LogoLogo
Get FDA readyServicesSolutionsGuardian helpGet a demo
  • Helm help center home
  • Get Started
    • Helm features
    • Quickstart process
    • Understand data sources and update frequency
    • Get familiar with the Helm UI
      • Understand your dashboard
      • Helm terminology
    • Don't have an SBOM?
      • Why SBOMs are critical to your present and future
      • Generate CycloneDX SBOM with open-source tools
      • Generate SPDX SBOM with open-source tools
        • Generate SBOM with Yocto on Linux
      • Convert your SBOM from CSV to CycloneDX
      • Get expert Services help
    • Upload your first SBOM
      • Upload or convert .zst SBOM files from Yocto on Linux
  • Automate and integrate
    • Automate and integrate risk prioritization and management
    • Automate SBOM and vulnerability management via Helm API SDK
    • Automate SBOM management via GitHub action
    • Automate SBOM management via MS Azure DevOps extension
    • Create and manage lifecycle rules to automate EOS and EOL information across all products
  • Match components
    • Match unmatched components
    • Understand match statuses
    • Understand match sources
    • Create and manage alias rules to match and rematch components across all products
  • manage sboms
    • Manage SBOM
      • Manage component
      • Manage licenses
      • Create, edit, or merge SBOMs
      • Export your SBOM
      • Upload new version of SBOM with each release
      • Archive a product or product version
    • Find out what products contain a particular component
  • manage vulnerabilities
    • Check whether a particular vulnerability impacts your products
    • Manage vulnerabilities
      • Identify and prioritize exploitable vulnerabilities
        • Get email notifications for new vulnerabilities
        • Send email with vulnerability details for future prioritization
        • Understand issue severity level
          • Understand the CVSS vulnerability scoring system
      • Rescore vulnerabilities in bulk or individually
      • Remediate vulnerabilities in bulk or individually
      • Patch Windows vulnerabilities in bulk or individually
      • Export vulnerabilities
  • Ensure FDA readiness
    • FDA-ready SBOM and vulnerability reports
      • Meet FDA requirements with your FDA SBOM report
      • VEX and VDR reports
    • Understand new FDA cybersecurity requirements for cyber devices
      • Is my device a cyber device?
      • What if I already submitted my cyber device?
    • What should my cybersecurity management plan entail?
      • What does risk management entail?
      • Verification & Validation: Build the right product/service/system in the right way
      • Why do I need a Quality Management System (QMS)?
      • Cybersecurity is everyone's responsibility
  • Terminology
    • Cybersecurity terminology
    • What is CPE?
      • How do I read a CPE string?
  • Administration
    • Manage users
    • Manage products
    • Modify your organization name
  • what's new
    • Changelog
Powered by GitBook

© Copyright MedCrypt 2024, All rights reserved.

On this page
  • Overview
  • Benefits of lifecycle rules
  • Understanding the impact of lifecycle rules
  • Add lifecycle rule
  • Set priority order of lifecycle rules
  • Edit lifecycle rule
  • Delete lifecycle rule
  • Troubleshooting and best practices

Was this helpful?

Export as PDF
  1. Automate and integrate

Create and manage lifecycle rules to automate EOS and EOL information across all products

PreviousAutomate SBOM management via MS Azure DevOps extensionNextMatch unmatched components

Last updated 22 days ago

Was this helpful?

Overview

Lifecycle rules ensure consistency across your product portfolio by automatically applying Level of Support and End-of-Life (EOL)/End-of-Support (EOS) information to components in all current and future SBOMs. can create lifecycle rules in Helm's Rules manager to streamline compliance with FDA cybersecurity requirements.

Each rule defines conditions based on supplier name, component name, and component version and applies specified lifecycle information when all conditions are met. These rules take precedence over user-provided lifecycle data and can be reordered by dragging and dropping in the Lifecycle Rules list. The applied information is included in your , ensuring accuracy and automation.

