The Update Framework (TUF) maintains the security of software update systems, providing protection even against attackers that compromise the repository or signing keys. TUF provides a flexible framework and specification that developers can adopt into any software update system.
To learn more, see TUF overview and project details.
Governance
The TUF project is managed by the Linux Foundation under the Cloud Native Computing Foundation. The consensus builder for TUF is Prof. Justin Cappos of the Secure Systems Lab at New York University. Project maintainers [1][2] are comprised of collaborators from academia and the industry. Contributors and maintainers are governed by the CNCF Community Code of Conduct. For details, see Governance.
Funding
This material is based upon work supported by the National Science Foundation under Grant Nos. CNS-1345049 and CNS-0959138. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.