White House wants your input on open source software security
A 'civic opportunity to help shape the government’s thinking about open-source software security.'
By: GovFresh
Posted: August 18, 2023
Estimated read time: 2 minutes
Brief
The White House Office of the National Cyber Director has issued a request for information on open source software security.
Dates
- Responses are due by 5:00 p.m. EDT on October 9, 2023.
- By August 28, 2023, the Government will post responses to select questions on www.regulations.gov, as appropriate.
Key excerpts
From the White House fact sheet:
ONCD has established an Open-Source Software Security Initiative (OS3I) to champion the adoption of memory safe programming languages and open-source software security. The security and resiliency of open-source software is a national security, economic, and a technology innovation imperative. Because open-source software plays a vital and ubiquitous role across the Federal Government and critical infrastructure, (1) vulnerabilities in open-source software components may cause widespread downstream detrimental effects. The Federal Government recognizes the immense benefits of open-source software, which enables software development at an incredible pace and fosters significant innovation and collaboration. In light of these factors, as well as the status of open-source software as a free public good, it may be appropriate to make open-source software a national public priority to help ensure the security, sustainability, and health of the open-source software ecosystem.
From the RFI:
The RFI aims to further the work of OS3I by identifying areas most appropriate to focus government priorities, and addressing critical questions such as:
- How should the Federal Government contribute to driving down the most important systemic risks in open-source software?
- How can the Federal Government help foster the long-term sustainability of open-source software communities?
- How should open-source software security solutions be implemented from a technical and resourcing perspective?
We hope that potential respondents will view this RFI as a civic opportunity to help shape the government’s thinking about open-source software security.
Contact
- Nasreen Djouini
- Email: OS3IRFI@ncd.eop.gov
- Phone: 202–881–4697