The Core Infrastructure Initiative (CII), a project managed by The Linux Foundation, announced financial support of nearly $500,000 for three new projects to better support critical security elements of today’s global information infrastructure.
CII’s funds will support a new open source automated testing project, the Reproducible Builds initiative from Debian, and IT security researcher Hanno Böck’s Fuzzing Project.
The project is organized by the Linux Foundation and supported by Amazon Web Services, Adobe, Bloomberg, Cisco, Dell, Facebook, Fujitsu, Google, Hitachi, HP, Huawei, IBM, Intel, Microsoft, NetApp, NEC, Qualcomm, salesforce.com, RackSpace and VMware.
Reproducible Builds enable anyone to reproduce bit by bit identical binary packages from a given source and enabling anyone to independently verify that a binary matches the source code from which it was said it was derived.
Debian developers Holger Levsen and Jérémy Bobbio are steering a large-scale effort to eliminate unneeded variations from the build processes of thousands of free software projects.
Additionally, Debian developers also provide tools to understand the source of differences and update the infrastructure so that developers can independently verify authenticity of binary distributions.
CII offers $200,000 to Levsen and Bobbio to advance their Debian work and collaborate more closely with other distributions.
Another project includes Fuzzing Project which identifies security problems in software or computer systems. Security researcher Hanno Böck spearheads The Fuzzing Project.
The fuzzing software will receive $60,000 from CII to report fuzzer-related issues in open source software.
This apart, CII will also invest $192,000 in TrustInSoft’s TIS Interpreter which is expected to be released as open source software in early 2016.
The Linux Foundation has also announced Emily Ratliff is joining The Linux Foundation as senior director of infrastructure security for CII.
Ratliff recently worked as a security engineer for AMD and logged nearly 15 years at IBM, and is a Linux, system and cloud security expert with more than 20 years of experience.