Learn how to generate a Software Bill of Materials (SBOM) using the SPDX standard format with the Yocto Project in this 15-minute presentation. Discover practical details on utilizing the "create-spdx" class, introduced in Yocto Project version 3.4 ("Honister"), to produce SBOMs for license compliance and security vulnerability assessments. Gain insights into using the class effectively, understanding associated variables, and controlling the output SPDX content and volume without delving into code or generated files. Benefit from the presenter's expertise to quickly grasp this essential tool for device manufacturers and end users.
Overview
Syllabus
Bitbaking SPDX SBoM, Michael Opdenacker
Taught by
Yocto Project
Related Courses
-
The IT Ops Sessions: Generating a Software Bill of Materials for Docker Images
-
SBOM Implementation Reality - The SPDX Lite Profile for First Step
-
License Compliance and Security Management for Embedded Systems
-
SW360 SBOM - Managing Vulnerability Information, SPDX Documents and Dependency Networks
-
SBOMs for Embedded Systems - What's Working, What's Not
-
Software Bill of Materials (SBoM) and Supply Chain with the Yocto Project - Generating and Using SBoMs
