Projects Software Identification Tagging SWID Tag Utilities and Schema
Software Identification (SWID) Tagging
SWID Tag Utilities and Schema
Additional resources are available for the following SWID Tag specification revisions:
ISO/IEC 19770-2:2015 Resources
SWID Tag Validation Tool
NIST has developed a SWID Tag validation tool that can be used to verify that a produced SWID has properly implemented the requirements defined in NISTIR 8060. This tool can validate different types of SWID Tags that are used in different stages of the software lifecycle:
SWID Tags that pass this validation tool provide support for license management as well as multiple cybersecurity use cases including:
- Detecting unauthorized changes to software installation media (corpus tags),
- Preventing the installation of unauthorized or corrupted software (corpus tags),
- Detecting unauthorized changes to installed software (primary tags and patch tags), and
- Identifying vulnerable software that needs to be updated or patched (primary tags and patch tags).
The SWID Tag Validation (SWIDVal) Tool Version 0.5.0 (Posted July 2017) is available in (ZIP) and (TAR/BZ2) archive releases.
XML Schema Files
What is a schema?
Created February 05, 2018, Updated June 20, 2018