Securing the Software Supply Chain: Recommended Practices for Developers

The first guide of a three-part series that addresses high priority cyber-based threats to the nation's critical infrastructure. Part I focuses on principals to include security requirements planning, designing software architecture from a security perspective, adding security features, and maintaining the security of software and the underlying infrastructure (e.g., environments, source code review, testing).