Abstract
EyeON: Eye on Operational technology
Software Supply Chain attacks have risen drastically over the past few years, none more well-known and
impactful than the SolarWinds compromise. Criminal organizations inserted an attack vector into a
specific version of the source code, giving themselves an air of credibility. Once news broke on
SolarWinds, identifying compromised sites was very difficult, even knowing the culprit update.
Software Bills of Materials (SBOM) have been touted as the solution to reclaiming control of your software
supply chain. Deployment of SBOMs has been slow, however, due to conflicting standards, opaque
storage requirements, and vendor adoption. Additionally, the path from obtaining an SBOM and securing
your supply chain is unclear; how can an SBOM library be leveraged to provide insight to your attack
surface? The EyeON tool, sponsored by Department of Energy Cybersecurity, Energy Security, and
Emergency Response (DoE CESER), aims to address these gaps by providing an encapsulated solution
to tracking which updates have been installed in an enterprise, and alerting system administrators to
vulnerabilities as they become known.
Similar to a virus scanner, EyeON is a command line tool to parse either a single file, nested directory
structure, or filesystem. It collects data such as signature (hashes), version information, VirusTotal tags,
compiler, compilation date, and code signing information. Users will anonymously
More>>
- Developers:
-
Tenzing, Wangmo [1] ; Mooney, Jack [1] ; Lyles, Seth [1] ; Johnson, Grant [1]
- Lawrence Livermore National Laboratory (LLNL), Livermore, CA (United States)
- Release Date:
- 2023-08-31
- Project Type:
- Open Source, Publicly Available Repository
- Software Type:
- Scientific
- Version:
- 1.0.0
- Licenses:
-
MIT License
- Sponsoring Org.:
-
USDOE National Nuclear Security Administration (NNSA)Primary Award/Contract Number:AC52-07NA27344
- Code ID:
- 149447
- Site Accession Number:
- LLNL-CODE-2001017
- Research Org.:
- Lawrence Livermore National Laboratory (LLNL), Livermore, CA (United States)
- Country of Origin:
- United States
Citation Formats
Tenzing, Wangmo, Mooney, Jack, Lyles, Seth, and Johnson, Grant.
EyeON.
Computer Software.
https://github.com/LLNL/pEyeON.
USDOE National Nuclear Security Administration (NNSA).
31 Aug. 2023.
Web.
doi:10.11578/dc.20241223.6.
Tenzing, Wangmo, Mooney, Jack, Lyles, Seth, & Johnson, Grant.
(2023, August 31).
EyeON.
[Computer software].
https://github.com/LLNL/pEyeON.
https://doi.org/10.11578/dc.20241223.6.
Tenzing, Wangmo, Mooney, Jack, Lyles, Seth, and Johnson, Grant.
"EyeON." Computer software.
August 31, 2023.
https://github.com/LLNL/pEyeON.
https://doi.org/10.11578/dc.20241223.6.
@misc{
doecode_149447,
title = {EyeON},
author = {Tenzing, Wangmo and Mooney, Jack and Lyles, Seth and Johnson, Grant},
abstractNote = {EyeON: Eye on Operational technology
Software Supply Chain attacks have risen drastically over the past few years, none more well-known and
impactful than the SolarWinds compromise. Criminal organizations inserted an attack vector into a
specific version of the source code, giving themselves an air of credibility. Once news broke on
SolarWinds, identifying compromised sites was very difficult, even knowing the culprit update.
Software Bills of Materials (SBOM) have been touted as the solution to reclaiming control of your software
supply chain. Deployment of SBOMs has been slow, however, due to conflicting standards, opaque
storage requirements, and vendor adoption. Additionally, the path from obtaining an SBOM and securing
your supply chain is unclear; how can an SBOM library be leveraged to provide insight to your attack
surface? The EyeON tool, sponsored by Department of Energy Cybersecurity, Energy Security, and
Emergency Response (DoE CESER), aims to address these gaps by providing an encapsulated solution
to tracking which updates have been installed in an enterprise, and alerting system administrators to
vulnerabilities as they become known.
Similar to a virus scanner, EyeON is a command line tool to parse either a single file, nested directory
structure, or filesystem. It collects data such as signature (hashes), version information, VirusTotal tags,
compiler, compilation date, and code signing information. Users will anonymously submit scan data
periodically to DoE CESER, who will then compile a database of known software products employed by
Critical Infrastructure and broadcast alerts based on discovered flaws as they arise.},
doi = {10.11578/dc.20241223.6},
url = {https://doi.org/10.11578/dc.20241223.6},
howpublished = {[Computer Software] \url{https://doi.org/10.11578/dc.20241223.6}},
year = {2023},
month = {aug}
}