The ISO/IEC 19770-2 standard that defines the structure of SWID tags has taken a major step forward. The document went through its final review with all the participating countries and achieved unanimous approval.
With such strong country and organizational support behind the revision, the document has moved forward to the publication phase. At this point, ISO editors take over and ensure that t’s are crossed, i’s are dotted and that the document meets the editorial requirements specified by ISO/IEC.
The revision is a relative major revision and addresses scalability issues that limited software vendors from fully embracing the 2009 version. The way the scalability issues were addressed, it also improves the ability for tool vendors to consume and interpret the data.
Additionally, changes were made to the location where SWID tags are installed. These changes made it easier for software vendors to integrate tags into their solution regardless of the installation model they choose. The revised standard indicates that the SWID tag will be located in a directory named “swidtag” that is in the same directory tree as the products installation directory. This allows copy installs, web component and other sandboxed software installs and installations by systems that otherwise might be restricted from writing into the common system locations that were specified in the 2009 revision.
You can download and review the XSD for this revision from ISO – http://standards.iso.org/iso/19770/-2/2015-current/schema.xsd.
You may also be able to download a NIST document that discusses usage scenarios and guidelines for creating SWID tags here – http://csrc.nist.gov/publications/PubsDrafts.html#NIST-IR-8060. Be aware, however that the NIST document is currently available for public review and may be removed while the document is going through an editing process. If the link does not work, search for NIST-IR-8060.