Explore the challenges and successes of Software Bill of Materials (SBOMs) in embedded systems during this 35-minute conference talk by Kate Stewart from the Linux Foundation. Gain insights into regulatory agency involvement, SBOM generation in embedded projects, and practical applications across various platforms like Yocto, Debian, and Anaconda. Discover how SBOMs are addressing security concerns, including the Log4Shell vulnerability, and learn about emerging standards such as SPDX. Engage with open questions and discussions on the future of SBOMs in the embedded systems landscape.
SBOMs for Embedded Systems - What's Working, What's Not
Overview
Syllabus
Introduction
Regulatory agencies are waking up
Embedded projects generating SBOMs
SBOM details
Where SBOM is being used
Yakto
security
Debian
Internal Fork
Anaconda
SPDX
Log4Shell
Autocomp
Json
Open Question
Taught by
Linux Foundation
Tags
Related Courses
-
SBOMs: Essential for Embedded Systems
-
License Compliance and Security Management for Embedded Systems
-
Software Bill of Materials (SBoM) and Supply Chain with the Yocto Project - Generating and Using SBoMs
-
Generating SPDX Software Bill of Materials with Yocto Project
-
Practical SBOM Management with Zephyr and SPDX
-
SBOM Everywhere - Understanding Software Bill of Materials
