Products are no longer created from monolithic code bases, they are composed of components that are integrated over time, and maintained by different entities, some of which are open source communities.  For a system to be dependable (maintainable, safe, secure, etc.) all the components need to be integrated together and tested as updates occur to demonstrate they still adhere to the necessary requirements. Effective system engineering depends on requirements being tested for the system as a whole and for the individual components. However, open source projects frequently don't have requirements expressed in a form that is consumable for this level of analysis.

This talk will discuss a proposed framework for a "system" bill of materials that will enable those components providing requirements to be integrated so that product lines can be managed, and open source components that are able to surface up their requirements can be integrated.