sneSCM: Specialist Network of Excellence in Software Configuration Management

Scandinavian Network of Excellence
in
Software Configuration Management

Scandinavian SCM day

Session abstracts:

The repository architecture dilemma (Christian Pendleton):
I will talk about how to organize a large software system. Do we want to divide into smaller module repositories or should we go for a large monorepo? What are the pros and cons of the paradigms? What should we consider when choosing? Is it possible to go from one to the other? I’m looking forward also to hear your thoughts and experiences in this area.

Generative AI and Software Configuration Management (Lars Bendix):
The use of Generative AI in software development is a fact of life. How does that influence the work of the configuration manager? Will we get new or changed tasks because the rest or the organization has started using GAI? Will we be able to use GAI for solving better/easier some of the SCM tasks that we are currently taking care of? Are there new types of CI? What about traceability - and reproducibility? Or will it be business as usual for us? Will we (in part) be substituted by GAI - just like programmers? Why (and where) - why not?

SBoMs in AI Development: Enable control and compliance for a complex supply chain (Fredrik van Bruggen):
The purpose of a Software Bill of Materials (SBoM) is to provide a detailed inventory of all components within a piece of software, enhance supply chain transparency and help manage security risks or legal liabilities (i.e. compliance). When we build software using AI or that is considered as AI, we get more complex dependencies to develop the product such as training input datasets, pretrained models, algorithm frameworks and GPU runtimes.
This session will explore SBoMs in the AI software context and discuss what additional components that are to be included, differences in the supply chain transparency and how to apply risk and compliance management for AI software.

Extended Software Bill of Materials usage: A glimpse into the crystal ball (Andreas Bergquist, Karl-Philip Blé Cato):
This past spring we explored how an SBoM can be used during the development phase of a project. One step in increasing SBoM usage and usability is finding relevant use cases and appropriate data to track. In this Open Space, we invite you to explore the concept of early SBoM adoption and what lies in the future of extended SBoM usage.

The Configuration Manager's "Toolbox" (Workshop):
In this 3-hour workshop, we will have plenty of time to start work on compiling a list of the "tools" that are in a configuration manager's "toolbox". Internally that will work a repository of the tasks and techniques that a configuration manager can use in his/her day-to-day work. Externally it will serve as a catalogue of the services that the configuration manager can provide an organisation.

The precise contents and format will be decided at the summit by the participants and will reflect what they find interesting. However, we have prepared a tentative programme to follow unless we decide to improvise:

13:45-14:00: Lars Bendix: The essence of SCM
14:00-14:50: group work + plenary
14:50-15:00: coffee break
15:00-15:15: Christian Pendleton: The Change Management hero
15:15-16:05: group work + plenary
16:05-16:15: coffee break
16:15-16:45: Summarizing key takeaways

Think about what "tools" you have in your toolbox. What are the (abstract) configuration management concepts and principles that you apply in your day-to-day work?