Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · STATUTE-COMPILATIONS · Making appropriations for Legislative Branch for the fiscal year ending September 30, 2022, and for other purposes · Sec. 10224

Sec. 10224. SOFTWARE SECURITY AND AUTHENTICATION

298 words·~1 min read·/statute-compilations/comps-17006/sec-10224

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

## SEC. 10224 SOFTWARE SECURITY AND AUTHENTICATION **[**[42 U.S.C. 18933](/us/usc/t42/s18933)**]** ###
(a)Vulnerabilities in Open Source Software The Director shall assign severity metrics to identified vulnerabilities with open source software and produce voluntary guidance to assist the entities that maintain open source software repositories to discover and mitigate vulnerabilities. ###
(b)Artificial Intelligence-enabled Defenses The Director shall carry out research and testing to improve the effectiveness of artificial intelligence-enabled cybersecurity, including by generating optimized data sets to train artificial intelligence defense systems and evaluating the performance of varying network architectures at strengthening network security. ###
(c)Authentication of Institute Software The Director shall ensure all software released by the Institute is digitally signed and maintained to enable stakeholders to verify its authenticity and integrity upon installation and execution. ###
(d)Assistance to Inspectors General Subject to available funding, the Director shall provide technical assistance to improve the education and training of individual Federal agency Inspectors General and staff who are responsible for the annual independent evaluation they are required to perform of the information security program and practices of Federal agencies under section 3555 of title 44, United States Code. ###
(e)Software Supply Chain Security Practices ####
(1)In general The Director shall, in coordination with industry, academia, and other Federal agencies, as appropriate, develop a set of security outcomes and practices, including security controls, control enhancements, supplemental guidance, or other supporting information to enable software developers and operators to identify, assess, and manage cybersecurity risks over the full lifecycle of software products. ####
(2)Outreach The Director shall conduct outreach and coordination activities to share technical expertise with Federal agencies, relevant industry stakeholders, and standards development organizations, as appropriate, to encourage the voluntary adoption of the software lifecycle security practices by Federal agencies and industry stakeholders.
Connectionstraces to 1
Citation graph
cites case law
Sec. 10224
SOFTWARE SECURITY AND AUTHENTICATION
U.S.C.§ 18933
Cites 1Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.