{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,11]],"date-time":"2026-03-11T02:27:22Z","timestamp":1773196042391,"version":"3.50.1"},"reference-count":28,"publisher":"IEEE","license":[{"start":{"date-parts":[[2025,12,8]],"date-time":"2025-12-08T00:00:00Z","timestamp":1765152000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2025,12,8]],"date-time":"2025-12-08T00:00:00Z","timestamp":1765152000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025,12,8]]},"DOI":"10.1109\/acsacw69556.2025.00029","type":"proceedings-article","created":{"date-parts":[[2026,3,9]],"date-time":"2026-03-09T19:56:13Z","timestamp":1773086173000},"page":"230-235","source":"Crossref","is-referenced-by-count":0,"title":["Probing Challenges and Future Research of SBOM Generation for Medical Devices"],"prefix":"10.1109","author":[{"given":"Hui","family":"Zhuang","sequence":"first","affiliation":[{"name":"Northeastern University,Boston,USA"}]},{"given":"Yan","family":"Long","sequence":"additional","affiliation":[{"name":"Northeastern University,Boston,USA"}]},{"given":"Duyeong","family":"Kim","sequence":"additional","affiliation":[{"name":"Korea University,Seoul,Republic of Korea"}]},{"given":"Jennifer R.","family":"Amos","sequence":"additional","affiliation":[{"name":"University of Illinois Urbana-Champaign,Urbana,USA"}]},{"given":"Heejo","family":"Lee","sequence":"additional","affiliation":[{"name":"Korea University,Seoul,Republic of Korea"}]},{"given":"Kevin","family":"Fu","sequence":"additional","affiliation":[{"name":"Northeastern University,Boston,USA"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1038\/s41746-021-00403-w"},{"key":"ref2","volume-title":"Log4j vulnerability \u2013 what everyone needs to know","year":"2021"},{"key":"ref3","article-title":"Wannacry ransomware attack","author":"contributors","year":"2024"},{"key":"ref4","article-title":"Cybersecurity in medical devices: Quality system considerations and content of premarket submissions","volume-title":"guidance for Industry and Food and Drug Administration Staff, Docket No. FDA-2021-D-1158","year":"2025"},{"key":"ref5","volume-title":"Known exploited vulnerabilities catalog","year":"2024"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1145\/3689942.3694742"},{"key":"ref7","article-title":"Framing software component transparency: Establishing a common software bill of materials (sbom), second edition","year":"2021"},{"key":"ref8","article-title":"Fda-compliant sbom generation & maintenance for medical devices","year":"2025"},{"key":"ref9","article-title":"Sbom generation and management for medical devices","year":"2025"},{"key":"ref10","article-title":"Medical device sbom management software","year":"2025"},{"key":"ref11","article-title":"Secure software supply chain management","author":"Labs","year":"2025"},{"key":"ref12","article-title":"Syft: Cli tool and library for generating a software bill of materials from container images and filesystems","author":"Anchore","year":"2020"},{"key":"ref13","volume-title":"Tidepool loop receives fda clearance","year":"2025"},{"key":"ref14","article-title":"Tidepool loop has received fda clearance","author":"Look","year":"2023"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1145\/3605098.3635927"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/SANER48275.2020.9054845"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1145\/3510003.3510627"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1145\/3625294"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1145\/3597503.3639100"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2019.00100"},{"key":"ref21","article-title":"Trivy: Vulnerability and misconfiguration scanner","author":"Security","year":"2024"},{"key":"ref22","article-title":"Tern: A software composition analysis tool for containers","author":"VMware","year":"2024"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE43902.2021.00083"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE48619.2023.00034"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1145\/3597503.3639209"},{"key":"ref26","article-title":"cdxgen: A universal SBOM generator for multiple ecosystems","author":"Springett","year":"2023"},{"key":"ref27","article-title":"sbomqs: Quality metrics for sboms","year":"2025"},{"key":"ref28","article-title":"Cyclonedx cli: Sbom analysis and conversion tool","author":"Foundation","year":"2025"}],"event":{"name":"2025 Annual Computer Security Applications Conference Workshops (ACSAC Workshops)","location":"Honolulu, HI, USA","start":{"date-parts":[[2025,12,8]]},"end":{"date-parts":[[2025,12,9]]}},"container-title":["2025 Annual Computer Security Applications Conference Workshops (ACSAC Workshops)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/11417955\/11417996\/11418058.pdf?arnumber=11418058","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,10]],"date-time":"2026-03-10T05:39:37Z","timestamp":1773121177000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11418058\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,12,8]]},"references-count":28,"URL":"https:\/\/doi.org\/10.1109\/acsacw69556.2025.00029","relation":{},"subject":[],"published":{"date-parts":[[2025,12,8]]}}}