Comparative Analysis of SBOM Standards: SPDX vs. CycloneDX

This ArXiv article provides a valuable comparative analysis of SPDX and CycloneDX, two key standards in Software Bill of Materials (SBOM) generation. The comparison is crucial for organizations seeking to improve software supply chain security and compliance.

• •Identifies strengths and weaknesses of SPDX and CycloneDX.
• •Aids in selecting the appropriate SBOM standard for specific needs.
• •Supports informed decision-making for software supply chain security.