{"draft":"draft-ietf-opsawg-sbom-access-18","doc_id":"RFC9472","title":"A YANG Data Model for Reporting Software Bills of Materials (SBOMs) and Vulnerability Information","authors":["E. Lear","S. Rose"],"format":["HTML","TEXT","PDF","XML"],"page_count":"18","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"Operations and Management Area Working Group","abstract":"To improve cybersecurity posture, automation is necessary to locate\r\nthe software a device is using, whether that software has known\r\nvulnerabilities, and what, if any, recommendations suppliers may\r\nhave. This memo extends the Manufacturer User Description (MUD) YANG\r\nschema to provide the locations of software bills of materials\r\n(SBOMs) and vulnerability information by introducing a transparency\r\nschema.","pub_date":"October 2023","keywords":[],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC9472","errata_url":null}