The Linking the Oil and Gas Industry to Improve Cybersecurity (LOGIIC) program have announced the release of a new study report entitled, “SBOM Study: Managing ICS Software Risks to Oil & Gas.”
In 2021, LOGIIC conducted a study to understand how a software bill of materials (SBOMs) and other vendor capabilities can be used to manage cybersecurity risks to industrial control systems (ICS) software that may be introduced from third-party components that are part of vendor solutions. This study was based on SBOM research conducted by LOGIIC. Reference material for the study included Executive Order 14028 (May 12,2021) that President Biden issued on Improving the Nation’s Cybersecurity. The order includes new requirements for software vendors selling software to the U.S. government. One of these requirements consists of providing a U.S. government purchaser a SBOM for each product either directly or by other means such as a website.
A SBOM is a formal record containing the details and supply chain relationships of various components used in…
