About Us

Laser Focus World is an industry bedrock—first published in 1965 and still going strong. We publish original articles about cutting-edge advances in lasers, optics, photonics, sensors, and quantum technologies, as well as test and measurement, and the shift currently underway to usher in the photonic integrated circuits, optical interconnects, and copackaged electronics and photonics to deliver the speed and efficiency essential for data centers of the future.

Our 80,000 qualified print subscribers—and 130,000 12-month engaged online audience—trust us to dive in and provide original journalism you won’t find elsewhere covering key emerging areas such as laser-driven inertial confinement fusion, lasers in space, integrated photonics, chipscale lasers, LiDAR, metasurfaces, high-energy laser weaponry, photonic crystals, and quantum computing/sensors/communications. We cover the innovations driving these markets.

Laser Focus World is part of Endeavor Business Media, a division of EndeavorB2B.

Laser Focus World Membership

Never miss any articles, videos, podcasts, or webinars by signing up for membership access to Laser Focus World online. You can manage your preferences all in one place—and provide our editorial team with your valued feedback.

Magazine Subscription

Can you subscribe to receive our print issue for free? Yes, you sure can!

Newsletter Subscription

Laser Focus World newsletter subscription is free to qualified professionals:

The Daily Beam

Showcases the newest content from Laser Focus World, including photonics- and optics-based applications, components, research, and trends. (Daily)

Product Watch

The latest in products within the photonics industry. (9x per year)

Bio & Life Sciences Product Watch

The latest in products within the biophotonics industry. (4x per year)

Laser Processing Product Watch

The latest in products within the laser processing industry. (3x per year)

Get Published!

If you’d like to write an article for us, reach out with a short pitch to Sally Cole Johnson: [email protected]. We love to hear from you.

Photonics Hot List

Laser Focus World produces a video newscast that gives a peek into what’s happening in the world of photonics.

Following the Photons: A Photonics Podcast

Following the Photons: A Photonics Podcast dives deep into the fascinating world of photonics. Our weekly episodes feature interviews and discussions with industry and research experts, providing valuable perspectives on the issues, technologies, and trends shaping the photonics community.

Social Media

BlueskyFacebookInstagram LinkedIn • YouTube

Meet the Laser Focus World Team

Editorial

Sales

Editorial Advisory Board

  • Professor Andrea M. Armani, University of Southern California
  • Ruti Ben-Shlomi, Ph.D., LightSolver
  • James Butler, Ph.D., Hamamatsu
  • Natalie Fardian-Melamed, Ph.D., Columbia University
  • Justin Sigley, Ph.D., AmeriCOM
  • Professor Birgit Stiller, Max Planck Institute for the Science of Light, and Leibniz University of Hannover
  • Professor Stephen Sweeney, University of Glasgow
  • Mohan Wang, Ph.D., University of Oxford
  • Professor Xuchen Wang, Harbin Engineering University
  • Professor Stefan Witte, Delft University of Technology
My Watchlist
Indicators
Industrial Laser Index
Markets
Stocks
ETFs
Tools
Markets:
Overview
News
Currencies
International
Treasuries

Software Supply Chain Risk Assessment Patent Issued to Reliable Energy Analytics REA

By: via AccessWire

WESTFIELD, MA / ACCESSWIRE / June 28, 2022 / Today, REA is pleased to announce it has been issued patent number, 11,374,961, for its Software Assurance Guardian (SAG™) METHODS FOR VERIFICATION OF SOFTWARE OBJECT AUTHENTICITY AND INTEGRITY for software products and the software supply chain (C-SCRM). REA was motivated to develop this patented technology to assess risk and trust in a software supply chain starting in November, 2018 after the Federal Energy Regulatory Commission (FERC) issued Order 850, "Supply Chain Risk Management Reliability Standards" [18CFR40] to protect the bulk electric grid from software supply chain risks. Recent reports of software supply chain attacks, such as those experience by Solarwinds and Log4j, have raised software consumer awareness on the need to conduct risk assessments on software products before procurement and before installing a product. These patented processes and technologies have been implemented in REA's SAG-PM™ C-SCRM risk assessment application to help small and medium businesses achieve this visibility into software risks.

