Supporting Sustainable Security of Open Source Software
Horizontal standards for security requirements
Horizontal standards for vulnerability requirements
What does the work you will carry out for the CYBERSTAND SSP consist of?
- contributing to the development of horizontal standards relating to vulnerability management and open source software;
- supporting the ongoing exchange of information between the horizontal and vertical standardization efforts, specifically regarding open source software and vulnerability management;
- presenting at ETSI SEC CONF on the history of open source software and its intersection with current cybersecurity issues and regulations;
What is the expected result and impact of this activity?
I hope to make a contribution to the harmonized standard's guidelines regarding vulnerability coordination and response for open source software components, and thereby improve the safety of all regulated products.
Which aspects of the Cyber Resilience Act (CRA) standardisation are you focusing on?
Under this funding, I am focused on contributions in support of CEN/CENELEC JTC13 WG9.
