This email address is being protected from spambots. You need JavaScript enabled to view it. 601.427.0152

Trusted Code Initiative (update 2017) - Executive Summary

Executive Summary

Vision

Increase Value, Efficiency and Accessibility of Government OSS 

The vision of the Trusted Code Initiative is to increase the collective quality, security, access and subsequent value of open source software resources used within US government and public-sector systems.

Objective

Define an Acceptable Balance of Agility and Assurance

The objective is to define an acceptable, measurable balance between the agility and flexibility made available through the open source approach with the acquisition,  certification and validation, and operational regulations and policies that govern the use of software technologies within Federal Enterprise Systems.


Approach

Collaboration, Compliance, Continuity

The approach is to organize and facilitate administrative processes that enables open source software resources to more efficiently address and comply to Federal acquisition, information assurance and distribution requirements, policies and practices. 

The Initiative defines “Trusted” as any software component, development method or practice that is accredited by a government-sanctioned validation process; deployed and affirmed within a government technology system; or designated as “Trusted” by a Government-sanctioned entity.

Results

Trusted Code, Trusted Support, Trusted Community

The goal of the Trusted Code Initiative is to increase the collective quality, security, access and subsequent value of software resources and practices used within US Government and public-sector systems.


Success

The ultimate goal concept of Trusted Code become a productive, contributing factor in the collective efforts to raise the quality of software used within Federal Government systems.

Metrics for success to include:

(a) Establish an independent, vendor and agency-agnostic non-profit 501 (c) (3) Trusted Code Foundation to oversee governance and management of the Trusted Code Initiative program;

(b) Establish Trusted standards for software development, analysis and maintenance practices;

(c) Create a Trusted Code Analysis and Scoring process to accurately measure the administrative, vulnerability and policy compliance status of Trusted Code assets;

(d) Coordinate the selection, management and joint funding of government-sanctioned information and software assurance accreditation programs for commodity Trusted software applications;

(e) Development and distribution of technical, training and support documentation materials for Trusted Code assets to enhance workforce quality; and

(f) Establish a “secured” hosting and distribution network to ensure the integrity of Trusted Code resources.