Mangaya Sivagnanam and Sean McCoy from Trane Technologies will provide an overview of the SBOM (Software Bill of Materials). The coming regulatory requirements from the EU (European Union) called the European Cyber Resilience Act, and Executive Order 14028, “Improving the Nation’s Cybersecurity” in the US, place demands on software companies to provide documentation that software products are developed securely and ARE secure. An SBOM is a method for meeting the regulatory requirements for that documentation.

Mangaya will describe approaching an SBOM using static-analysis tools to collect information from the source code to feed an SBOM Tool. Sean will present the challenges of using the traditional BOM/Change-Order/Requirements approach used for managing an SBOM. You will leave the meeting completely BOMed!

Date: Thursday, 23 March 2023

Time: 6 PM pizza and socializing; 6:30 PM meeting; 8:00 dismissal (no charge for members or guests)

Place: Southdale Library, Full Meeting Room (upstairs), 7001 York Ave. S, Edina, MN 55435

Arrival: Find parking on the York Ave side of the building. Enter the main door, proceed up the stairs, then to your immediate left.

BIO Mangaya Sivagnanam: Mangaya Sivagnanam is a security researcher, speaker, writer, and coach currently working as Principal Cybersecurity Architect at Trane | Trane Technologies. She has extensive experience building secure heterogeneous systems, a system of systems. She is experienced in leading diverse backgrounds in cybersecurity end-to-end operational solutions, management, data privacy, and Incident Response. She also excelled in providing Business-aligned Innovation and Engineering Solutions to Secure Systems. She led and institutionalized the business-focused security strategies to harden the products and services’ security features and improve overall business security posture – foreseeing new threats in the industry.She is an SME and a strong advocate for cybersecurity and privacy in various industries and government entities like FPDI Food Protection and Defense Institute, the Department of Homeland Security, IEEE Smart Grid, AHRI, ASHRAE, UL, and IEEE Smart Cities Initiatives, Autonomous Vehicles. She is currently a board member and actively serving as Technology Director in International Information Systems Security Association ISSA, MN Chapter.She accomplished several cybersecurity research publications, standards, and keynotes in the field. Presently, her primary research foci are cybersecurity & privacy challenges in the design and interoperability to achieve advanced plant or building automation, Vehicle-To-Grid to support energy efficiency, sustainability, and grid integration facilitating resilient smart cities. “Manufacturers’ Guide to BAS Cybersecurity” is one of her recent contributions to BACnet (ANSI/ASHRAE Standard 135), Building Automation Systems standards.

BIO Sean McCoy: Sean McCoy is the Chief Architect for controls at Trane. He received his CSEP in 2016, has 13 patents, holds a 6-Sigma black belt, and has over 39 years of experience designing and developing software systems. 27 of those years have been at Trane developing Building Automation Systems and helping develop Trane’s Systems Engineering discipline. Sean has been an active member of INCOSE since 2011 and was the President of the North Star Chapter for 2021. He was on the GLRC conference planning committee for 2017-2019, and he is a member of the INCOSE Institute for Technical Leadership. His most recent work assignment was leading the effort to develop a holistic System Architecture for Building Automation Systems – from machine controls to the cloud. In his spare time, Sean likes to play guitar and is often seen at Rock Camp Experience events in the Twin Cities.