Software Assurance

Software assurance is the natural progression from developing security programs and assessing risk to improving software development security practices. Trusted CI's software assurance resources include:

• Guide to Securing Scientific Software

• The Technical Landscape of Ransomware: Threat Models and Defense Models

• The State of the Scientific Software World: Findings of the 2021 Trusted CI Software Assurance Annual Challenge Interviews

• Introduction to Software Security: A developing collection of modules for learning basic to advanced secure coding

• Training: Vulnerabilities, Threats, and Secure Coding Practices

• Engagements: software assurance focused engagements such as the Pegasus and perfSONAR engagements

• Cyberinfrastructure Vulnerabilities: alerts about software vulnerabilities of relevance to NSF CI

• Best Practices: including software engineering topics such as how to develop secure code, be ready for vulnerabilities, and securely distribute software releases.

Blog posts

Trusted CI Blog posts featuring software assurance, sustainability, and secure coding practices.