Brussels / 4 & 5 February 2023

schedule

Software Bill of Materials devroom

Room: UB4.136
Calendar: iCal, xCal


09 10 11 12 13 14 15 16 17 18
Sunday Welcome to the SBOM devroom!
Introduction to the devroom		 Generating SBOM made easy with ORT Understanding and Managing the Dependency in SBOM with the New Feature of SW360 AMENDMENT: SBOM with the Yocto Project for Automotive Grade Linux
Intro and lessons learned		 AMENDMENT: Automated SBoM generation with OpenEmbedded and the Yocto Project
A case study of automated SBoM generation in meta build systems		 Hermine: converting SBOMS into legal obligations A standard BOM for Siemens FOSSology and SPDX
How FOSSology works with SPDX		 Build recorder: a system to capture detailed information Discussion on SBOM contents Using SPDX for functional safety REUSE
The gold standard of communicating licensing and copyright information		 A complete compliance toolchain for Yocto projects
(even very large ones, yes)		 In SBOMs We Trust: How Accurate, Complete, and Actionable Are They? The 7 key ingredients of a great SBOM
Ensuring your SBOM includes enough data to be actionable		 Panel discussion: SBOM content, usefulness, and caveats General Q&A on SBOMs SBOM devroom closing

Read the Call for Papers at https://gist.github.com/zvr/c852b4a560ac2c67885c473034cd4a93.

Event Speakers Start End

Sunday
  Welcome to the SBOM devroom!
Introduction to the devroom		 Alexios Zavras, Kate Stewart, Adolfo García Veytia 09:00 09:05
  Generating SBOM made easy with ORT Thomas Steenbergen 09:05 09:30
  Understanding and Managing the Dependency in SBOM with the New Feature of SW360 Kouki Hama 09:30 10:00
  AMENDMENT: SBOM with the Yocto Project for Automotive Grade Linux
Intro and lessons learned		 Jan-Simon Möller 10:00 10:15
  AMENDMENT: Automated SBoM generation with OpenEmbedded and the Yocto Project
A case study of automated SBoM generation in meta build systems		 Joshua Watt 10:15 10:45
  Hermine: converting SBOMS into legal obligations Nicolas Toussaint, Camille Moulin 10:45 11:15
  A standard BOM for Siemens Thomas Graf, Thomas Jensen, Alexander Gschrei 11:15 11:45
  FOSSology and SPDX
How FOSSology works with SPDX		 Gaurav Mishra, Mohammed Shaheem Azmal Madanapalli 11:45 12:00
  Build recorder: a system to capture detailed information Alexios Zavras, Fotios Valasiadis 12:00 12:30
  Discussion on SBOM contents Arnout Vandecappelle 12:30 13:00
  Using SPDX for functional safety Nicole Pappler 13:00 13:30
  REUSE
The gold standard of communicating licensing and copyright information		 Linus Sehn 13:30 13:45
  A complete compliance toolchain for Yocto projects
(even very large ones, yes)		 Carlo Piana, Alberto Pianon 13:45 14:00
  In SBOMs We Trust: How Accurate, Complete, and Actionable Are They? Joseph Hejderup, Henrik Plate 14:00 14:30
  The 7 key ingredients of a great SBOM
Ensuring your SBOM includes enough data to be actionable		 Adolfo García Veytia 14:30 15:00
  Panel discussion: SBOM content, usefulness, and caveats Bradley M. Kuhn, Alexios Zavras, Anthony Harrison, Julian Coccia, Paul Novarese 15:00 16:30
  General Q&A on SBOMs Kate Stewart, Adolfo García Veytia 16:30 16:55
  SBOM devroom closing Alexios Zavras, Kate Stewart, Adolfo García Veytia 16:55 17:00