How RunSafe Resolved C++ SBOM Instability on Windows
In this RunSafe Security Minute, Senior Software Engineer Kelli explains a significant improvement in the C++ SBOM generation process for Windows.Previously, RunSafe’s SBOM generator used a third-party tool to track system processes during C/C++ compilation. However, this tool required a specific order of events to capture process data, leading to a race condition. Some child processes would complete their work before the tool could recognize them resulting in incomplete SBOMs.
To resolve this, the RunSafe team replaced the dependency and implemented a lower-level system that detects new processes the instant they’re created. This ensures more accurate, complete C++ SBOMs and better post-processing.
This update reinforces RunSafe’s commitment to software transparency and build integrity—especially in embedded systems and critical infrastructure applications.