Binarly Files Patent for Advanced CBOM Generation from Binary Executables
Binarly, a leading enterprise in the software and firmware supply chain security industry, today announced that it has registered the US Patent No.12153686, concerning the invention of a novel process for generating cryptographic bills of materials (CBOMs) from binary executables.
The invention underscores Binarly's commitment to deep technical innovation in addressing supply chain risks in modern computing. By combining program analysis and machine learning algorithm , this patented technology enables enterprises to identify cryptographic primitives embedded in software, providing actionable insights into security vulnerabilities – without needing access to the source code.
“As companies work to secure their software supply chains, understanding cryptographic dependencies has become more crucial than ever,” said Alexander Matrosov, CEO and one of the listed inventors of the patented technology. “This innovation enables companies to manage risks and better prepare for a secure future in relation to quantum computers.”
What is a CBOM?
CBOM, Configurable Bill of Materials, is a type of bill of materials used in manufacturing. It allows for customization to meet specific buyer requirements. This means that the CBOM includes all the components needed to design and manufacture a product to the customer's specifications
Bills of Materials are a comprehensive list of raw materials or assemblies required for production. While there are many types of BOMs, some of which are unique to specific business industries, the following 10 types of BOMs stand out as the most common for the manufacturing and engineering industry.
Let's see what the types of basic bills of materials are:
- Bill of Materials (mBOM)
The manufacturing bill of materials (mBOM) is used when a company needs to show all the parts and assemblies needed to build a finished product. Parts that require processing prior to assembly must also be included in the mBOM. The document contains information that is disseminated to all integrated business systems involved in ordering parts and building the product, including Enterprise Resource Planning (ERP), Materials Resource Planning (MRP), and in some cases, a Manufacturing Execution System (MES). This is the most common type of GOOD for a manufacturing company. The mBOM depends on the accuracy of the quantities of parts ordered during the manufacturing process. This allows the purchasing department to maintain optimal planning for parts procurement while negotiating the best possible price from applicable suppliers. - Bill of Materials (eBOM)
The engineering bill of materials (eBOM) is developed during the product design phase and is often based on computer-aided design (CAD) or electronic design automation (EDA) tools. The document typically lists the items, parts, components, subassemblies, and assemblies in the product as designed by the engineering team, often based on their relationships to the parent product (master product) as represented in its assembly drawings. And it is not uncommon for more than one eBOM to be associated with a finished product.
- GOOD of service
La GOOD service manual (often developed by engineers during the design phase) typically includes a list of all parts, installation steps, and repair instructions that service technicians use when installing or repairing a product on-site at the customer's business premises. - GOOD of selling
Unlike other types of GOOD a GOOD of sale provides the details of a finished product before its assembly during the sales phase. In a GOOD of sales, both the finished product and the components are displayed as separate items in the sales order document. Additionally, the parent item will be listed only as a sales item, not as an inventory item, and child items will be listed as sub-items of the parent item. - GOOD of assembly
A GOOD of assembly is similar to a GOOD of sale where the parent item is listed as a sales item and not an inventory item. However, one notable difference is that, unlike the GOOD of sales, only the finished product is displayed in the sales document; child items are not displayed as sub-items. In addition, assembly BOMs can be single-level or multi-level, as we will explain below.
- Production Bill of Materials
A manufacturing BOM often serves as the basis for a production order. It lists the components and subassemblies that make up a finished product, as well as associated prices, descriptions, quantities, and units of measure. During the manufacturing process, physical components can be converted into actual finished goods. With a fully automated BOM system, component requirements, costs, and available materials can be automatically added to work orders, ensuring that raw materials are correctly assigned to products. - Model base list
A template BOM is a highly flexible form of BOM that can be used for production or sales BOMs, typically with the parent items displayed first and the underlying components second. You can update the quantity of these components, swap them out and replace them with other components, or delete them in the BOM or sales order. - GOOD configurable (cBOM)
A GOOD configurable contains all the components needed to design and produce materials to a customer’s specific needs. The cBOM is often used in industries that have highly configurable products such as job shops, heavy machinery, and industrial machinery. - GOOD single level
A GOOD Single-level is typically used for products whose constructions are not complex and do not include subassemblies. Typically, this document contains a total count of all parts used in the construction of a product, and those parts are listed in part number order. The structure of this document type allows only one level of child elements in components, assemblies, and materials. - GOOD multilevel
Unlike one GOOD at a single level, a GOOD multilevel tends to be used for more complex constructions and therefore includes subassemblies, often broken down into further levels of subassemblies. In this document, each item number (raw material or labor) must be associated with a parent item, except at the highest level.