The Cybersecurity and Infrastructure Security Agency has issued guidance for creating the build for a software bill of materials for products that were assembled and tested prior to delivery.
CISA said Friday the document, titled “Guidance on Assembling a Group of Products,” aims to guide software manufacturers and integrators in developing the build SBOM for assembled products that may contain parts that experience version changes.
According to the document, certain information is required when describing a product line with a build SBOM, including an identifier, a versioning system to use with the identifier, a list of product components being distributed together as a group and a version number for each component.
The guidance was developed by the Software Bill of Materials Tooling & Implementation Working Group, a community-led working group facilitated by CISA.
Related Articles
The Office of the Director of National Intelligence has appointed Tidal “Ty” McCoy II, most recently a principal at Nexfed, as intelligence community chief financial officer. McCoy announced his appointment at ODNI in a LinkedIn post published Tuesday. Hear experts discuss the latest tech advancements, trends and opportunities facing the IC at the Potomac Officers Club’s 2025 Intel Summit on Oct. 2. Reserve your spot now! Who Is Tidal McCoy? In 2022, McCoy joined strategy consulting firm Nextfed as a vice president. At Nexfed, he led the firm’s intelligence and acquisition strategy practice and played a key role in mergers
The National Science Foundation has launched an initiative to invest up to $100 million in a national network of artificial intelligence-enabled programmable cloud laboratories as part of efforts to advance automated science and engineering and drive discoveries and innovation. NSF said Tuesday the Directorate for Technology, Innovation and Partnerships, or TIP, will lead the NSF Test Bed: Toward a Network of Programmable Cloud Laboratories, or NSF PCL Test Bed. “The idea of a national network of programmable cloud laboratories builds on NSF’s longstanding legacy of transformative investments — such as NSFNET decades ago — that paved the way for the modern
Sens. Jeanne Shaheen, D-N.H.; Maggie Hassan, D-N.H.; Susan Collins, R-Maine; and Angus King, I-Maine have proposed legislation that would spare the Navy’s four public shipyards from workforce reductions. Called the Protecting Public Naval Shipyards Act, the bipartisan bill tells the Department of Defense to exempt certain positions at public shipyards from hiring freezes and layoffs to ensure that nuclear-powered submarine maintenance and overhaul are uninterrupted. “This bipartisan bill will ensure that important naval operations continue without disruption by exempting public shipyard employees from the chaotic mass firings, workforce reductions, and hiring freezes directed by the Trump Administration,” said Hassan. Top