Challenges of Producing Software Bill of Materials for Java
19 Citations•2023•
Musard Balliu, B. Baudry, Sofia Bobadilla
IEEE Security & Privacy
This deep-dive into six tools and the SBOMs they produce for complex open source Java projects, revealing challenges regarding the accurate production and usage ofSBOMs.
Abstract
Software bills of materials (SBOMs) promise to become the backbone of software supply chain hardening. We deep-dive into six tools and the SBOMs they produce for complex open source Java projects, revealing challenges regarding the accurate production and usage of SBOMs.