How Do You Know You're Done After a Security Fix - Leveraging SBOM Data

Explore approaches for leveraging Software Bill of Materials (SBOM) data to improve automation and confidence in safety analysis after applying security fixes. This 43-minute conference talk by Kate Stewart from The Linux Foundation and Peter Brink from UL Solutions delves into the challenges of maintaining system safety claims following component vulnerability fixes. Learn about the importance of detailed and accurate records of components and build information in designing systems with safety considerations. Discover strategies for utilizing SBOM data to enhance the analysis process and determine when a security fix implementation is complete and compliant with safety requirements.