Guidelines for the Creation of Interoperable Software Identification (SWID) Tags

Published: April 22, 2016

Author(s)

David A. Waltermire, Brant Cheikes, Larry Feldman, Gregory A. Witte

Abstract

This report provides an overview of the capabilities and usage of software identification (SWID) tags as part of a comprehensive software lifecycle. As instantiated in the International Organization for Standardization/International Electrotechnical Commission 19770-2 standard, SWID tags support numerous applications for software asset management and information security management. This report introduces SWID tags in an operational context, provides guidelines for the creation of interoperable SWID tags, and highlights key usage scenarios for which SWID tags are applicable.
Citation: NIST Interagency/Internal Report (NISTIR) - 8060
Report Number:
8060
Pub Type: NIST Pubs

Keywords

software, software asset management, software identification (SWID), software identification tag
Created April 22, 2016, Updated November 10, 2018