Commerce BIS has issued a Final Rule on "Securing the Information and Communications Technology and Services Supply Chain: Connected Vehicles"
Some of you may remember that an earlier version of that rule had an SBOM requirement, one that went much further than existing proposals, as well as advancing a "hardware bill of materials" concept that was also very broad.
The final rule has removed these #SBOM requirements, and relies on broader "Declarations of Conformity" around the absence of Chinese components in connected vehicles.
https://public-inspection.federalregister.gov/2025-00592.pdf
Allan Friedman /
npub1wm…56rqh
2025-01-15 15:10:35
Author Public Key
npub1wm9jnwzsyprlvxmy00jju6vwcw6e2xspyhp2vcjss9cuf75d275qg56rqhSeen on
wss://relay.nostr.bandPublished at
2025-01-15 15:10:35Event JSON
{
"id": "482196a3604ec819b54c67ed50aa754e3babb21cc563435210a73c4a18fc9bb1",
"pubkey": "76cb29b8502047f61b647be52e698ec3b5951a0125c2a662508171c4fa8d57a8",
"created_at": 1736953835,
"kind": 1,
"tags": [
[
"t",
"SBOM"
],
[
"proxy",
"https://infosec.exchange/users/allanfriedman/statuses/113833006558574305",
"activitypub"
]
],
"content": "Commerce BIS has issued a Final Rule on \"Securing the Information and Communications Technology and Services Supply Chain: Connected Vehicles\"\n\nSome of you may remember that an earlier version of that rule had an SBOM requirement, one that went much further than existing proposals, as well as advancing a \"hardware bill of materials\" concept that was also very broad. \n\nThe final rule has removed these #SBOM requirements, and relies on broader \"Declarations of Conformity\" around the absence of Chinese components in connected vehicles.\nhttps://public-inspection.federalregister.gov/2025-00592.pdf",
"sig": "e7240c01d5974d42483cb1c1987f06fd03f94ea70f0e4ef8f5eeb8311db31243157df1fb4084410feac60caf690e1a5bd84b19c033f58504785b464d798b2923"
}