The Cybersecurity Benefits of Leveraging a Software Bill of Materials

Buttner, Drew; Martin, Robert A.

The Cybersecurity Benefits of Leveraging a Software Bill of Materials

Active / Technical Report | Accesssion Number: AD1180519 |

Open PDF

Abstract:

Use of a Software Bill Of Material (SBOM)can reduce financial, personnel, and reputational risks incurred by using unknown software. It enables system engineering, acquisition, and cybersecurity teams to better understand the make-up of critical infrastructure and to automate tasks to help assess and determine associated risk. This paper focuses on the benefits of adopting and using an SBOM to increase software transparency, resulting in increased software component trustworthiness and overall cybersecurity.

Author(s):

Buttner, Drew ; Martin, Robert A.

Author Organization(s):

MITRE CORP BEDFORD MA

Funding Organization(s):

DEPARTMENT OF DEFENSE WASHINGTON DC, WASHINGTON , DC

Document Type:

Technical Report/Technical Paper

Publication Date:

2021 Jan 01

Pagination:

10

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution Code:

A - Approved For Public Release

Distribution Statement: Public Release

RECORD

Collection: TRECMS

Identifying Numbers

Contract Number(s):

W56KGU-18-D-0004

Task Number(s):

W56KGU21F0008

Subject Terms

Modernization Areas:

Cyber

Communities of Interest:

Cyber

Descriptor(s):

vulnerability, computer programs, engineering, failure mode and effect analysis, supply chain, risk, acquisition, commerce, corporations, security, software development, united states, communities, costs, cybersecurity, executives, governments

Keyword(s):

sbom (Software Bill Of Material), software transparency, trustworthiness, bom (bill of materials), spdx (Software Package Data eXchange), cyclonedx

Subject Categories:

Mathematical and Computer Sciences

Creation Date:

2022 Sep 21

Update Date:

2022 Nov 14