The following outline describes how to start and what to do in order to generate SBOMs. This part is under development, additions will be published periodically. Existing chapters will be updated regularly. Register on IIoTSBOM to be informed about the updates and changes.

Step 1: set out guidelines – Secure Software Development Framework

Step 2: Implement security scanners

Step 3: identify and Manage vulnerabilities

Step 4: Identify and Manage Dependencies

Step 5: Manage licenses and open source relations

Part 6: Generate SBOM

Step 7: Manage SBOM

Step 8: Dynamically manage vulnerabilities based upon SBOM and VEX

Step 9: Automatically manage vulnerabilities based upon VEX

Step 10: Be confident on the Software Supply Chain Security, but watch out for further improvements.