sneSCM

Scandinavian Network of Excellence
in
Software Configuration Management


Scandinavian SCM day

Presentation abstracts:

Scenario-driven Business to DevOps solution for a successful Lifecycle Configuration Management Strategy (Thomas Karlkvist):
For a Configuration Management Strategy (CMS) to be successfully utilized in a product development corporation we must strive not only to encompass emerging knowledge about the need for incorporation of Operations and Maintenance requirements during Development phases (i.e. DevOps) but it must also ensure that Business Drivers are fully understood and used as a basis for product architecture when moving into development of the product, in order to arrive at a validation of the results that meets customer expectations. Furthermore, when product management strive to adopt and achieve synergies from parallel or overlapping products and customer solution, this Business to DevOps perspective becomes the basis for successfully managing Product Line Engineering. This is where the scenario-driven approach becomes an efficient tool for visualizing and transforming data throughout the lifecycle of the product line and its products. This presentation will layout the concepts and presents the pillars of management areas for such a successful Lifecycle Configuration Management Strategy.

Handling software variants (Andreas Göransson):
Software variants are something that needs to be handled in different contexts. How does software variants affect daily work as a SCM professional? Are there differences in the way software variants are handled for example in an embedded environment versus a big server-client solution?
In this Open Session the focus is on how to handle software variants - answer questions, share experiences and ask new questions.

Secure your software delivery chain (Sofus Albertsen):
Following the SolarWinds breach, compromising source code has proven to be a viable and very effective way of making cyber attacks. It works when the attacker utilizes the trust of the compromised company to elevate their reach into multiple customers’ core networks.
In this open space we will look at a generic solution, as well as digging deeper into the question of implementation quirks and drawbacks.

Software Bill of Materials (Lars Bendix):
Bill of Materials (BoM) is a well-established and widely used concept in the Hardware world. In the Software world it is a completely different story. Some people have used it for more than 20 years - others have not even heared about the concept. There also seems to be no common agreement on how a Software BoM is defined and what is its purpose - and as a consequence the use cases for a Software BoM vary wildly.
This micro-tutorial will take you through some of the early ideas for Software BoMs from 40 years ago - motivating why we would want to have them and what they could be useful for. It will then provide a richer picture for the use cases for Software BoMs by surveying recent semi-committee work from the US. Finally it will demonstrate how nicely Software BoMs connect to two of the wellknown Configuration Management activities - Configuration Identification and Configuration Status Accounting.