Manufacturers in the medical, industrial and automotive industries can no longer just design a product and sell it, unchanged, for a decade. Keeping their products up to date on OS and library versions is crucial for maintaining safety and security. This is a herculean task for many manufacturers. Many do not even know what libraries are installed on their device. Those that do find it hard to keep up to date on known library vulnerabilities.
I will go over how to use open source tools to generate a software Bill of Materials for an embedded linux system (even one you didn't design! wink wink) and how to cross reference that BOM with the NIST NVD to search for known 3rd party vulnerabilities. I will then show how to integrate that process into a continuous integration system so that you can get automated updates when new CVEs are discovered.