The IIoTSBOM project aims to support companies and professionals in the following ways :

  1. Getting you started …
  2. Overall support the development of SBOMs with end users, technology developers and integrators
  3. Access to experts and expertise
  4. Organize awareness – webinars, information sessions, documentation, use cases and pre-formatted examples
  5. Supporting the steps to be taken, for different target audiences
  6. SBOM advantages – Business Case, analogy with other Bill of Materials – differences
  7. Composition and maintenance of SBOMs, reference-architectures
  8. Collaboration – shared responsibility models in cooperation with customers – suppliers, how to share and distribute information
  9. Contract management – procurement examples, legal implications and ethical considerations  
  10. SBOM management – technology for process automation, security and risk management
  11. Roles, responsibilities and execution
  12. VEX – Vulnerability Exchange – data exchange, information exchange, automation
  13. Where and how to gather information and documentation, developing structured questionnaires, integration in purchasing process
  14. Examples and demonstrators of Generating machine & human readable documents
  15. Stimulating distribution and sharing of SBOMs
  16. Signing and vetting procedures and mechanism for signing and vetting
  17. How to consume SBOMs – customer integrations – developing Proof of Concepts
  18. Aligning SBOM with technical standards, sector expectations (National Authorities), legislation and regulations, policy making under development : ISO27k, IIoT certificatie, WIB, …
  19. Choosing the right formats – mechanisms for the development of SBOMs, available tools and technology – potential alternative models (reference integrity manifest, shared responsibility
  20. seeing the bigger picture – supply chain security – Third Party Risk, Vendor Risk