Recent government and industry activity allows users to know what software what software is used to create and deploy firmware. Software Bills of Materials (SBOM) allow users to see what components were used to create a firmware image, how they are licensed, and which security issues might affect them.
This session highlights UEFI, open-source and industry efforts to integrate and validate SBOMs in each stage of the firmware development process as well as where more work is still needed. The presenter will explore how to use SBOM tools and explain how SBOM affects the supply chain, including OEMs, ODMs and Enterprise customers. Finally, the session will cover some major uses of SBOM, such as licensing and security.