search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Developing and Using a Software Bill of Materials Framework

Podcast
By
Carol Woody and Michael Bandor discuss a Software Bill of Materials framework to help organizations establish a comprehensive set of practices and processes.
Publisher

Software Engineering Institute

DOI (Digital Object Identifier)
10.58012/m4xh-6f83

Listen

Watch

Abstract

With the increasing complexity of software systems, the use of third-party components has become a widespread practice. Cyber disruptions, such as SolarWinds and Log4j, demonstrate the harm that can occur when organizations fail to manage third-party components in their software systems. In this SEI podcast, Carol Woody, principal researcher, and Michael Bandor, a senior software engineer, discuss a Software Bill of Materials (SBOMs) framework to help promote the use of SBOMs and establish a more comprehensive set of practices and processes that organizations can leverage as they build their programs. They also offer guidance for government agencies who are interested in incorporating SBOMs into their work.

About the Speaker

Headshot of Carol Woody.

Carol Woody

Dr. Carol Woody has been a senior member of the technical staff since 2001. Currently she is the technical manager for the Cyber Security Engineering (CSE) team, whose research focuses on meeting the challenges of cyber security in acquisition, system and software engineering.  CSE is building capabilities in defining, acquiring, …

Read more
Headshot of Michael Bandor

Michael S. Bandor

SHARE

Supplemental Materials

Download the Transcript
Related Links
SEI Blog Post: Applying the SEI SBOM Framework
Ask a question about this Podcast