Enhanced SBOM for Optimized Software Sustainment (E-BOSS) Special Notice

Background
The E-BOSS program, sponsored by the Defense Advanced Research Projects Agency (DARPA) Information Innovation Office (I2O), aims to develop Enhanced Software Bill of Material (eSBOM) metadata technology to enable rapid triage-and-remediation of vulnerabilities in software at scale. The goal is to enhance SBOMs and SBOM-driven technologies with new types of metadata and cyber-reasoning algorithms to determine whether flawed or sensitive code is actually reachable and triggerable. This program is in response to the critical need recognized by Executive Order (EO) 14028 to protect the software supply chain from widespread dependency risks and create a policy foundation for software component transparency in software supply chains by requiring Software Bill of Materials (SBOMs) that specify the components and dependencies of a software product.

Work Details
The E-BOSS program aims to develop the capability to preempt or rapidly triage and remediate software vulnerabilities at infrastructure scale, through revolutionary changes in software build chains and runtime systems that enhance and complement SBOM technologies. The program envisions new metadata and cyber-reasoning technologies as an intrinsic part of software build systems, development toolchains, and development, security, and operations (DevSecOps) pipelines, to enable early mitigation of software vulnerabilities and optimize software maintenance and sustainment for security.

Place of Performance
The Proposers Day for the E-BOSS program will be held at the unclassified level on December 13, 2023, from 10:00 AM to 4:00 PM (ET) in person at the Executive Conference Center, located at 4075 Wilson Blvd, Arlington, Virginia, 22203, as well as virtually on ZoomGov.