SW Supply Chain Security by PlaxidityX is a cloud-based solution designed to provide comprehensive visibility and control over the software and hardware supply chain for automotive OEMs and suppliers. The platform automates the extraction of Software Bill of Materials (SBOM) from binaries—including AUTOSAR, Linux, and Android components—and continuously scans for vulnerabilities using both public and private databases. It enables organizations to track and manage assets throughout the vehicle lifecycle, from development to post-production, ensuring ongoing compliance with regulations such as UN R155, ISO/SAE 21434, and the EU Cyber Resilience Act. The system prioritizes vulnerabilities using integration with known exploited vulnerability databases (e.g., KEV CISA) and supports dynamic risk assessment by integrating with Threat Analysis and Risk Assessment (TARA) tools. SW Supply Chain Security streamlines compliance audits, reduces analyst overhead, and provides actionable insights for risk mitigation and regulatory reporting.

Key Features

Automated SBOM Extraction Automatically generates a comprehensive list of software components from binaries.

• Supports AUTOSAR, Linux, and Android
• Enables transparency and component tracking

Continuous Vulnerability Scanning Scans for vulnerabilities throughout the vehicle and component lifecycle.

• Uses public and private vulnerability databases
• Detects newly published vulnerabilities in real time

Asset and Supply Chain Management Tracks software and hardware assets across the supply chain.

• Manages ECUs, hardware, and software libraries per project or vehicle model
• Provides full visibility of cyber security posture for all components and vendors

Risk Prioritization and Alerts Focuses on high-priority risks and reduces false positives.

• Integrates with KEV CISA and TARA tools for dynamic risk assessment
• Delivers detailed alerts and actionable recommendations

Compliance and Reporting Supports regulatory and audit requirements.

• Aligns with UN R155, ISO/SAE 21434, and EU CRA
• Automates compliance documentation and reporting

Benefits

Enhanced Supply Chain Security Improves visibility and control over third-party and open-source components.

• Reduces risk of hidden vulnerabilities in external software
• Enables proactive risk management across the supply chain

Regulatory Compliance Simplifies adherence to automotive cybersecurity standards.

• Automates documentation for audits and regulatory reporting
• Ensures ongoing compliance throughout the product lifecycle

Operational Efficiency Reduces manual effort and analyst workload.

• Automates vulnerability detection and prioritization
• Streamlines asset management and compliance processes