Statements (19)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:Software_Supply_Chain_Security_Level
|
| gptkbp:appliesTo |
Software artifacts
|
| gptkbp:definedIn |
gptkb:OpenSSF_SLSA_Project
|
| gptkbp:hasLevelNumber |
3
|
| https://www.w3.org/2000/01/rdf-schema#label |
SLSA Level 3
|
| gptkbp:introducedIn |
2021
|
| gptkbp:lowerAward |
gptkb:SLSA_Level_4
|
| gptkbp:partOf |
gptkb:SLSA_Framework
|
| gptkbp:rank |
gptkb:SLSA_Level_2
|
| gptkbp:requires |
Source and build provenance must be fully automated and tamper-resistant
Build process must be isolated Build provenance must be signed Build service must be auditable Build service must be trustworthy Builds must be reproducible Source must be version controlled |
| gptkbp:usedFor |
Software supply chain security assurance
|
| gptkbp:bfsParent |
gptkb:SLSA
|
| gptkbp:bfsLayer |
6
|