Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore a conference talk that introduces KernelSBOM, an innovative tool designed to reconstruct complete Linux kernel build graphs by analyzing .cmd files to recover exact compilation commands, inputs, and outputs. Learn how this approach generates three interlinked SPDX 3.0 documents—source, build, and output—that comprehensively encode all build metadata and dependencies for enhanced supply chain security and compliance. Discover the methodology behind analyzing kernel build processes, understand the benefits of automated SBOM generation for Linux kernels, and examine current limitations and challenges in implementation. Gain insights into the practical applications of kernel SBOMs in software supply chain management and the long-term vision of integrating SBOM generation directly into the kernel build process. This presentation demonstrates how modern tooling can provide transparency and traceability in one of the most critical components of the Linux ecosystem.
