Software Bill of Materials in Critical Infrastructure

Critical infrastructure today is comprised of cyber-physical systems, and therefore also vulnerable to cyber threats. Many of these threats come from within, through malicious code in software updates or bugs that can be exploited. Further exacerbating the issue is the fact that most software suppli...

Full description

Saved in:
Bibliographic Details
Main Authors: Jaatun, Lars Andreassen, Sørlien, Silje Marie, Borgaonkar, Ravishankar Bhaskarrao, Steve, Taylor, Jaatun, Martin Gilje
Format: Book
Language:English
Subjects:
cyber security
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Critical infrastructure today is comprised of cyber-physical systems, and therefore also vulnerable to cyber threats. Many of these threats come from within, through malicious code in software updates or bugs that can be exploited. Further exacerbating the issue is the fact that most software suppliers in critical infrastructure are developing proprietary systems and giving out minimal information about the composition of their software products. With the US introduction of a Software Bill of Materials (SBOM) requirement in federal information systems, they are better prepared to deal with cyber incidents. This article examines regulations regarding software in critical infrastructure, and whether there is any benefit to mandating SBOMs in critical infrastructure.