In an unprecedented collaborative effort, seven open source foundations have decided to work together to establish standards and specifications to ensure secure software development. This initiative comes in response to the European Union's Cyber Resilience Act (CRA), which requires all digital products, both hardware and software, to have cybersecurity measures in place throughout their lifecycle. The CRA is scheduled to enter into force in 2027.
The following foundations are involved in this collaboration:
- Apache Software Foundation,
- Blender Foundation,
- OpenSSL Software Foundation,
- PHP Foundation,
- Python Software Foundation,
- Rust Foundation,
- Eclipse Foundation.
Their goal is to establish common specifications and standards that promote security in software development. The importance of robust and secure standards has become increasingly urgent in modern society, where software, particularly open source software, plays a vital role. The new regulation highlights the significance of security measures from design to the supply chain.
Furthermore, the foundations stress the importance of developing new standards that cater to the needs of both proprietary software and large enterprises, as well as vertical industries and small to medium-sized enterprises. They encourage industry professionals to contribute their ideas and take part in the creation of specifications for secure open source development.