Open Component Model Logo
Open Component Model Text

An open standard to describe software artifact delivery.

Open-source Apache-2.0 Licensed. GitHub v0.4.1

What is the Open Component Model?

The Open Component Model (OCM) is an open standard to describe Software Bills of Delivery (SBOD). OCM is a technology-agnostic and machine-readable format focused on software artifacts that must be delivered securely across boundaries, whilst maintaining integrity and provenance along the supply chain.


Describe the resources and source repositories of a software product in code. Signing provides verifiable digests of the content


Transport resource contents to any environment, be it public cloud, on-prem, or air gapped


Leverage built-in Flux integration to seamlessly automate the deployment of components via GitOps

Yet another SBOM?

Whilst OCM may appear similar to both package management tools and the Software Bill of Materials (SBOM), in truth it is neither.

An SBOM describes the constituent parts of a software product required during the development process. In contrast, OCM describes those parts necessary for delivery & deployment. We think of this as a Software Bill of Delivery (SBOD).

Deploying to Airgap with Flux & OCM

Try it yourself here.