{"id":"https://openalex.org/W4409156830","doi":"https://doi.org/10.1109/trustcom63139.2024.00077","title":"SBOM Generation Tools in the Python Ecosystem: an In-Detail Analysis","display_name":"SBOM Generation Tools in the Python Ecosystem: an In-Detail Analysis","publication_year":2024,"publication_date":"2024-12-17","ids":{"openalex":"https://openalex.org/W4409156830","doi":"https://doi.org/10.1109/trustcom63139.2024.00077"},"language":"en","primary_location":{"id":"doi:10.1109/trustcom63139.2024.00077","is_oa":false,"landing_page_url":"https://doi.org/10.1109/trustcom63139.2024.00077","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE 23rd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5107555282","display_name":"Serena Cofano","orcid":null},"institutions":[{"id":"https://openalex.org/I83816512","display_name":"University of Genoa","ror":"https://ror.org/0107c5v14","country_code":"IT","type":"education","lineage":["https://openalex.org/I83816512"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Serena Cofano","raw_affiliation_strings":["IMT Lucca &amp; University of Genoa,Genoa,Italy"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"IMT Lucca &amp; University of Genoa,Genoa,Italy","institution_ids":["https://openalex.org/I83816512"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5107589359","display_name":"Giacomo Benedetti","orcid":null},"institutions":[{"id":"https://openalex.org/I83816512","display_name":"University of Genoa","ror":"https://ror.org/0107c5v14","country_code":"IT","type":"education","lineage":["https://openalex.org/I83816512"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Giacomo Benedetti","raw_affiliation_strings":["University of Genoa,Genoa,Italy"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Genoa,Genoa,Italy","institution_ids":["https://openalex.org/I83816512"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5027942683","display_name":"Matteo Dell\u2019Amico","orcid":"https://orcid.org/0000-0003-3152-4993"},"institutions":[{"id":"https://openalex.org/I83816512","display_name":"University of Genoa","ror":"https://ror.org/0107c5v14","country_code":"IT","type":"education","lineage":["https://openalex.org/I83816512"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Matteo Dell\u2019Amico","raw_affiliation_strings":["University of Genoa,Genoa,Italy"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Genoa,Genoa,Italy","institution_ids":["https://openalex.org/I83816512"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":4.5602,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.95560448,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":95,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"427","last_page":"434"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11986","display_name":"Scientific Computing and Data Management","score":0.8955000042915344,"subfield":{"id":"https://openalex.org/subfields/1802","display_name":"Information Systems and Management"},"field":{"id":"https://openalex.org/fields/18","display_name":"Decision Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T11986","display_name":"Scientific Computing and Data Management","score":0.8955000042915344,"subfield":{"id":"https://openalex.org/subfields/1802","display_name":"Information Systems and Management"},"field":{"id":"https://openalex.org/fields/18","display_name":"Decision Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/python","display_name":"Python (programming language)","score":0.7973958253860474},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6542668342590332},{"id":"https://openalex.org/keywords/ecosystem","display_name":"Ecosystem","score":0.5281785726547241},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.36046573519706726},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.3065207600593567},{"id":"https://openalex.org/keywords/ecology","display_name":"Ecology","score":0.16147619485855103},{"id":"https://openalex.org/keywords/biology","display_name":"Biology","score":0.06263330578804016}],"concepts":[{"id":"https://openalex.org/C519991488","wikidata":"https://www.wikidata.org/wiki/Q28865","display_name":"Python (programming language)","level":2,"score":0.7973958253860474},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6542668342590332},{"id":"https://openalex.org/C110872660","wikidata":"https://www.wikidata.org/wiki/Q37813","display_name":"Ecosystem","level":2,"score":0.5281785726547241},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.36046573519706726},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.3065207600593567},{"id":"https://openalex.org/C18903297","wikidata":"https://www.wikidata.org/wiki/Q7150","display_name":"Ecology","level":1,"score":0.16147619485855103},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.06263330578804016}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/trustcom63139.2024.00077","is_oa":false,"landing_page_url":"https://doi.org/10.1109/trustcom63139.2024.00077","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE 23rd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","raw_type":"proceedings-article"},{"id":"pmh:oai:iris.unige.it:11567/1249137","is_oa":false,"landing_page_url":"https://hdl.handle.net/11567/1249137","pdf_url":null,"source":{"id":"https://openalex.org/S4377196291","display_name":"CINECA IRIS Institutial Research Information System (University of Genoa)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I83816512","host_organization_name":"University of Genoa","host_organization_lineage":["https://openalex.org/I83816512"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/conferenceObject"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Life in Land","id":"https://metadata.un.org/sdg/15","score":0.47999998927116394}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":9,"referenced_works":["https://openalex.org/W2565788456","https://openalex.org/W3212800749","https://openalex.org/W4308562555","https://openalex.org/W4365505517","https://openalex.org/W4384345766","https://openalex.org/W4386320426","https://openalex.org/W4386977908","https://openalex.org/W4398186389","https://openalex.org/W4402040536"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2341492732","https://openalex.org/W3187193180","https://openalex.org/W106542691","https://openalex.org/W1699080303","https://openalex.org/W4297799326","https://openalex.org/W2207495067","https://openalex.org/W1906486629"],"abstract_inverted_index":{"Software":[0,23],"Bills":[1],"of":[2,22,70,118,132],"Material":[3],"(SBOMs),":[4],"which":[5],"improve":[6],"transparency":[7],"by":[8],"listing":[9],"the":[10,19,42,68,71,80,91,116,123,130],"components":[11],"constituting":[12],"software,":[13],"are":[14,47],"a":[15,48,55,112],"key":[16],"countermeasure":[17],"to":[18,99],"mounting":[20],"problem":[21],"Supply":[24],"Chain":[25],"attacks.":[26],"SBOM":[27,37,59,74,87],"generation":[28,88],"tools":[29,89],"take":[30],"project":[31],"source":[32],"files":[33,134],"and":[34,57,76,106],"provide":[35],"an":[36,62],"as":[38,135,137],"output,":[39],"interacting":[40],"with":[41,115],"software":[43],"ecosystem.":[44,82,125],"While":[45],"SBOMs":[46],"substantial":[49],"improvement":[50],"for":[51,120],"security":[52],"practitioners,":[53],"providing":[54],"complete":[56],"correct":[58],"is":[60,143],"still":[61],"open":[63],"problem.":[64],"This":[65,126],"paper":[66],"investigates":[67],"causes":[69],"issues":[72,97],"affecting":[73],"completeness":[75],"correctness,":[77],"focusing":[78],"on":[79],"PyPI":[81,124],"We":[83],"analyze":[84],"four":[85],"popular":[86],"using":[90],"CycloneDX":[92],"standard.":[93],"Our":[94],"analysis":[95],"highlights":[96],"related":[98],"dependency":[100],"versions,":[101],"metadata":[102,121,133],"files,":[103],"remote":[104],"dependencies,":[105],"optional":[107],"dependencies.":[108],"Additionally,":[109],"we":[110],"identified":[111],"systematic":[113],"issue":[114],"lack":[117],"standards":[119],"in":[122,129,139],"includes":[127],"inconsistencies":[128],"presence":[131],"well":[136],"variations":[138],"how":[140],"their":[141],"content":[142],"formatted.":[144]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":4}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}