Using SBOMs to Secure Industrial IoT Devices
CONTENTS 1 Introduction .................................................................................................................... 71 2 SBOMs and VEX Documents ............................................................................................ 71 3 SBOMs for Devices vs . SBOMs for User-Managed Software .............................................. 73
4 Identifying Vulnerabilities in Devices vs . User-Managed Software .................................... 75 |
4.1 |
User Managed Software Risk Management ........................................................................ 75 |
4.2 |
Device Software Guidance ................................................................................................. 77 |
5 What Should the User Organization Require of the Manufacturer ? .................................. 79 6 Conclusion ...................................................................................................................... 81 7 Acknowledgements ......................................................................................................... 81
70 July 2022