Committed to connecting the world

ITU GSR 2024

ITU-T work programme

[2022-2024] : [SG17] : [Q4/17]

[Declared patent(s)]  - [Associated work]

Work item:
Subject/title: Security threats of software supply chain
Status: Under study 
Approval process: TAP
Type of work item: Recommendation
Version: New
Equivalent number: -
Timing: 2025-04 (Medium priority)
Liaison: ISO/IEC JTC 1/SC 27, ETSI
Supporting members: Korea (Republic of), Malaysia, Ghana, Luxembourg, ETRI, KISA, Soonchunhyang University
Summary: In recent years there has been a significant increase in the number of cyber attacks resulting from vulnerabilities within the software supply chain including open-source and closed-source software. These attacks can result in devastating, expensive and long-term ramifications for affected organizations, their supply chains and their customers. To address these threats, there is a need for identifying security threats in the software development life cycle. It also needs to identify all related stakeholders. These threats can be used to develop the controls in the software development life cycle. This Recommendation can be used by many organizations who need to gain confidence or assurance that controls are in place for vulnerabilities associated with software development life cycle with suppliers.
Comment: -
  Historic references:
Da Eun Hyeon, Editor
Jae Nam Ko, Editor
Junhyung Park, Editor
Sungchae Park, Editor
Heung Youl Youm, Editor
ITU-T A.5 justification(s):
Generate A.5 drat TD
[Submit new A.5 justification ]
See guidelines for creating & submitting ITU-T A.5 justifications
First registration in the WP: 2023-03-06 11:34:51
Last update: 2024-09-18 11:26:48