What’s in the Box? Software Bill of Materials for IoT

Posted on in Presentations

Devices are opaque—how do we trust them? In addition to security standards, transparency of SW components can be a key driver of trust and quality. This talk will share details on industry consensus around “software bill of materials” and present an initial playbook and tools for IoT vendors to share their third-party dependencies, and how enterprise customers can use this to make risk decisions.

Pre-Requisites: Basic understanding of SW development for IoT. NB: can still be understood by policy / business folks to understand the existence/importance of SBOM, template contract language, etc.

Allan Friedman


Senior Advisor and Strategist, CISA

Protecting Data & the Supply Chain Ecosystem Mobile & IoT Security

supply chain risk management Internet of Things application security



Share With Your Community