Modern software is vulnerable to malicious activity, and software professionals must address software supply chain attacks. This project establishes the Secure Software Supply Chain Center (S3C2), bringing together researchers, industry partners and government agencies to develop scientific tools, metrics, data formats, and methods to reduce risks with software.

The $9 million NSF grant. NC State was awarded $6 million as the lead institution. Other university partners include Carnegie Mellon University, The George Washington University and the University of Maryland College Park.