PlaxidityX SW Supply Chain Security is an automotive-focused software supply chain security tool that performs automatic binary scanning to extract and analyze Software Bills of Materials (SBOMs). It is designed for OEMs and Tier-1 automotive suppliers who need visibility into the security posture of software components sourced from external vendors. The tool automatically extracts SBOMs from binary files, including those built on AUTOSAR, Linux, and Android platforms. It then continuously scans extracted component inventories against both public and private vulnerability databases to detect known vulnerabilities throughout the vehicle and component lifecycle. Key functional areas include: - Binary Analysis: Automatic SBOM extraction from compiled binaries across supported automotive OS and middleware stacks. - Asset Management: Tracking and organizing ECUs, hardware components, and software libraries per project or vehicle model. - Vulnerability Detection: Continuous scanning against public and private vulnerability databases to identify relevant security weaknesses. - Assessment and Response: Automated vulnerability prioritization, detailed alerting, and risk exposure insight per vulnerability. - Regulatory Compliance: Supports compliance with UN R155, ISO/SAE 21434, and the EU Cyber Resilience Act (CRA) by documenting security processes and generating automated reports for auditors. The product can integrate with PlaxidityX's broader DevSecOps platform. It is targeted at automotive OEMs and Tier-1 suppliers managing large portfolios of ECUs and vehicle models requiring ongoing post-production security monitoring.