sneSCM

Scandinavian Network of Excellence
in
Software Configuration Management

Time: Wednesday, March 30th, 2022, 15:30-16:30 (CET).

Place: video conferencing at your own computer.

Title: If Software BoM is the solution, what was then the problem?

Hosts: Andreas Göransson, QCM - Lars Bendix, sneSCM.org

In recent years the concept of Software Bill of Materials (SBoM) has attracted some attention. We thought that there was a long-since common understanding of what it serves for and its definition - apparently that is not so. So now we also want to join the party in a quest for becoming wiser on this crazy little thing called SBoM.

In this CMCM, we would like to mainly focus on the use cases for a SBoM - what could this "tool" be used for? So, given a rather vague and fuzzy idea of what an SBoM is: what are the situations where the concept of SBoM could be appropriate to use for a (partial) solution? Then we could analyze the use cases to figure out what should be the requirements to the concept of SBoM for it to be a good and useful tool. Hopefully this approach will give us a more useful understanding of what an SBoM could or should be than starting from a "purely theoretical" definition.

In preparation for this CMCM, we would like you to reflect a little on what situations you have encountered where the concept of an SBoM could have been helpful in creating a solution - and bring that to the CMCM.

Registration is mandatory by email to Lars Bendix (bendix@sneSCM.org).