Mining BOMs for Improving Supply Chain Efficiency & Resilience
Kate Stewart, Linux Foundation
Abstract: Bill of Materials (BOMs) have been present in the shipping of physical products for decades, but as more modern systems (including AI) have come to rely increasingly on software and data, these elements are now essential to capture as well. Software Bill of Materials (SBOMs) are gaining adoption in industry due to increasing software complexity, emerging regulatory requirements (e.g., FDA, CRA), and the expansion of software’s role in critical systems (automotive, medical, space, industrial, etc.). The sheer scale of SBOM metadata generated, the diverse information needed across the software lifecycle, and the need to leverage this data for various risk analyses (security, license, operational, safety, AI) require robust solutions and different perspectives on this material. This keynote will look at the current challenges in the SBOM landscape in terms of generating and maintaining such data. It will explore the challenges that are there for being able to extract knowledge from the BOM metadata for continuous safety compliance for products that may be leveraging open source components in safety critical domains.
Bio: Kate Stewart is a Senior Director of Strategic Programs at the Linux Foundation. She is responsible for the Open Compliance programs encompassing the SPDX, FOSSology, OpenChain, and other compliance related projects. Kate was one of the founders of SPDX, and is currently the specification lead. Since joining the Linux Foundation, she has also launched collaborations on metrics (CHAOSS), Real-Time Linux and the Zephyr Project. She also supports other key embedded projects, including Yocto. With over 30 years of experience in the software industry, she has held a variety of roles and worked as a developer in Canada, Australia, and the US. During the last 20 years, she has managed software development teams in the US, Canada, UK, India, and China. She received her Master’s in computer science from the University of Waterloo and a Bachelor’s of computer science (co-op program) from the University of Manitoba.
Accepted Papers
| Title | |
|---|---|
| Mining BOMs for Improving Supply Chain Efficiency & Resilience Keynotes |