Software bills of
materials
DHS Tasks Startups With Developing Software Supply Chain Transparency Tools
Seven startups have won phase 1 other transaction awards worth a combined $1.4 million from the Department of Homeland Security Science and Technology Directorate to develop tools supporting the generation, reporting and management of software bills of materials, which list the “ingredients” that constitute computer programs. SBOMs contain the various components and dependencies used to build and distribute such software and are meant to aid in identifying potential vulnerabilities.
DHS S&T’s Silicon Valley Innovation Program selected the companies after posting a solicitation in 2022 asking small businesses to submit proposals for open-source-based tools aimed at enhancing software supply chain transparency. The awardees are expected to work together to construct a multi-format SBOM translator and a software component identifier translator to be integrated into their respective projects.
The largest grant went to Kirkland, Washington-based Chainguard, which received $200,000 to create an SBOM composition tool and test suites of both individual and combined SBOMs. Meanwhile, Jasper, Alabama-based TestifySec received $199,990 to support the ongoing development of a platform that provides a DevOps pipeline for SBOM generation, DHS said.
Category: Digital Modernization