Assure Software Security

The Secure Software Alliance (SSA) is a public-private program, in which developers of software, end users, professional bodies, institutes for research and education and the Dutch Ministry of Economic Affairs and Climate cooperate. The goal is to make security of software measurable, manageable and controllable. So that parties can provide assurance to the user of software that software is safe enough for the context in which software is used and the risks a user is willing to accept. 

Secure Software Framework

The SSA published the first version of the Secure Software Framework (SSF) in 2015. It is since then applied in several software development contexts. In 2018 the framework was updated with the Agile software development processes in mind.

In 2018 the SSA published, in cooperation with the Dutch chapter of the Information Systems Audit and Control Association (ISACA), an international in-depth publication about the framework and its backgrounds.

The framework is owned by SSA, it is the result of and is applied by software developers in innovative projects, where security of software is of the utmost importance. In 2019 the alliance started pilots to show and document what application of the framework means for software development processes and for the users of software. 

SSA Goals

  • Creation of software security awareness at all levels in the organization
  • Stimulate activities that contribute to increase software security.
  • Trustee of the (open source) Secure Software Framework
  • Develop a secure software certificate model for software based upon a positive advice from an inspection-organization accredited by the SSA.
  • Follow and contribute to (international) initiatives in the area of secure software development
  • Work together with other private and public organizations with similar interests.