Commerce Dept Continues Work on Software Bill of Materials

Jeff Brody

The Department of Commerce has created a Software Bill of Materials that details the origins of components used in developing software for applications such as internet-of-things technology, FCW reported Wednesday.

Allan Freidman, director of cybersecurity at the National Telecommunications and Information Administration, said at the Black Hat conference in Las Vegas that the SBOM group is currently working on improving information sharing, identifying trusted sources for data storage and establishing ways to process such information.

Cheri Caddy, director of public-private partnerships at the National Security Agency, noted during a recent Atlantic Council event that vulnerable and risky software can be a major benefit to adversaries and malicious actors.

"The problem is we all make risk decisions on different bases, so what is red flags and alarm bells in the national security community in terms of risk might just yield a shrug from certain private-sector partners," she added.

Freidman and Caddy’s comments come as the government continues its oush to prohibit products from Chinese telecommunications firms Huawei and ZTE as well as Russian software company Kaspersky.

You may also be interested in...

Intelligent Vehicle

AWS Collaborates with BlackBerry to Develop Intelligent Vehicle Data Platform

Amazon Web Services (AWS) and BlackBerry Limited announced a multi-year, global agreement to develop and market BlackBerry's Intelligent Vehicle Data Platform (IVY). IVY is a scalable, cloud-connected software platform that will allow automakers to provide a consistent and secure way to read vehicle sensor data, normalize it and create actionable insights from that data both locally in the vehicle and in the cloud.