Annual Update (February 12, 2026) (opens in new tab)

In 2025, the SIG worked to understand the current landscape. The group reviewed existing safety, quality, and security standards, conducted literature research, and began assessing open source projects. Early work included creating a template to evaluate process robustness and evidence confidence across different criteria. Initial project assessments included Yocto, Xen, and LLVM, with plans to expand to projects such as Linux, curl, and OpenSSL.