Subj : Eclipse Foundation announces collaboration for CRA compliance
To   : All
From : LWN.net
Date : Fri Apr 05 2024 15:45:04

Eclipse Foundation announces collaboration for CRA compliance

Date:
Fri, 05 Apr 2024 14:34:21 +0000

Description:
The Eclipse Foundation , the organization
behind the Eclipse IDE and many other software projects, announced a 
collaboration between several different open-source-software foundations to
create a specification describing secure software development best practices.
This work is motivated by the European Union's Cyber Resilience Act (CRA). 
The leading open source communities and foundations have for
	years developed and practised secure software development
	processes. These are processes that have often defined or set
	industry best practices around things such as coordinated
	disclosure, peer review, and release processes. These processes
	have been documented by each of these communities, albeit
	sometimes using different terminology and approaches. We
	hypothesise that the cybersecurity process technical
	documentation that already exists amongst the open source
	communities can provide a useful starting point for developing
	the cybersecurity processes required for regulatory compliance. 
(Thanks to Martin Michlmayr.)

======================================================================
Link to news story:
https://lwn.net/Articles/968566/


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)

.