by Software supply chain security is undoubtedly one of the most concerned information security issues in recent years. Before open source software security, which has received the most attention recently, the security software development life cycle (SSDC) has been continuously advocated in the information security industry for many years. , coupled with the emerging software bill of materials (SBOM), its development is also attracting attention. However, under the condition of different opinions and different behaviors, everyone expects a credible organization that can set widely recognized standards. to make such issues sustainable.
