinessSoftware developmentMarketingDatabasePhilosophyProgramming languageEpistemologyFinanceSafety Systems Engineering in AutonomyOpen Source Software InnovationsTechnology Assessment and Management