Software has eaten the world, and its supply chain gives us heartburn. This presentation will outline a framework for understanding supply chain risks and provides concrete recommendations for policy makers and company executives based on real-world examples, and give an overview of the emerging best practice around ‘Software Bill of Materials’.