SLSA Specification
SLSA is a specification for describing and incrementally improving supply chain security, established by industry consensus. It is organized into a series of levels that describe increasing security guarantees.
This is version 1.0 of the SLSA specification, which defines the SLSA levels. For other versions, use the chooser to the rightat the bottom of this page. For the recommended attestation formats, including provenance, see “Specifications” in the menu at the top of the page.
Table of contents
| Page | Description |
|---|---|
| Security levels | Overview of SLSA, intended for all audiences. If you read one page, read this. |
| Guiding principles | Background on the guiding principles behind SLSA. |
| Terminology | Terminology and model used by SLSA. |
| Requirements | Detailed technical requirements, intended for system implementers. |
| Verifying build systems | Guidelines for securing SLSA Build L3+ builders, intended for system implementers. |
| Threats & mitigations | Specific supply chain attacks and how SLSA helps. |
| FAQ | Questions and more information. |
Status: Working Draft
ON THIS PAGE