Croot Blog

Home About Tech Hobby Archive

SW 공급망 보안 가이드라인

카테고리기술
태그
  • 가이드라인
수정일Jan 9, 2025
작성일Jan 9, 2025

[240513-%28%EC%9A%94%EC%95%BD%EB%B3%B8%29SW%EA%B3%B5%EA%B8%89%EB%A7%9D_%EB%B3%B4%EC%95%88%EA%B0%80%EC%9D%B4%EB%93%9C%EB%9D%BC%EC%9D%B8.pdf](https://prod-files-secure.s3.us-west-2.amazonaws.com/8daffe33-d95b-4c96-91e6-1b899bcdb2d7/0f5f0886-db60-4a61-8e90-912aeea997fd/240513-%28%EC%9A%94%EC%95%BD%EB%B3%B8%29_SW%EA%B3%B5%EA%B8%89%EB%A7%9D_%EB%B3%B4%EC%95%88_%EA%B0%80%EC%9D%B4%EB%93%9C%EB%9D%BC%EC%9D%B8.pdf?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Credential=ASIAZI2LB466Y34BRVPX%2F20251027%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Date=20251027T141122Z&X-Amz-Expires=3600&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEO7%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLXdlc3QtMiJGMEQCIErVQjr7oe3b7HcSc0muQad6%2FBLUOpr2nJ65pgF5V7V7AiBNI8uTD9I%2BExQau2TULsRFbrH0753y2eYB769lr80QzSqIBAin%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F8BEAAaDDYzNzQyMzE4MzgwNSIM0pEDmQ%2BabrD3JNf%2BKtwD%2Fh5JZrnqf3uQPfzD%2BPtLlK8idmzhK4eaEFI2UTjkMWIs9b%2F4N7aRvAyX%2FlF7L5FJykZF6OFvJBw%2BqJzWkrHm%2FgUGO7VLHBkC%2FyBKbPKyu5F6GOo6x%2FrdC3HmZ6vrE1NZAXj9QVy6BWofsTMzvVHHZ3mAlGGyczeGD5ygwlH8UNrcoX32Zo%2B0I91Qhpft1CSFOyjHx4tipJZi1rkVGasCyWSSgG%2FSQ%2FiXaICchfdU4lautVou4gqM7jZFaFNeW7VgMmpWG9MiaXAatsT6gTgUZE6faXKNxKw4Yniz0PEkrlJo1Jym7urJMZLB7dxxdDAYR8tnbvJnSmRaeWB3TXi0akeIykZ5jZJRHLX%2F2wgFCLGVUcUPJ436KNMM%2BR%2F0ghFv3xSryMy6558yR4%2Flc1FmHvBGmc2kq9Xf%2Fc42g7Ye1qFbU3R6dOfVpWN6E9JpoyWdXIH%2F6lOsxP5AINyKB6MrZlNA3EwYh5I%2BRvid79UCgjQMGEqHTuxKLVa4H5aK42PM2JNx%2F9nC8hGc7qa%2FHCXNUig4qriwhpjuXYKl1bqzw0yHLGBO477p2QLqvT8uFA5VRFLITUS0qC9%2BY6eT6brhjCABxJnoif4BSxLtP98lzYtnqZ6krjDkPw2IxxUwxvD9xwY6pgHfh1CItVxR6h1mgzIoU1mPadBiZzSwGEHzU%2BvZzKWb2qB9ef15kYiWREyG2ZhE%2FEQ%2FJC65Sah05C92POWtc4GRIw%2FBTRL9vuYNmlIvCR5sude%2FdRnznRq8E%2BzMjdIio1GeGUXeA8F71SQZ%2FZ5vXDfCHk%2Fjcuwh0IjYGWx9Zoi%2F898KrKDmTI7pQNLHh8%2F10alDl%2FRMr7nNaf5sj%2FIq744q5wN3IqsK&X-Amz-Signature=3b8dc8d2a2172ce6ff0588793a836267f0dd82b232d8e2873219df4476b8b9ac&X-Amz-SignedHeaders=host&x-amz-checksum-mode=ENABLED&x-id=GetObject)

C-SCRM

  1. 전사 : 상위 수준의 전략, 실행계획 및 정책
  2. 프로세스 : 하위 수준의 전략, 실행계획 및 정책
  3. 운영 : 계획

구축방안

  • SSDF

신뢰성 확보 방안

  • SBOM
Previous Dec 3, 2024
« Gartner 2025