Framing Software Component Transparency (2024)
This document, the third edition, further defines and clarifies SBOM Attributes from the 2021 Framing Software Component Transparency document, offering descriptions of the minimum expected, recommended practices, and aspirational goal for each Attribute. The work reflected in this document is a product of extensive discussion in the SBOM Tooling and Implementation Working Group, a Cybersecurity and Infrastructure Security Agency (CISA) community-driven workstream, and feedback from across the software community.