The SAG patent describes seven steps containing detailed, technical practices and processes that are designed to help a software consumer determine the trustworthiness of a software object and its entire supply chain, expressed as a statistically calculated SAGScore™, to make a risked based decision prior to procurement and installation of a software product, to proactively detect and prevent a cyber-attack. Evidence data is collected in thirteen separate files, as proof that cybersecurity controls are implemented and effective, for audit purposes. These patented SAG™ methods have been implemented in REA's flagship software risk assessment product, the Software Assurance Guardian Point Man™ (SAG-PM™), which was first announced in April 2021, and now stands at version 1.1.8. Now, software consumers can reliably and consistently assess the trustworthiness of a software product and its entire supply chain using patented methods that apply best practices within each of the seven SAG risk assessment steps resulting in a trustworthiness SAGScore™.

REA also operates, and serves as gatekeeper to, the Software Assurance Guardian Community Trust Registry™ (SAG-CTR™) and the SAG-STAR™ labeling program. REA customers can declare their trust in a software product, and it supply chain, by submitting a trust declaration to REA for entry into the SAG-CTR™ informing others in the SAG™ community of their trust in a software product. Members of the SAG™ Community query the SAG-CTR™ for trust declarations, used as part of a SAG-PM™ risk assessment and calculation of a final SAGScore™. Software vendors owning software products that achieve broad community support through an accumulation of customer trust declarations in SAG-CTR™ are eligible to display the SAG-STAR™ image on their marketing materials.

SAG-PM™ was created to provide affordable and effective software supply chain cybersecurity protections to small and medium businesses (SMB) operators of critical infrastructure that may lack cybersecurity skills on staff. SAG-PM™ implements best practices following Cyber Supply Chain Risk Management (C-SCRM) guidelines provided by the National Institute for Standards and Technology (NIST) in SP 800-161r1. SAG-PM has evolved to satisfy requirements of NERC CIP and the Cybersecurity Executive Order issued on May 12, 2021 (# 14028) following NIST's implementation guidelines for Software Bill of Materials (SBOM) and Vulnerability Disclosure Reports (VDR) issued on 5/5/2022, required to meet the Executive Order, ref: NIST RECOMMENDATIONS. A VDR is an attestation by a software vendor that they have checked each component of a software product in an SBOM for vulnerabilities and reports on the vulnerability status of each component, for a software product. A VDR is dynamically updated and maintained by the software vendor in order to answer the consumer question at any point in time, "What is the vulnerability status of a Software Product, NOW?"

Joanne Brooks, REA Co-Founder and Chief Operating Officer stated, "REA is a small, but highly skilled software engineering firm that aims to achieve broad market adoption of SAG-PM™ and the patented SAG methods™ by small and medium businesses. We are actively in discussions with better resourced organizations with an interest in taking the SAG patent and the SAG-PM software product to the next level."

Dick Brooks, REA Co-Founder and Chief Technical Officer stated, "The SAG-PM™ product has been designed as an all-in-one software supply chain risk assessment solution for small and medium businesses using a modular architecture. This enables REA software engineers to design, develop and apply the very best technical solutions within each of the seven steps in the patented process, and the SAGScore™ calculation in order to ensure that our customers have the best, and most current, protections available to guard against constantly evolving software supply chain risks and any new Tactics, Techniques and Procedures (TTP's) the hacker community introduces."

Parties interested in learning more about REA and the patented SAG methods and SAG-PM software are encouraged to reach out to REA via its contact form at https://reliableenergyanalytics.com/contact-us

Never trust software always verify and report! ™

CONTACT

Dick Brooks
Reliable Energy Analytics LLC
+1 978-696-1788, dick@reliableenergyanalytics.com

SOURCE: Reliable Energy Analytics LLC



View source version on accesswire.com:
https://www.accesswire.com/706777/Software-Supply-Chain-Risk-Assessment-Patent-Issued-to-Reliable-Energy-Analytics-REA

More News

View More
Lowe’s vs. Home Depot: Which Benefits More From Lower Rates?
Via MarketBeat
Topics Economy
Tickers AMD HD LOW
These 5 Beaten-Down Tech Stocks Could Catch Fire Next
Via MarketBeat
Topics Artificial Intelligence
Tickers ASTS ETSY OPEN SOUN TEM
Falcon Flex Drives Growth as CrowdStrike Bets on AI Security
Via MarketBeat
Topics Artificial Intelligence
Tickers CRWD
Amphenol: The Unseen Giant Behind Every Major Tech Trend
Via MarketBeat
Topics Artificial Intelligence
Tickers APH COMM
This Insider Just Made a Massive Bet on Transocean's Comeback
Via MarketBeat
Tickers RIG
Stock Quote API & Stock News API supplied by www.cloudquote.io
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the following
Privacy Policy and Terms Of Service.