Reliable Energy Analytics Open Sources SAG-PM (TM) Vendor Response XML Schema
Date
9/28/2021 3:17:29 PM
(MENAFN- EIN Presswire)
SAG Logo
Advancing the adoption of SBOM in energy by open sourcing Vendor Response XML schema supporting NERC CIP-013-1 Standard
Software vendors and customers benefit from having a single, automated solution for software supply chain responses to questionnaires, eliminating the need to process different formats” — Dick BrooksWESTFIELD, MA, USA, September 28, 2021 /EINPresswire.com / -- Today, Reliable Energy Analytics, LLC (REA) is pleased to announce the open sourcing of its SAG-PM (TM) Vendor Response XML schema for NERC CIP-013-1 compliance and for software vendors to easily address customer supply chain questionnaire responses, in an automated manner. The open-source SAG-PM (TM) Vendor Response XML schema is available on GitHub at
Today's announcement also helps software vendors and their software consumers adopt NTIA compliant SBOM formats by providing a simple method to identify the download location of a product's SBOM and its SBOM description details, i.e., format, version, etc. The response file also provides a software consumer with all of the evidence needed to show compliance, e.g., during a NERC CIP-013 audit. The new, open-source schema contains other useful information that a software consumer may find useful on a per product basis, for example, an indicator for known vulnerabilities, Commercial Status, Support Status and other data to help manage software asset inventories and proactively prevent malware from being installed.
Software vendors no longer need to produce multiple, unique, customer questionnaire responses to customer inquiries during software supply chain vetting. A software vendor can provide all of its customers with a comprehensive response to all questionnaires using this one Vendor Response method. Software consumers also find benefit in having this standardized, automated response file format, eliminating the need to process different vendor response formats and content. The Vendor Response XML schema contains explicit, defined semantics for critical information, such as a product's support status and commercial status.
REA welcomes all software vendors to download the open-source XML schema and provide their customers with a consistent and complete Vendor Response XML file that is accessible through an access-controlled customer portal owned by the vendor, to prevent unauthorized access to this sensitive data. REA also encourages software vendors to contribute to development of the open-source XML schema in order to improve on the benefits it provides.
Never trust software, always verify and report! (TM)
Dick Brooks
Reliable Energy Analytics LLC
+1 978-696-1788
email us here
MENAFN28092021003118003196ID1102881170
Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.