SLSA Level 3

GPTKB entity

Statements (19)
Predicate Object
gptkbp:instanceOf gptkb:Software_Supply_Chain_Security_Level
gptkbp:appliesTo Software artifacts
gptkbp:definedIn gptkb:OpenSSF_SLSA_Project
gptkbp:hasLevelNumber 3
https://www.w3.org/2000/01/rdf-schema#label SLSA Level 3
gptkbp:introducedIn 2021
gptkbp:lowerAward gptkb:SLSA_Level_4
gptkbp:partOf gptkb:SLSA_Framework
gptkbp:rank gptkb:SLSA_Level_2
gptkbp:requires Source and build provenance must be fully automated and tamper-resistant
Build process must be isolated
Build provenance must be signed
Build service must be auditable
Build service must be trustworthy
Builds must be reproducible
Source must be version controlled
gptkbp:usedFor Software supply chain security assurance
gptkbp:bfsParent gptkb:SLSA
gptkbp:bfsLayer 6