Mercedes-Benz logo
ic_info
image credits: Photo from Bitkom

FOSS SBOM Management @ Mercedes-Benz: This is how we do it!

by Nicolas Krischker, November 22, 2023

Reading time: 5 minutes

Free and Open Source Software (FOSS) and Inner Source are important parts of the IT strategy at Mercedes-Benz. We want to facilitate the mindset and the cultural change behind it in our company. What goes along with this is the establishment of clear internal rules and processes around FOSS, and in particular within the supply chain.

With the FOSS Manifesto and other company activities we demonstrate, that we want to drive Inner and Open Source forward within our company. In a highly regulated industry like ours, we also have to pay heed to rules and establish processes in our supply chain, for example.

With the development of our FOSS Disclosure Portal, we are continuing to build a more efficient, transparent, and digital supply chain. By digitizing and automating our FOSS disclosure process with our internal and external partners we want to further increase transparency regarding the FOSS components we use, for better license compliance and security.

To find out more about how we do our Open Source Software Bill of Materials (SBOM) Management at Mercedes-Benz please check the new Bitkom Open Source Monitor 2023 (see page 25).

In that context we have also attended the Bitkom Open Source Forum 2023, where we have presented the Mercedes-Benz approach to manage FOSS SBOM at scale and the challenges that come with it, you find the slides here. In this session we have also shared insights into our FOSS Disclosure Portal, which we are developing for this purpose.

Nicolas Krischker
Community Manager

Nicolas Krischker

© Mercedes-Benz AG. This is the Open Source website of Mercedes-Benz AG