The OpenChain Project has required Software Bill of Materials for its compliance and security standards since we started the project in 2026. Over the years, we have contributed to the field in various ways, including the development of SPDX Lite (a simple SBOM for suppliers) to a guide to judging SBOM Quality.
Our new SBOM Study Group brings all our various activities together and helps answer the question of “how do we use SBOMs in production, large-scale and complex supply chains?”
This kick-off call:
- Introduced the practical considerations of using SBOMs in supply chains
- Discussed who these considerations apply to
- Talked about existing market solutions: Case Study SPDX Lite
- Had an open discussion on next steps
Watch the Full Recording:
Check Out The Overview Slides:
Check Out The SPDX Lite Case Study:
Everyone with an interest in SBOMs, the use of SBOMs in the supply chain, and in increasing trust in the supply chain is invited to be part of our work. Kobota San from Sony is the chair of this study group in 2024. Kobota San, thank you for stepping forward to start this activity!
