'Made in Canada' - in Groceries and in Software πππ»
2025-04-27
Jason Smith
With πΊπΈ U.S.-imposed tariffs back in the news, many Canadians π¨π¦ are shifting their focus to buy local and support Canadian-made products. But here’s the catch: what does “Made in Canada” actually mean? π€
Flip over any grocery item and youβll see all kinds of labels:
- π¨π¦ Product of Canada
- π οΈ Made in Canada
- π¦ Packaged in Canada
- π Made with domestic and imported ingredients
- π¨βπ³ Prepared in Canada
The reality? Even with a “Made in Canada” label, ingredients often come from around the world π.
Sound familiar? It should - and software is no different. π»
Modern software is assembled, not handcrafted π οΈ - just like hardware. When you manufacture a physical product, you need a Bill of Materials (BOM) to track every screw, chip, and wire π©βοΈπ.
Software is no different. You need to track:
- ποΈ Third-party libraries
- π Open-source packages
- π©π»βπ» Proprietary code
- βοΈ Software build tools
Even if your team “built it”, much of it came from a global supply chain π.
And just like with food, we need transparency in what we are consuming π² - or shipping π’.
Knowing what’s in your software helps you manage:
- π Security
- π Quality
- π Performance
- β οΈ Risk
That’s where a Software Bill of Materials (SBOM) comes in - your blueprint for understanding what’s inside your software. π
SBOMs are a great start to gain transparency. However, visibility alone isnβt enough. Can you trust what you see? π΅
Have you checked the ingredients in your software lately? Do you know where they came from?
#SBOM #SoftwareSupplyChain #CyberSecurity #SoftwareTransparency #MadeInCanada #DigitalSupplyChain #SoftwareRisk #TrustButVerify #DigitalTrust #OpenSourceSecurity #SecureDevelopment #DevSecOps #SoftwareIntegrity #CanadianTech #TechMadeInCanada ππ»π