Authoritative Guide to SBOM

Implement and Optimize use of Software Bill of Materials

Glossary DOWNLOAD GUIDE CONTENTS

Appendix B: References

The following resources may be useful to users and adopters of this standard:

  • NTIA Multistakeholder Process on Software Component Transparency, Framing Working Group. (21 October 2021). Framing Software Component Transparency: Establishing a Common Software Bill of Materials (SBOM), Second Edition. https://www.ntia.gov/files/ntia/publications/ntia_sbom_framing_2nd_edition_20211021.pdf
  • NTIA. (12 July 2021). The Minimum Elements for Software Bill of Materials. https://www.ntia.gov/files/ntia/publications/sbom_minimum_elements_report.pdf

  • The White House. (12 May 2021). Executive Order on Improving the Nation’s Cybersecurity. https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/

  • SPDX License IDs
  • SPDX License List
  • OpenChain
  • OWASP CycloneDX
  • OWASP CycloneDX Tool Center
  • OWASP CycloneDX BOM Repository Server
  • OWASP Dependency-Track
  • OWASP Software Component Verification Standard (SCVS)
  • OWASP Software Component Verification Standard (SCVS) BOM Maturity Model