Safeguard
Compliance

What is the NIST Secure Software Development Framework (SSDF)

NIST SSDF (SP 800-218) explained: its four practice groups, the EO 14028 origin, federal attestation deadlines, and how it differs from SLSA and SP 800-53.

James
Principal Security Architect
6 min read

The NIST Secure Software Development Framework (SSDF) is a set of secure development practices published by the National Institute of Standards and Technology as Special Publication 800-218. First finalized in February 2022, it defines four groups of practices — Prepare the Organization, Protect the Software, Produce Well-Secured Software, and Respond to Vulnerabilities — that together span 19 practices and roughly 42 underlying tasks. The SSDF isn't a certification you earn once; it's a reference framework federal agencies now require software vendors to attest against before their products can run on government systems. That requirement came out of Executive Order 14028, signed May 12, 2021, and was operationalized through OMB Memo M-22-18 in September 2022 and a CISA self-attestation form finalized in 2024. If your company sells to the U.S. government, or to any enterprise that has adopted SSDF as a vendor security baseline, understanding its structure is no longer optional.

What is the NIST SSDF?

The NIST SSDF is a catalog of secure software development practices organized into four groups, published as NIST Special Publication 800-218. The four groups are PO (Prepare the Organization), PS (Protect the Software), PW (Produce Well-Secured Software), and RV (Respond to Vulnerabilities). Unlike a checklist regulation, SSDF is written as a set of outcome-based practices — for example, PW.4 says organizations should "reuse existing, well-secured software instead of duplicating functionality," without dictating exactly which tool enforces that. NIST designed it this way so it could map onto existing frameworks like ISO/IEC 27034, the BSA Framework for Secure Software, and OWASP SAMM rather than replace them. The first draft appeared in April 2020 as a preliminary white paper; the version most vendors reference today, SP 800-218 v1.1, was finalized in February 2022 after a public comment period. NIST has since drafted a companion, SP 800-218A, specifically to guide AI/ML model development practices under the same framework.

Why was the SSDF created?

The SSDF exists because Executive Order 14028, "Improving the Nation's Cybersecurity," directed NIST to define secure development standards for any software sold to the federal government. The order was signed May 12, 2021, seven months after the SolarWinds Orion compromise, which had shown how a single tampered build pipeline could reach thousands of downstream government and enterprise networks. Section 4 of the EO gave NIST specific deadlines — including a 30-day window to publish preliminary guidelines and a 180-day window to define practices for enhancing supply chain security — that produced both the SSDF and the parallel software supply chain security guidance in SP 800-161r1. The intent was concrete: rather than trusting a vendor's word that its code was "secure," agencies would require an artifact-backed attestation tied to a specific, named framework. That framework is the SSDF.

Who has to comply with the NIST SSDF, and by when?

Any producer selling software to a U.S. federal agency has to attest to following the NIST SSDF, a requirement that took effect for critical software as of June 2023 under OMB Memo M-22-18. The memo, issued September 14, 2022, required agencies to collect a self-attestation form from software producers — or, for higher-risk "critical software," a third-party assessment — before continuing to use that software. A follow-up memo, M-23-16, issued June 9, 2023, pushed the compliance deadline for standard software to three months after CISA finalized its official attestation form, which it did in March 2024. The self-attestation form itself requires a company officer to certify, in writing, that the vendor follows specific numbered SSDF practices, including PO.5.1 (separate build environments), PS.2.1 (provenance data for each release), PW.4.4 (SBOM generation), and RV.1.1 (vulnerability monitoring after release). Attestations are valid company-wide across products for as long as the underlying practices remain accurate, but agencies can request supporting artifacts at any time, and false attestations carry False Claims Act exposure.

What are the 19 practices inside the four SSDF groups?

The 19 SSDF practices break down unevenly across the four groups, with the largest concentration — nine practices — sitting inside "Produce Well-Secured Software" (PW.1 through PW.9). "Prepare the Organization" (PO.1–PO.5) covers governance basics like defining security requirements and training developers. "Protect the Software" (PS.1–PS.3) covers protecting code from unauthorized changes, verifying integrity, and archiving releases with their provenance. "Produce Well-Secured Software" is the largest and most technical group, covering everything from design review (PW.1) and third-party component reuse (PW.4) to static and dynamic testing (PW.7, PW.8) and configuration hardening (PW.9). "Respond to Vulnerabilities" (RV.1–RV.3) closes the loop, requiring continuous vulnerability identification, root-cause analysis, and — critically — a defined process for handling the vulnerabilities that get discovered after release, not just before it. Each practice further decomposes into task-level detail; PW.4 alone lists specific sub-tasks around evaluating third-party and open-source components before use, which is where SBOM data becomes load-bearing.

How is the NIST SSDF different from SLSA or SP 800-53?

The NIST SSDF differs from SLSA and SP 800-53 in scope: SSDF governs development practices, SLSA governs build/provenance integrity, and SP 800-53 governs broader IT security controls for federal systems. SLSA (Supply-chain Levels for Software Artifacts), originated at Google and now a CNCF/OpenSSF project, defines four numbered levels (SLSA 0 through SLSA 3) focused narrowly on build provenance and tamper resistance — it's effectively a more prescriptive, machine-checkable subset of what SSDF's PS and PW groups describe in prose. SP 800-53, by contrast, is NIST's general-purpose catalog of hundreds of security and privacy controls (currently Revision 5, with over 1,000 individual controls) used to authorize entire federal information systems under FedRAMP and FISMA — SSDF is scoped specifically to the software development lifecycle, a small fraction of what 800-53 covers. In practice, vendors selling into government often need all three: SP 800-53 or FedRAMP for the hosting environment, SSDF attestation for how the software was built, and increasingly SLSA levels as the technical evidence backing that attestation.

How Safeguard Helps

Meeting SSDF's PW and RV practices in practice means producing evidence, not just policy documents, and that's where Safeguard fits. Safeguard generates and ingests SBOMs automatically on every build, mapping directly to PW.4's component-inventory requirements and giving compliance teams an artifact they can hand to auditors instead of assembling one by hand. Griffin AI, Safeguard's reasoning engine, performs reachability analysis to determine which flagged vulnerabilities in that SBOM are actually exploitable in your running application — turning RV.1's "identify vulnerabilities" requirement into a prioritized, defensible list instead of an unfiltered CVE dump. When a real, reachable vulnerability is confirmed, Safeguard can open an auto-fix pull request that resolves it, giving RV.2's remediation-timeline requirement a concrete, timestamped artifact trail. Together, that pipeline — SBOM generation, reachability-scored triage, and auto-remediation — is designed to make SSDF self-attestation something your security team can back with evidence on demand, not scramble to reconstruct before an audit.

Never miss an update

Weekly insights on software supply chain security, delivered to your inbox.