Software and Security Bill of Materials (SBOMs) have been already part of the Energy and Healthcare supply chain requirements for a number of years. Followed by the US government and its agencies, now being picked up also as a requirement and also good practice in many other industries. In Europe aim is to ensure manufacturers include SBOMs with their internet connected devices, and use SBOMs to support the requirements set out by the Cyber Resilience Act (CRA).
During this talk, we’ve asked Chris Blask to present us with an overview of his experiences with SBOMs in the Energy domain, how suppliers are developing and struggling with their SBOMs, but equally how the SBOMs are being consumed and used by the Energy operators. We’ll try to learn from some best practices and use cases and discuss how the difficulties in getting global suppliers to engage and adopt and where some of the benefits have been found over the years. We’ll discuss how Software supply chain transparency is emerging and even getting to a next level.