NIST Seeks Position Papers on Standards to Improve Software Supply Chain Security

NIST Seeks Position Papers on Standards to Improve Software Supply Chain Security
USAID Privacy Program

The National Institute of Standards and Technology is seeking position papers that will shape the agenda for a two-day virtual workshop in June as part of efforts to improve software supply chain security and comply with a White House executive order meant to strengthen U.S. cybersecurity.

The workshop will kick off on June 2 and will provide NIST a platform to share plans on the development of software-related guidelines and standards and discuss ideas and information about the content and approach that the institute should consider as it works on the standards, NIST said Monday.

NIST is requesting two-page position papers in five areas: criteria for designating “critical software,” initial list of secure software development lifecycle standards, guidelines and best practices, guidelines outlining security measure that should be applied to the use of critical software by the federal government, initial minimum requirements for testing software source code and guidelines for software integrity chains and provenance.

“All suggestions in position papers must be consistent with and within the scope of the assignments specified by the EO. Topics and speakers selected for the workshop will be based largely on these position papers,” NIST said.

Position papers are due May 26th.

You may also be interested in...

Cybersecurity

DHS, NIST List Goals for Cyber Best Practices

The Department of Homeland Security (DHS) and the National Institutes of Standards and Technology (NIST) have jointly classified cybersecurity practices into nine categories as bases for cyber performance goals. The nine categories each have specific objectives with regard to how secure control systems are operated and deployed, NIST said Thursday.