The SBOM PoC’s web site is up!

I’m pleased to report that Idaho National Laboratories (INL) has put up an engaging web site that will serve as the one-stop-shop for the Energy SBOM (software bill of materials) Proof of Concept program. The program is co-sponsored by the National Technology and Information Administration (NTIA) of the Department of Commerce and the Office of Cybersecurity, Energy Security and Emergency Response (CESER) of the Department of Energy. INL is the home of DoE’s CyTRICS program, whose leader, Virginia Wright, is co-leader (with me) of the PoC.

One type of information you can find on the site is the times and connection information for upcoming meetings, of which the next one is this Wednesday May 19, from 12-1 PM ET. Note that we plan to have bi-weekly meetings at the same time on Wednesdays, so the next one will be June 2 (I can’t believe June is coming up, since it seems Chicago just crawled out of a brutal February).

The PoC ‘s kickoff meeting was on April 26 and the video should be available shortly. In fact, videos and meeting notes from all meetings will be available on the site, as well as links to various articles of interest (plus videos of the four informational webinars we conducted from January through April). And since we’re planning on conducting an active hands-on educational program during the PoC, you can be sure some of that will be facilitated on the site itself.

We definitely need a web site, since interest in the PoC is much higher than I anticipated (at least for this stage of the program). On the “user side”, we have 32 power market participant organizations (mostly utilities) and industry organizations (e.g. EEI and NATF). On the “supply side”, we have 14 suppliers of software, devices, or tools for security management.

And there are a number of government agencies and consulting firms of various types – as well as a few people who seem to be just curious about SBOMs. That’s one of the best things about this PoC: there will be very little that we discuss that applies uniquely to the energy industry. Why, you might invite your neighbor who’s in insurance to join you at the meetings! As long as they don’t try to sell me more life insurance.

Any opinions expressed in this blog post are strictly mine and are not necessarily shared by any of the clients of Tom Alrich LLC. If you would like to comment on what you have read here, I would love to hear from you. Please email me at tom@tomalrich.com.