Building resilient medical technology supply chains with a software bill of materials

An exploited vulnerability in a single software component of healthcare technology can affect patient care. The risk of including third-party software components in healthcare technologies can be managed, in part, by leveraging a software bill of materials (SBOM). Analogous to an ingredients list on...

Descripción completa

Detalles Bibliográficos
Autores principales: Carmody, Seth, Coravos, Andrea, Fahs, Ginny, Hatch, Audra, Medina, Janine, Woods, Beau, Corman, Joshua
Formato: Online Artículo Texto
Lenguaje:English
Publicado: Nature Publishing Group UK 2021
Materias:
Perspective
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7902663/
https://www.ncbi.nlm.nih.gov/pubmed/33623135
http://dx.doi.org/10.1038/s41746-021-00403-w
_version_ 1783654574764064768
author Carmody, Seth
Coravos, Andrea
Fahs, Ginny
Hatch, Audra
Medina, Janine
Woods, Beau
Corman, Joshua
author_facet Carmody, Seth
Coravos, Andrea
Fahs, Ginny
Hatch, Audra
Medina, Janine
Woods, Beau
Corman, Joshua
author_sort Carmody, Seth
collection PubMed
description An exploited vulnerability in a single software component of healthcare technology can affect patient care. The risk of including third-party software components in healthcare technologies can be managed, in part, by leveraging a software bill of materials (SBOM). Analogous to an ingredients list on food packaging, an SBOM is a list of all included software components. SBOMs provide a transparency mechanism for securing software product supply chains by enabling faster identification and remediation of vulnerabilities, towards the goal of reducing the feasibility of attacks. SBOMs have the potential to benefit all supply chain stakeholders of medical technologies without significantly increasing software production costs. Increasing transparency unlocks and enables trustworthy, resilient, and safer healthcare technologies for all.
format Online
Article
Text
id pubmed-7902663
institution National Center for Biotechnology Information
language English
publishDate 2021
publisher Nature Publishing Group UK
record_format MEDLINE/PubMed
spelling pubmed-79026632021-03-11 Building resilient medical technology supply chains with a software bill of materials Carmody, Seth Coravos, Andrea Fahs, Ginny Hatch, Audra Medina, Janine Woods, Beau Corman, Joshua NPJ Digit Med Perspective An exploited vulnerability in a single software component of healthcare technology can affect patient care. The risk of including third-party software components in healthcare technologies can be managed, in part, by leveraging a software bill of materials (SBOM). Analogous to an ingredients list on food packaging, an SBOM is a list of all included software components. SBOMs provide a transparency mechanism for securing software product supply chains by enabling faster identification and remediation of vulnerabilities, towards the goal of reducing the feasibility of attacks. SBOMs have the potential to benefit all supply chain stakeholders of medical technologies without significantly increasing software production costs. Increasing transparency unlocks and enables trustworthy, resilient, and safer healthcare technologies for all. Nature Publishing Group UK 2021-02-23 /pmc/articles/PMC7902663/ /pubmed/33623135 http://dx.doi.org/10.1038/s41746-021-00403-w Text en © The Author(s) 2021 Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made. The images or other third party material in this article are included in the article’s Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the article’s Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/.
spellingShingle Perspective
Carmody, Seth
Coravos, Andrea
Fahs, Ginny
Hatch, Audra
Medina, Janine
Woods, Beau
Corman, Joshua
Building resilient medical technology supply chains with a software bill of materials
title Building resilient medical technology supply chains with a software bill of materials
title_full Building resilient medical technology supply chains with a software bill of materials
title_fullStr Building resilient medical technology supply chains with a software bill of materials
title_full_unstemmed Building resilient medical technology supply chains with a software bill of materials
title_short Building resilient medical technology supply chains with a software bill of materials
title_sort building resilient medical technology supply chains with a software bill of materials
topic Perspective
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7902663/
https://www.ncbi.nlm.nih.gov/pubmed/33623135
http://dx.doi.org/10.1038/s41746-021-00403-w
work_keys_str_mv AT carmodyseth buildingresilientmedicaltechnologysupplychainswithasoftwarebillofmaterials
AT coravosandrea buildingresilientmedicaltechnologysupplychainswithasoftwarebillofmaterials
AT fahsginny buildingresilientmedicaltechnologysupplychainswithasoftwarebillofmaterials
AT hatchaudra buildingresilientmedicaltechnologysupplychainswithasoftwarebillofmaterials
AT medinajanine buildingresilientmedicaltechnologysupplychainswithasoftwarebillofmaterials
AT woodsbeau buildingresilientmedicaltechnologysupplychainswithasoftwarebillofmaterials
AT cormanjoshua buildingresilientmedicaltechnologysupplychainswithasoftwarebillofmaterials

Ejemplares similares