English
Related papers

Related papers: Hidden Dependencies and Component Variants in SBOM…

200 papers

A Software Bill of Materials (SBOM) is becoming an essential tool for effective software dependency management. An SBOM is a list of components used in software, including details such as component names, versions, and licenses. Using…

Software Engineering · Computer Science 2025-04-10 Rio Kishimoto , Tetsuya Kanda , Yuki Manabe , Katsuro Inoue , Shi Qiu , Yoshiki Higo

Software Bills of Material (SBOMs) are becoming a consolidated, often enforced by governmental regulations, way to describe software composition. However, based on recent studies, SBOMs suffer from limited support for their consumption and…

Software Engineering · Computer Science 2025-05-29 Davide Fucci , Massimiliano Di Penta , Simone Romano , Giuseppe Scanniello

Most of the current software security analysis tools assess vulnerabilities in isolation. However, sophisticated software supply chain security threats often stem from cascaded vulnerability and security weakness chains that span dependent…

Software Engineering · Computer Science 2026-01-29 Laura Baird , Armin Moin

The Software Supply Chain (SSC) security is a critical concern for both users and developers. Recent incidents, like the SolarWinds Orion compromise, proved the widespread impact resulting from the distribution of compromised software. The…

Cryptography and Security · Computer Science 2024-09-11 Giacomo Benedetti , Serena Cofano , Alessandro Brighente , Mauro Conti

The Software Bill of Materials (SBOM) is a critical tool for securing the software supply chain (SSC), but its practical utility is undermined by inaccuracies in both its generation and its application in vulnerability scanning. This paper…

Cryptography and Security · Computer Science 2026-04-20 Li Zhou , Marc Dacier , Charalambos Konstantinou

Supply chain security is extremely important for modern applications running at scale in the cloud. In fact, they involve a large number of heterogeneous microservices that also include third-party software. As a result, security…

Cryptography and Security · Computer Science 2025-10-08 Jacopo Bufalino , Mario Di Francesco , Agathe Blaise , Stefano Secci

A Software Bill of Materials (SBOM) is a machine-readable artifact that systematically organizes software information, enhancing supply chain transparency and security. To facilitate the exchange and utilization of SBOMs, organizations such…

Software Engineering · Computer Science 2026-01-21 Chengjie Wang , Jingzheng Wu , Hao Lyu , Xiang Ling , Tianyue Luo , Yanjun Wu , Chen Zhao

The Software Bill of Materials (SBOM) has emerged as a promising solution, providing a machine-readable inventory of software components used, thus bolstering supply chain security. This paper presents an extensive study concerning the…

Software Engineering · Computer Science 2023-08-31 Tingting Bi , Boming Xia , Zhenchang Xing , Qinghua Lu , Liming Zhu

Modern software applications heavily rely on diverse third-party components, libraries, and frameworks sourced from various vendors and open source repositories, presenting a complex challenge for securing the software supply chain. To…

Software Bill of Materials (SBOMs) are increasingly regarded as essential tools for securing software supply chains (SSCs), yet their real-world use and adoption barriers remain poorly understood. This systematic literature review…

Software Engineering · Computer Science 2025-06-06 Eric O'Donoghue , Yvette Hastings , Ernesto Ortiz , A. Redempta Manzi Muneza

The SolarWinds attack, which exploited weaknesses in a software update mechanism, highlights the critical need for organizations to have better visibility into their software dependencies and potential vulnerabilities associated with them.…

Cryptography and Security · Computer Science 2025-04-23 Can Ozkan , Xinhai Zou , Dave Singelee

Software Bill of Materials (SBOM) provides new opportunities for automated vulnerability identification in software products. While the industry is adopting SBOM-based Vulnerability Scanning (SVS) to identify vulnerabilities, we…

Software Engineering · Computer Science 2025-12-22 Martin Rosso , Muhammad Asad Jahangir Jaffar , Alessandro Brighente , Mauro Conti

Software Bills of Materials (SBOMs) are essential to ensure the transparency and integrity of the software supply chain. There is a growing body of work that investigates the accuracy of SBOM generation tools and the challenges for…

Software Engineering · Computer Science 2025-11-18 Yogya Gamage , Nadia Gonzalez Fernandez , Martin Monperrus , Benoit Baudry

Software supply chain security compromises often stem from cascaded interactions of vulnerabilities, for example, between multiple vulnerable components. Yet, Software Bill of Materials (SBOM)-based pipelines for security analysis typically…

Software Engineering · Computer Science 2026-04-08 Laura Baird , Armin Moin

A Software Bill of Materials (SBOM) is a key component for the transparency of software supply chain; it is a structured inventory of the components, dependencies, and associated metadata of a software artifact. However, an SBOM often…

Software Engineering · Computer Science 2026-02-17 Gianpietro Castiglione , Shahriar Ebrahimi , Narges Khakpour

Background. The Software Bill of Materials (SBOM) is a machine-readable list of all the software dependencies included in a software. SBOM emerged as way to assist securing the software supply chain. However, despite mandates from…

Software Engineering · Computer Science 2025-09-03 Oleksii Novikov , Davide Fucci , Oleksandr Adamov , Daniel Mendez

Ensuring the security of software supply chains requires reliable identification of upstream dependencies. We present the Automatic Bill of Materials, or ABOM, a technique for embedding dependency metadata in binaries at compile time.…

Cryptography and Security · Computer Science 2023-10-17 Nicholas Boucher , Ross Anderson

It is becoming increasingly important in the software industry, especially with the growing complexity of software ecosystems and the emphasis on security and compliance for manufacturers to inventory software used on their systems. A…

Software Engineering · Computer Science 2024-03-15 Devin Pereira , Christopher Molloy , Sudipta Acharya , Steven H. H. Ding

Software Bills of Materials (SBOMs) have emerged as tools to facilitate the management of software dependencies, vulnerabilities, licenses, and the supply chain. While significant effort has been devoted to increasing SBOM awareness and…

Software Engineering · Computer Science 2024-11-27 Trevor Stalnaker , Nathan Wintersgill , Oscar Chaparro , Massimiliano Di Penta , Daniel M German , Denys Poshyvanyk

The rapid growth of software supply chain attacks has attracted considerable attention to software bill of materials (SBOM). SBOMs are a crucial building block to ensure the transparency of software supply chains that helps improve software…

Software Engineering · Computer Science 2023-02-08 Boming Xia , Tingting Bi , Zhenchang Xing , Qinghua Lu , Liming Zhu
‹ Prev 1 2 3 10 Next ›