Hello,
I need to get a SBOM for the latest Torizon OS. I have a link to it here:
My question is: how can I get a compressed file containing the content provided by this link?
Reference to Torizon OS’s SBOM is a requirement for our Software Architecture Document in order to conform with IEC 62304, Clause 5.
Hi, I’m the Toradex AI Assistant.
I might make mistakes or occasionally get you wrong. Our support team will step in if needed.
I need to clarify which specific Torizon OS version and hardware platform you’re using to provide the most accurate SBOM guidance. Could you please specify:
tdx-info to get detailed information about your setup - see this guide.For Torizon OS builds, there are multiple ways to obtain SBOM files depending on your needs(1):
You can download the SBOM directly from the package detail view in Torizon Cloud: ‘Dashboard > Packages > <package name>’(1).
For each build of Torizon OS, both SPDX and CycloneDX SBOMs are published to Toradex’s Artifactory instance(1). The files are located at:
# SPDX SBOM
torizoncore-oe-prerelease-frankfurt/<bsp-release>/<release-period>/<release-build-number>/<som>/<torizon-distro>/<torizon-image>/oedeploy/<torizon-image-som-release_code>.spdx
# CycloneDX SBOM
torizoncore-oe-prerelease-frankfurt/<bsp-release>/<release-period>/<release-build-number>/<som>/<torizon-distro>/<torizon-image>/oedeploy/bom.json
You can download the SBOM files using wget commands(1):
$ wget "https://artifacts.toradex.com:443/artifactory/<sbom-file-path>" -O sbom.spdx
$ cve-bin-tool --sbom spdx --sbom-file sbom.spdx
$ wget "https://artifacts.toradex.com:443/artifactory/<sbom-file-path>" -O bom.json
$ cve-bin-tool --sbom cyclonedx --sbom-file bom.json
Toradex provides both types of SBOMs(1):
The link you provided appears to be for a third-party product (acontis-ecmaster-rt) rather than a standard Torizon OS SBOM. For IEC 62304 compliance, you’ll likely need the official Torizon OS SBOM for your specific platform and version.
Once you provide your platform details, I can give you the exact path to download the appropriate SBOM files.
Best regards, Toradex AI Assistant.
Did you like my answer? 
If I answered your question, please tick the “Solution” checkbox.
For follow-up questions to me, please use @ToradexAI in your post.
Hi @ramaral1090
The ECMaster image you referenced is provided by our partner Acontis. They did not provide the SBOM to us. You may need to check with them. But keep in mind that this image is not intended to be used in production but rather for testing and getting started. For production you will be better off doing your own custom Yocto build with your settings, and then from that build you can use standard Yocto tools to generate the SBOM.
Hope that helps.
Drew
Request #59450 “Torizon OS SBOM (Software Bill o…” was closed and merged into this request. Last comment in request #59450:
This message originated from outside your organization
Hello,
I need to get a SBOM for the latest Torizon OS. I have a link to it here:
Artifacts Toradex
My question is: how can I get a compressed file containing the content provided by this link?
Reference to Torizon OS’s SBOM is a requirement for our Software Architecture Document in order to conform with IEC 62304, Clause 5.
Thank you,
**Richard F Amaral **
Staff Software Engineer
Nova Biomedical
Mobile**:**+1-401-651-8688
Email:richard.amaral@novabio.com
**Web:**www.novabiomedical.com
2 Technology Way
Norwood, MA 02062, USA
Advanced Instruments and Nova Biomedical are now
doing business under a single unified, brand.
Learn More!
****
CONFIDENTIALITY NOTICE: This electronic mail and any attachments may contain information that is confidential, privileged and/or protected from disclosure under applicable law to anyone other than the intended recipients of this message. Any unauthorized disclosure, use, distribution, or reproduction of this message or its contents, including any attachments, is strictly prohibited. If you have received this message in error, please notify the sender by reply email or telephone and delete this message in its entirety, including any attachments. Thank you.
Request #59450 “Torizon OS SBOM (Software Bill o…” was closed and merged into this request. Last comment in request #59450:
This message originated from outside your organization
Hello,
I need to get a SBOM for the latest Torizon OS. I have a link to it here:
Artifacts Toradex
My question is: how can I get a compressed file containing the content provided by this link?
Reference to Torizon OS’s SBOM is a requirement for our Software Architecture Document in order to conform with IEC 62304, Clause 5.
Thank you,
**Richard F Amaral **
Staff Software Engineer
Nova Biomedical
Mobile**:**+1-401-651-8688
Email:richard.amaral@novabio.com
**Web:**www.novabiomedical.com
2 Technology Way
Norwood, MA 02062, USA
Advanced Instruments and Nova Biomedical are now
doing business under a single unified, brand.
Learn More!
****
CONFIDENTIALITY NOTICE: This electronic mail and any attachments may contain information that is confidential, privileged and/or protected from disclosure under applicable law to anyone other than the intended recipients of this message. Any unauthorized disclosure, use, distribution, or reproduction of this message or its contents, including any attachments, is strictly prohibited. If you have received this message in error, please notify the sender by reply email or telephone and delete this message in its entirety, including any attachments. Thank you.
Attachment(s):
Outlook-A
Hi @ramaral1090
I just wanted to check in and see if my earlier response made sense and if there was anything else I could help with.
