[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Meeting Agenda - Oct 16

Hi Philippe-Emmanuel,


Great progress, thanks for sharing. I think we can find time to discuss. The discussion of user scenarios should not take long, especially as William Bartholomew who is driving this work will not be with us today.




From: Philippe-Emmanuel Douziech
Sent: Tuesday, October 15, 2019 11:06 PM
To: Kay Williams Subject: RE: Meeting Agenda - Oct 16


Hello all,


There may be no time for another model review, so let me only tell you that there are now in the Modeling directory of the SBOM google drive the following documents:

  • Generated documents (generated so as to remain in sync)
    • generated_3T-SBOM-EMS.docx: the word description of the model
    • generated_3T-SBOM-EMS.xmi: the representation in xmi format of the model
    • with the following evolutions since last Wednesday
      • finer-grain modeling of pedigree information
      • proposition to keep licensing information to a “simple” SPDX license _expression_
      • proposition to keep fewer relation type than SPDX (when there are pairs of reversed relationships)
  • Non-standard representation of the model, for illustration purposes only
    • 3T-SBOM-EMS-classAttributeOrganization.png: classes only
    • 3T-SBOM-EMS-classEnumarationAssociation.png: classes, enumerations, associations
    • Still looking for a solution to generate the standard UML diagram as an SVG file (so far, the tool I used have a watermark “unregistered” or “community edition” as I don’t have a commercial edition of an UML modeler)


Have a good day,


Philippe-Emmanuel Douziech
Principal Research Scientist, CAST Research Labs

M: +33 6 69 95 49 59

CAST | Software Intelligence for Digital LeadersBlog | LinkedIn | Twitter



Hi everyone, I have added a proposed agenda for our meeting tomorrow in our Agenda document (here). It is copied below as well for convenience.  Please let me know if you have additions, suggestions or comments.







  • Housekeeping
    • Welcome new members (Steve Springett, Ido Green)
    • Face to Face Meeting(s)
      • Longer Conference Call Week of Nov 4?
        • One week ahead of 11/11 submission
        • Keep in mind for working group members
      • Nov 18/19 in SanDiego (CD Summit/Kubecon)?
        • Opportunity to meet; Kay exploring meeting locations
      • Dec 10/11 in Long Beach CA (OMG Technical Meeting)
        • Half day on 10th/full day on 11th
        • Dec 9 - presentation to OMG Architecture Board
        • Dec 12 - Architecture Board meets again
  • User scenarios (here) - Kay (filling in for William Bartholomew)
    • What are some reference examples for user scenarios (per Kay’s email to WG)?
    • What other scenarios do we want to add?
    • Small working group for scenarios? Who involved? Next steps?
  • SPDX 3.0
    • William Bartholomew presented SBOM-friendly SPDX 3.0 at monthly tech meeting
      • Remove requirements on licensing
      • Add concepts including the following
        • Signing
        • Ways of describing people, companies (identity)
        • Partial consumption of external SBOM (take a file out of another package)
        • Enhance concept of annotations – attach structured data to different entities in the SBOM
      • Split into profiles (base, licensing, security, etc.)
  • Plan for next week