Active
Draft standard
Most Recent
IEEE P3390
IEEE Draft Standard for Security Management Capability Framework of Open Source Software Supply Chain for Software Providers
Preview
Summary
New IEEE Standard - Active - Draft.
This standard provides guidance for and requirements on the management of open source software security. Software providers play an important role in software supply chains. The standard defines security requirements for the entire open source software process ranging from development, introduction to delivery.
This standard provides guidance for and requirements on the management of open source software security. Software providers play an important role in software supply chains. The standard defines security requirements for the entire open source software process ranging from development, introduction to delivery. The standard addresses five aspects of open source software management: 1. Establishment of a related organization and rules. 2. Open source software assets and their security evaluation. 3. Secondary aspects such as compliance with licenses. 4. Outsourcing. 5. Deliverables management, such as the bill of materials of software deliverables and software version management.
The purpose of this standard is to establish rules for software providers to carry out security management during the use of open source software in order to reduce the risk issues brought by open source software, and aim to build a good and healthy open source ecosystem.
This standard provides guidance for and requirements on the management of open source software security. Software providers play an important role in software supply chains. The standard defines security requirements for the entire open source software process ranging from development, introduction to delivery.
This standard provides guidance for and requirements on the management of open source software security. Software providers play an important role in software supply chains. The standard defines security requirements for the entire open source software process ranging from development, introduction to delivery. The standard addresses five aspects of open source software management: 1. Establishment of a related organization and rules. 2. Open source software assets and their security evaluation. 3. Secondary aspects such as compliance with licenses. 4. Outsourcing. 5. Deliverables management, such as the bill of materials of software deliverables and software version management.
The purpose of this standard is to establish rules for software providers to carry out security management during the use of open source software in order to reduce the risk issues brought by open source software, and aim to build a good and healthy open source ecosystem.
Notes
Active
Technical characteristics
| Publisher | Institute of Electrical and Electronics Engineers (IEEE) |
| Publication Date | 11/06/2025 |
| Page Count | 23 |
| EAN | --- |
| ISBN | --- |
| Weight (in grams) | --- |
No products.