The Science and Technology Directorate of the Department of Homeland Security is soliciting tools capable of providing the Cybersecurity and Infrastructure Security Agency with visibility into software supply chains to address possible security gaps.
S&T said Monday its Silicon Valley Innovation Program released the “Software Supply Chain Visibility Tools” topic call to hear from interested parties about their technical capabilities that CISA could use to strengthen the security of digital frameworks for essential services.
“This topic call highlights core capabilities that will help bring transparency into the digital building blocks used by organizations in both their business operations and in their cyber defenses,” explained Melissa Oh, managing director of SVIP.
The Software Bill of Materials is one of the focus areas of the solicitation. The machine-readable inventory contains information about software components and dependencies as well as their hierarchical relationships.
“By leveraging SBOMs as key elements of software security, we can mitigate the risk to the software supply chain and respond to new risks faster, and more efficiently,” said Allan Friedman, senior adviser and strategist at CISA.
Responses to the solicitation are due Oct. 3rd.