This repo accumulate underlying data and analysis results for assessing the current landscape of open-source and proprietary tools related to Software Bill of Materials (SBOM). We investigate emerging use cases in software supply chain security and identify gaps in SBOM technologies. Our current analysis encompasses 84 tools, providing a snapshot of the current market and highlighting areas for improvement.
Preliminary Study Report Can be Found here: https://arxiv.org/abs/2402.11151
Cite us! :)
@inproceedings{Garcia2025,
title = {A Landscape Study of Open-Source Tools for Software Bill of Materials (SBOM) and Supply Chain Security},
url = {http://dx.doi.org/10.1109/SVM66695.2025.00010},
DOI = {10.1109/svm66695.2025.00010},
booktitle = {2025 IEEE/ACM 3rd International Workshop on Software Vulnerability Management (SVM)},
publisher = {IEEE},
author = {Garcia, Derek and Mirakorhli, Mehdi Tarrit and Dillon, Schuyler and Laporte, Kevin and Morrison, Matthew and Lu, Henry and Koscinski, Viktoria and Enoch, Christopher and Fazelnia, Mohamad and Chen, Roger},
year = {2025},
month = may,
pages = {37–45}
}