Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Secure Software

Develop a companion resource to Secure Software Development Framework (SSDF) (EO Sec. 4.1(a)(i)(B))

On April 29, NIST released a draft Generative AI companion resource to NIST’s  Secure Software Development Framework (SSDF). The public comment period has now closed. More information is available here. Read Draft Publication

NIST held a virtual workshop on Secure Development Practices for AI Models on January 17, 2024. This workshop supported the EO 14110 task for NIST to develop a companion resource to the NIST Secure Software Development Framework (SSDF). A livestream of the workshop can be viewed on NIST's website.

At a foundational level, AI systems are built and operate on software. It is critical that the software being developed is well-secured to:

  • Reduce the number of vulnerabilities in released software;
  • Mitigate the potential impact of the exploitation of undetected or unaddressed vulnerabilities; and 
  • Address root causes of vulnerabilities to prevent future recurrences. 

NIST will work with interagency collaborators – and seek feedback from the broader community through open and transparent processes – to develop a companion to NIST’s SSDF. That resource will incorporate secure development practices for generative AI and dual-use foundation models.


Created December 21, 2023, Updated June 17, 2024