Benefits of lifecycle rules

  • Streamline FDA compliance: Automatically include required lifecycle information in FDA reports

  • Ensure consistency: Apply the same lifecycle data across your entire product portfolio

  • Save time: Update lifecycle information once and have it apply everywhere

  • Improve accuracy: Eliminate manual data entry errors with automated rules

  • Maintain flexibility: Easily adjust rules as product lifecycle information changes

Understanding the impact of lifecycle rules

When lifecycle rules are applied, they affect:

  • Existing SBOMs: All previously uploaded SBOMs will have the lifecycle information applied

  • Future SBOMs: Any new uploads will automatically have the rules applied

  • FDA SBOM reports: The lifecycle information will be included in FDA compliance reports

  • User-provided data: Rules take precedence over any manually entered lifecycle information

Add lifecycle rule

  1. Click the Rules manager in the sidebar.

  2. Click the Lifecycle rules tab.

  3. In this tab, click the Add lifecycle rule button.

  4. To set rule conditions, select the corresponding field and comparator, then specify the expected matching value. You can add one condition for each metadata field.

    • Each condition uses AND logic, so everything must be true for the effects to apply.

    • If there is an existing lifecycle rule that exactly matches your criteria, you'll be prompted to discard this pending edit or change the criteria.

  5. Below the conditions, you can set each action you want to automatically perform when all conditions match. Select the corresponding field, comparator, and expected matching value.

    • For Level of support and EOS/EOL (end-of-support and end-of-life) information, you can specify either is equal to date, then select a specific date, or set it as is equal to text, then provide the respective text value.

  6. When finished adding rules, updating rules, and/or changing rule priority, click Save & apply lifecycle rules. Note that unsaved changes will only persist during your Helm session, so make sure to save and apply anything you don't want to be discarded.

After you confirm these changes, Helm will apply them to existing and future SBOMs.

Rule naming conventions

Set priority order of lifecycle rules

Lifecycle rules are applied according to their position on the rules list.

  1. Drag-and-drop them higher to increase their priority or lower to decrease their priority.

  2. Click Save & apply changes. This will apply any changes you have made, including adding new rules, marking rules for deletion, and reprioritizing.

Edit lifecycle rule

  1. Click Edit on any lifecycle rule to modify it.

  2. Make any modifications to conditions and/or actions to perform, then click Save.

  3. To change rule priority, click the drag icon next to the rule name to drag it to a different position in the list. Rule priority is determined by the order of the rules in the list. If multiple rules impact a component, the one highest in the list takes precedence. If you are just changing rule priority, but not marking any rules for deletion, click Save & apply lifecycle rules.

  4. To delete a rule, click the Mark for deletion action. After marking the rules you want deleted, as well as making any priority changes, click the global Review changes button at the bottom of the rule list.

  5. When you're finished making changes, click Save & apply lifecycle rules.

  6. After you confirm these changes, Helm will apply them to existing and future SBOMs.

Note that unsaved changes will only persist during your Helm session, so make sure to save and apply anything you don't want to be discarded.

Delete lifecycle rule

Deleted rules will be unapplied from existing SBOMs, and will not be applied to future SBOMs. You cannot recover a deleted rule.

  1. Click the Rules item in the sidebar.

  2. Click the Lifecycle rules tab.

  3. Click Mark for deletion on the lifecycle rules you want to delete. Above the rule list, you'll see the total rules marked for deletion. If you change your mind for a rule, click Unmark for deletion.

  4. If you need to change priority of any rules as a result of these impending deletions, drag-and-drop the respective rules higher or lower in the list.

  5. Click Save & apply changes button. This will display a confirmation panel showing the impact of your potential deletions across your portfolio.

  6. If you are deleting the only rule you have, you will be prompted to confirm applying all unsaved changes. In that case, you'll now see a blank rule, so that you can add more rules in the future.

  7. Confirm your changes. You'll see a success notification that the rule will no longer be applied to existing or future SBOMs.

Troubleshooting and best practices

  • Rule naming: You cannot currently edit rule names. They are automatically generated based on conditions.

  • Rule conflicts: When multiple rules could apply to the same component, the rule higher in the list takes precedence.

  • Session persistence: Always save your changes before navigating away, as unsaved changes will be lost.

  • Verification: After applying rules, check a sample of matching components to verify the rules are working as expected.

Rules are named according to the criteria specified for them, for example: [Supplier name]/[Component name]/[Version]. You cannot currently edit rule names. If this is important to you, .

Administrators
FDA SBOM report
let us know