Inactive

The goal of the E-BOSS program is to develop Enhanced Software Bill of Material (eSBOM) metadata technology to enable rapid triage-and-remediation of vulnerabilities in software at scale. The toolchai... The goal of the E-BOSS program is to develop Enhanced Software Bill of Material (eSBOM) metadata technology to enable rapid triage-and-remediation of vulnerabilities in software at scale. The toolchain components developed will emit advanced metadata alongside other SBOM information to effectively analyze and verify software. The metadata incorporated in the eSBOMs will enable trace back of discovered flaw evidence to its triggers, starting from a crash and walking back through complex inter-component interactions, transfers, and transformations to derive the triggers. Rapid remediation is then achieved by blocking the triggers and / or utilizing the metadata to identify what and where to apply fixes. Through eSBOMs, E-BOSS enables cyber-reasoning and assured transformations of the software deliverable for improved software development, testing, and sustainment.