CycloneDX Bill of Materials Specification

CycloneDX is a modern standard for the software supply chain. At its core, CycloneDX is a general purpose Bill of Materials (BOM) standard capable of representing software, hardware, services, cryptography, and other types of inventory. CycloneDX is an OWASP flagship project, has a formal standardization process and governance model through Ecma Technical Committee 54, and is supported by the global information security community.

Standards

ECMA-424

Edition: 1st Edition

Publication Date: 2024-07-11

Specification Details

Title	CycloneDX
Current Version	1.6
Publication Date	2024-07-11
Media Types	`vnd.cyclonedx+json` `vnd.cyclonedx+xml`
Developed By	OWASP Foundation Ecma International
Standards	ECMA-424
Technical Committee	TC54
Websites	https://cyclonedx.org https://owasp.org/cyclonedx