RFE: SBOM and MUD support

[mmaymann]

Hi,
Request for FDO functionality enhancements:

1. SBOM (Software Bill Of Material) to be able to validate risks thoughout IOT device lifetime (e.g. CycloneDX)
2. MUD (Manufacturer Usage Description) to easily create ACLs (Access Control Lists) for IOT device types (e.g. IETF)
   Thanks in advance 😊

[DukeDavis12]

Hi @mmaymann,

1. SBOM (Software Bill Of Material) to be able to validate risks thoughout IOT device lifetime

To get the Software BOM; you can run mvn dependency:tree command on the root folder to get the details of every component used.

2. MUD - Can you give more details?

[mmaymann]

@DukeDavis12: thanks for your reply.
1: sorry, what I mean is SBOM support (in TPM) from manufacturing (inside FDO) of the IOT device, so that customers can track SBOM risks of IOT devices during its entire lifecycle.
2: https://developer.cisco.com/docs/mud/#!what-is-mud/what-is-mud (in TPM) again from manufacturing (inside FDO) of the IOT device, so that customers can easily create ACLs to grant POLP access to onboarded IOT devices e.g. in a NAC like I requested here:
sonic-net/SONiC#1362