Overview
Explore the evolution and best practices of Software Bill of Materials (SBOM) management systems in this insightful 55-minute conference talk by Mark Gisi from Wind River Systems. Gain valuable insights from a decade-long journey of SBOM system development, starting with the introduction of SPDX in 2011 to the third-generation release in 2023. Learn how requirements have shifted from license compliance to software export compliance, and now to security-driven approaches. Discover key lessons, dos and don'ts, and compare different SBOM solutions available in the market. Benefit from an overview of open-sourced libraries and utilities that can enhance your own SBOM initiatives, and understand how functional safety may shape future developments in this critical area of software management.
Syllabus
Case Study: 10+ Years of Developing an SBOM System and the Dos and Don’ts - Mark Gisi
Taught by
Linux Foundation