OPENEOX: A MACHINE-READABLE FRAMEWORK FOR STANDARDIZED END-OF-LIFE SOFTWARE MANAGEMENT
DOI:
https://doi.org/10.30888/2663-5712.2025-34-01-120Keywords:
OpenEoX, End-of-Life, EoSSec, JSON Schema, software lifecycle, standardization, machine-readable formats, supply chain security, automated processingAbstract
The exponential growth of software dependencies in modern infrastructure has created critical gaps in lifecycle information management, particularly regarding End-of-Life (EoL) status determination and automated processing. Building upon established reseaReferences
Assaad, Z. and Henein, M. (2022) End-of-life of software how is it defined and managed?, arXiv.org. https://doi.org/10.48550/arXiv.2204.03800
Demianchuk, Sergii (2025). Cybersecurity-Driven Approach to End-of-Life Software Management: Addressing Vulnerability Risks Through Standardized EoL Protocols. Future in the Results of Modern Scientific Research '2025, 40, 25–30. https://doi.org/10.30890/2709-1783.2025-40-00-026
Demianchuk, Sergii, Martynenko, Roman, & Lopukhovych, Volodymyr. (2025). Open-Source Software Lifecycle Classification: Measurement of the End-of-Life (EoL) Software. SWorld Journal, September 2025, 33, 209-216. https://doi.org/ 10.30888/2663-5712.2025-33-01-126
Klyne, G., & Newman, C. (1970, July 1). Date and time on the internet: Timestamps. RFC Editor. https://www.rfc-editor.org/rfc/rfc3339
Wright, A., Andrews, H., Hutton, B., Dennis, G. (2020). JSON Schema: A Media Type for Describing JSON Documents (Draft 2020-12). Internet Engineering Task Force. https://json-schema.org/draft/2020-12/json-schema-core.html
Pezoa, F., Reutter, J. L., Suarez, F., Ugarte, M., & Vrgoč, D. (2016). Foundations of JSON schema. Proceedings of the 25th International Conference on World Wide Web, 263–273. https://doi.org/10.1145/2872427.2883029
Attouche, L., Baazizi, M.-A., Colazzo, D., Ghelli, G., Sartiani, C., & Scherzinger, S. (2024). Validation of modern JSON schema: Formalization and complexity. Proceedings of the ACM on Programming Languages, 8(POPL), 1451–1481. https://doi.org/10.1145/3632891
Santos, O., Schmidt, T., Roguski, P., Middlekauff, A., Cao, F., Demianchuk, S., Rock, L., Murphy, J., Hagen, S., Chari, S., & Schaffer, T. (2025, April 24). OpenEoX: A standardized framework for managing End of Life and other product lifecycle information [Technical report]. OASIS Open. https://docs.oasis-open.org/openeox/standardization-framework/openeox-standardization-framework-technical-report.pdf
OASIS Open. (2022). Common Security Advisory Framework (CSAF) Version 2.0. OASIS Standard. https://docs.oasis-open.org/csaf/csaf/v2.0/
The Minimum Elements for a Software Bill of Materials (SBOM) | National Telecommunications and Information Administration. (2021, July 12). https://www.ntia.gov/report/2021/minimum-elements-software-bill-materials-sbom
OWASP. (2024). CycloneDX Specification Version 1.6. OWASP Foundation. https://cyclonedx.org/specification/overview/
International Organization for Standardization. (2021). Information technology-SPDX Specification V2.2.1 (ISO/IEC 5962:2021). https://www.iso.org/standard/81870.html
National Institute of Standards and Technology. (2023). Common platform enumeration (CPE) specification version 2.3. U.S. Department of Commerce. https://nvd.nist.gov/products/cpe
Package URL (PURL) Project. (2024). Package URL specification. GitHub. https://github.com/package-url/purl-spec
PCI Security Standards Council. (2022). Payment Card Industry Data Security Standard (PCI DSS) requirements and testing procedures version 4.0. https://www.pcisecuritystandards.org/
Li, Z., Wang, W., & Zhang, H. (2022). Predicting open source software abandonment using machine learning approaches. Journal of Systems and Software, 187, 111228.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Authors
This work is licensed under a Creative Commons Attribution 4.0 International License.
