Dip into SLSA with OpenSSF

By Chad Cox

Production Editor

Embedded Computing Design

May 02, 2023

News

San Francisco, California. The Open Source Security Foundation (OpenSSF) has published ratification 1.0 of Supply-chain Levels for Software Artifacts (SLSA). The OpenSSF SLSA solution delivers specifications for software supply chain security. The specifications are designed utilizing the expertise of community members.

The platform leverages ascending levels with each level continually to increase security. The levels are designed to ensure the legitimacy of authentic software tracing back to the source.

"The OpenSSF is working hard to put more rigor into the software development process," said Brian Behlendorf, General Manager of the OpenSSF. "The stable release of SLSA v1.0 is an important milestone in improving software supply chain security and providing organizations with the tools they need to protect their software."

SLSA Delivers

Common terminology about software supply chain security
Test upstream dependencies (source code, builds, and container images)
Actionable checklist improving user’s software's security
Simplify compliance with forthcoming Executive Order standards in the Secure Software Development Framework (SSDF)

For more information, visit openssf.org.

To utilize SLSA, visit slsa.dev/.

Chad Cox is the Production Editor at Embedded Computing Design. His responsibilities are centered around content creation, writing and editing, and article research and development. Chad covers industry news and events and is known to interact with various industrial leaders via on-premise visits and online interviews. He is responsible for the digital footprint and dissemination of news via social media posts, advertising creation and the production of newsletters including the Embedded Computing Design’s Daily.

He is well versed in many facets of industrial computing including Edge AI, IoT, Processing, Security, Open Source, and more.

Chad graduated from the University of Cincinnati with a B.A. in Cultural and Analytical Literature and holds a master’s in education.

Embedded Computing Design

By Chad Cox

Categories

Software & OS - Compilers & Toolchains

Open Source - Linux, FreeRTOS & Related

Security

Security - Software Security

Software & OS

Software & OS - Compilers & Toolchains

Software & OS - Operating Systems, Filesystems & Libraries

Trending Articles

Arm: Cortex-M0+

Morse Micro Expands Global Reach With New DigiKey Distribution Partnership

AutoSens and InCabin will return to Huntington Place, Detroit | 9-11th June 2026

Mouser Product of the Week: NXP Semiconductors’ FRDM-A-S32K312 Evaluation Board

Active Firmware Tools Launches Active-Pro Ultra USB 3.0 Debugger with AI Assist

Automotive

Synopsys Achieves First ISO/PAS 8800 Certification for AI-Driven Automotive Systems

Storage

How Synthetic DNA for Data Storage Could Help the Memory Crisis

Open Source

Espressif Systems: ESP32-C6 Series

Processing

Altair Semiconductor Breaks Away from Sony to Drive Next-Gen 5G IoT and Physical AI Solutions