kth.sePublications
EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Challenges of Producing Software Bill of Materials for Java
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Theoretical Computer Science, TCS.ORCID iD: 0000-0001-6005-5992
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Software and Computer systems, SCS.ORCID iD: 0000-0002-4015-4640
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Theoretical Computer Science, TCS.ORCID iD: 0000-0003-3116-3278
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.ORCID iD: 0000-0003-3922-9606
Show others and affiliations
2023 (English)In: IEEE Security and Privacy, ISSN 1540-7993, E-ISSN 1558-4046, Vol. 21, no 6, p. 12-23Article in journal (Refereed) Published
Abstract [en]

Software bills of materials (SBOMs) promise to become the backbone of software supply chain hardening. We deep-dive into six tools and the SBOMs they produce for complex open source Java projects, revealing challenges regarding the accurate production and usage of SBOMs.
Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE) , 2023. Vol. 21, no 6, p. 12-23
Keywords [en]
Java, Software, Production, Supply chain management, Standards, Bills of materials, Software reliability
National Category
Software Engineering
Identifiers
URN: urn:nbn:se:kth:diva-343925DOI: 10.1109/MSEC.2023.3302956ISI: 001107292700005Scopus ID: 2-s2.0-85170551424OAI: oai:DiVA.org:kth-343925DiVA, id: diva2:1842523
Funder
Swedish Foundation for Strategic Research, CHAINS
Note

QC 20240314

Available from: 2024-03-05 Created: 2024-03-05 Last updated: 2024-03-14Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Balliu, MusardBaudry, BenoitBobadilla, SofiaEkstedt, MathiasMonperrus, MartinRon Arteaga, JavierSharma, AmanSkoglund, GabrielSoto Valero, CésarWittlinger, Martin

Search in DiVA

By author/editor
Balliu, MusardBaudry, BenoitBobadilla, SofiaEkstedt, MathiasMonperrus, MartinRon Arteaga, JavierSharma, AmanSkoglund, GabrielSoto Valero, CésarWittlinger, Martin
By organisation
Theoretical Computer Science, TCSSoftware and Computer systems, SCSNetwork and Systems Engineering
In the same journal
IEEE Security and Privacy
Software Engineering

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 315 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.46.0
|
WCAG
|
KTH Library
|
DiVA support
|
Register in DiVA
|
Posting your thesis
|
SwePub