SAG-PM (TM) Open Supplier Response XML Schema Reliable Energy Analysis Sources
Advance SBOM adoption in energy by opening Supplier Response XML Schema supporting NERC CIP-013-1
– Dick Brooks
WESTFIELD, MA, USA, September 28, 2021 /EINPresswire.com/ – Today, Reliable Energy Analytics, LLC (REA) is pleased to announce the open source of its SAG Supplier Response XML Schema- PM (TM) for NERC CIP-013-1 and for software vendors to easily process responses to customer supply chain questionnaires in an automated fashion. The open source SAG-PM (TM) provider response XML schema is available on GitHub at https://github.com/rjb4standards/REA-Products/raw/master/SAGVendorSchema.xsd
Today’s announcement also helps software vendors and their users adopt NTIA-compliant SBOM formats by providing an easy method to identify a product’s SBOM download location and description details. SBOM, i.e. format, version, etc. The response file also provides consumer software with all the evidence needed to demonstrate compliance, for example, during a NERC CIP-013 audit. The new open source schema contains other useful information that a software consumer may find useful by product, for example, an indicator of known vulnerabilities, business status, media status, and other data to help manage software asset inventories and proactively prevent malware from being installed.
Software vendors no longer need to produce multiple and unique customer questionnaire responses to customer inquiries when verifying the software supply chain. A software vendor can provide all of its customers with a complete response to all questionnaires using this vendor response method. Software users also find an advantage in having this automated and standardized response file format, thereby eliminating the need to process different vendor response formats and content. The Supplier Response XML Schema contains explicit and defined semantics for critical information, such as the support status and trade status of a product.
REA invites all software vendors to download the open source XML schema and provide their customers with a consistent and complete vendor response XML file accessible through a vendor-owned controlled access customer portal to prevent unauthorized access to this sensitive data. REA also encourages software vendors to contribute to the development of the open source XML schema in order to enhance the benefits it offers.
Never trust software, always check and report! (MT)
Reliable Energy Analytics LLC
write us here