SBOM Compliance Series (Part 3): Understanding BSI TR-03183-2 v1.1, Germany Compliance
Overview This is the third part of our SBOM compliance series. In the previous post, we discussed Framing Software Component Transparency (FSCT), how it builds on NTIA and shifts the focus from minimum presence to meaningful transparency. In this post, we will discuss BSI TR-03183-2 v1.1, Germany’s SBOM compliance framework, why it exists, what it expects from an SBOM, and how it compares to what we’ve seen so far. Let’s go. ...