| Info | ||
|---|---|---|
| ||
A Plenary session implies that all attendees are expected to attend due to either their relevance or importance to LFN as a whole. This usually means that no other sessions will be running in parallel. Topics may be reclassified as "General Interest" by the Program Committee to run as a parallel session if deemed appropriate. |
Topic Leader(s)
Topic Description
| Excerpt |
|---|
30 minutes. Muddasar Ahmed, Anil Belur We will review real ONAP SBOM, discuss SBOM generation in LFN CI pipeline, progress on onboarding projects as well as lesson learnt. This topic is also proposed under ONAP. If not selected for Plenary presentation, it will be presented under ONAP. |
Topic Overview
An SBOM is a formal, machine-readable inventory of software components and dependencies, information about those components, and their hierarchical relationships. These inventories should be comprehensive – or should explicitly state where they could not be. There are several benefits of creating and using SBOM include reducing cost, security risk, license risk, and compliance risk. SBOMs helps in improving software development, supply chain management, vulnerability management, asset management, procurement, and high assurance processes.
Slides & Recording
...
| Info | ||
|---|---|---|
| ||
Please indicate your session type in the blank space below and then remove this Info field.
LFN Staff may elect to publish some videos to YouTube. Please indicate here if you do not want your session to be published to YouTube. |
Agenda
Awesome presentation
- Point 1
- Point 2
Minutes
Action Items
| View file | ||||
|---|---|---|---|---|
|
| View file | ||||
|---|---|---|---|---|
|
Agenda
- Software Bill of Materials, when is the right time?
- Point 2
Minutes
Muddasar Ahmed shares an overview of recent cyber attacks and the need to improve software supply chain transparency.
- SPDX has been adopted as an ISO standard.
- Anil Belur noted that there is a go script that reads your maven settings to automatically deploy your SBOM.