Hello, Guest.!
CISA Issues Guidance on Assembling Group of Products for SBOM
Cybersecurity and Infrastructure Security Agency Logo_272x270
/

CISA Issues Guidance on Assembling Group of Products for SBOM

1 min read

The Cybersecurity and Infrastructure Security Agency has issued guidance for creating the build for a software bill of materials for products that were assembled and tested prior to delivery.

CISA said Friday the document, titled “Guidance on Assembling a Group of Products,” aims to guide software manufacturers and integrators in developing the build SBOM for assembled products that may contain parts that experience version changes.

According to the document, certain information is required when describing a product line with a build SBOM, including an identifier, a versioning system to use with the identifier, a list of product components being distributed together as a group and a version number for each component.

The guidance was developed by the Software Bill of Materials Tooling & Implementation Working Group, a community-led working group facilitated by CISA.