Skip to content

Objectives

Objectives of SBOM Quality Assurance

The SBOM Quality Assurance (SBOM-QA) project aims to establish a benchmarking framework for evaluating open source Software Composition Analysis (SCA) tools. It focuses on:

  • Assessing the accuracy, completeness, and consistency of SBOM generation tools.
  • Generating SBOMs from a controlled set of open source repositories.
  • Comparing tool outputs against reference SBOMs derived from the GitHub dependency graphs of target projects.
  • Providing actionable insights to improve transparency, security, and compliance in software supply chains.

For detailed project guidance, see the SBOM Quality Assurance Test.