The Software Assurance Forum for Excellence in Code (SafeCode) is offering the Software Supply Chain Integrity Framework to help suppliers prevent software from being deliberately compromised during sourcing, development or distribution, reports V3.co.uk.
According to SafeCode, the framework addresses these so-called supply chain attacks. Paul Kurtz, executive director of SafeCode, says,
"This framework will serve as the foundation for subsequent work aimed at identifying and analyzing software integrity best practices, and represents a critical step forward in the industry's efforts to advance software assurance."
You can view the framework here.