Draft
International Standard
ISO/IEC DIS 5962
Information technology — SPDX® Specification V3.0
Reference number
ISO/IEC DIS 5962
Edition 2
© ISO 2026
Draft International Standard
Read sample
Under development
This Draft International Standard is in the enquiry phase with ISO members.
Will replace ISO/IEC 5962:2021

ISO/IEC DIS 5962

Language
Format
CHF 135
* Shipping costs not included
Convert Swiss francs (CHF) to your currency

Abstract

The System Package Data Exchange (SPDX) 3.0 is a standard for communicating bill of material information, including: software components; licenses, copyrights; security vulnerabilities, defects, and other quality data; software build information; artificial intelligence (AI) models; datasets; creator, supplier and distributor identity information; provenance and integrity; relationships between system elements; software usage and lifecycle; and mechanisms to enable annotating SPDX elements and linking between multiple SPDX Documents. SPDX reduces redundant work by providing a common format for companies and communities to share important data, thereby streamlining and improving compliance.

 

General information

  • Status
     : Under development
    Stage
    : Close of voting [40.60]
  • Edition
     : 2
    Number of pages
     : 212
  • Technical Committee :
    ISO/IEC JTC 1
    ICS :
    35.080 
  • RSS updates

Life cycle

Got a question?

Check out our Help and Support

  2. Store
  3. Store
  4. ICS
  5. 35
  6. 35.080
  7. ISO/IEC DIS 5962