Transparency exchange API


Ecma TC54-TG1 is chartered to develop and maintain a standardized, format-agnostic API that enables the efficient discovery and exchange of Bills of Materials (BOMs) and other related artifacts between systems. The API will facilitate the handling of sensitive data, supply chain intelligence, and provide a standardized mechanism to publish, distribute, consume, and control access to all parties in the software supply chain.

Programme of work:

  1. To develop a standard for the transparency exchange API (project Koala) for discovering and sharing of software transparency information.
  2. To define the API architecture and data models, incorporating elements such as xBOM, CDXA, VDR/VEX, CLE, and insights.
  3. To develop specifications for each component, focusing on security, scalability, and performance.


Convenor: Steve Springett (ServiceNow)
Secretary: Samina Husain (Ecma International)