Ç¥ÁØÈ­ Âü¿©¾È³»

TTAÀÇ Ç¥ÁØÇöȲ

Ȩ > Ç¥ÁØÈ­ °³¿ä > TTAÀÇ Ç¥ÁØÇöȲ

Ç¥ÁعøÈ£ TTAK.KO-11.0322 ±¸Ç¥ÁعøÈ£
Á¦°³Á¤ÀÏ 2023-12-06 ÃÑÆäÀÌÁö 19
ÇѱÛÇ¥ÁØ¸í ¿ÀǼҽº SBOM °Å¹ö³Í½º °ü¸® Áöħ
¿µ¹®Ç¥Áظí Open Source SBOM Governance Management Guidelines
Çѱ۳»¿ë¿ä¾à ÀÌ Ç¥ÁØÀº ¼ÒÇÁÆ®¿þ¾î °ø±Þ¸Á ÀÌÇØ°ü°èÀÚµéÀÇ ¿ä±¸»çÇ×À» ±â¹ÝÀ¸·Î SBOM ºÎÀç·Î ÀÎÇÑ À§ÇèÀ» ºÐ¼®ÇÏ¿© ¸íÈ®ÇÑ SBOM °ü¸®¸ñÀûÀ» µµÃâÇÏ°í °ø±Þ¸Á ÀÌÇØ°ü°èÀÚµéÀÇ ¿ä±¸»çÇ׿¡ ºÎÇÕÇÑ SBOM ¼Ó¼º µµÃâ ¹× ¼Ó¼º»ý¼ºÀ» À§ÇØ SBOM ȯ°æºÐ¼®, SBOM °ü¸®Æ÷¸Ë Á¤ÀÇ, ÀÚµ¿È­ Áö¿ø SBOM »ý¼ºÀ» À§ÇÑ °ü¸®Á¤Ã¥, R&R, °ü¸® ÇÁ·Î¼¼½º ±¸Ãà ¹× ÁÖ¿ä ¼öÇà ³»¿ëÀ» Á¦½ÃÇÑ´Ù.
¿µ¹®³»¿ë¿ä¾à Based on the requirements of stakeholders in the software supply chain, this standard first analyzes the risks caused by the absence of SBOM to derive clear SBOM management objectives. In addition, it presents management policies, R&R, management process establishment, and major implementation guidelines for deriving and creating SBOM attributes that meet the requirements of supply chain stakeholders. These guidelines are performed through SBOM environment analysis, SBOM management format definition, and automation-supported SBOM generation.
±¹Á¦Ç¥ÁØ
°ü·ÃÆÄÀÏ TTAK.KO-11.0322.pdf TTAK.KO-11.0322.pdf            

ÀÌÀü
¿ÀǼҽº °Å¹ö³Í½º ±¸¼º¿ä¼Ò
´ÙÀ½
ÀÚÀ²ÁÖÇà ÇнÀµ¥ÀÌÅÍ »ý¼º ¼ÒÇÁÆ®¿þ¾îÀÇ µ¥ÀÌÅÍ º¯È¯ ¹× Áõ½Ä Ç°Áú °ËÁõ ÇÁ·Î¼¼½º