Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Secure Software Development Practices for Generative AI and Dual-Use Foundation Models | NIST SP 800-218A
July 26, 2024

Today, NIST is releasing Special Publication (SP) 800-218A, Secure Software Development Practices for Generative AI and Dual-Use Foundation Models: An SSDF Community Profile.

This publication augments the secure software development practices and tasks defined in SP 800-218, Secure Software Development Framework (SSDF) Version 1.1: Recommendations for Mitigating the Risk of Software Vulnerabilities. SP 800-218A adds practices, tasks, recommendations, considerations, notes, and informative references that are specific to artificial intelligence (AI) model development throughout the software development life cycle. 

These additions are documented in the form of an SSDF Community Profile to support Executive Order (EO) 14110, Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence, which tasked NIST with “developing a companion resource to the [SSDF] to incorporate secure development practices for generative AI and for dual-use foundation models.” 

This Community Profile is intended to be useful to the producers of AI models, the producers of AI systems that use those models, and the acquirers of those AI systems. This Profile should be used in conjunction with SP 800-218.

Related Topics

Security and Privacy: acquisition, risk management

Technologies: artificial intelligence, software & firmware

Laws and Regulations: Executive Order 14110

Created July 23, 2024, Updated July 29, 2024