SLSA Specification

SLSA is a specification for describing and incrementally improving supply chain security, established by industry consensus. It is organized into a series of levels that describe increasing security guarantees.

This is version 1.0 of the SLSA specification, which defines the SLSA levels. For other versions, use the chooser at the bottom of this page. For the recommended attestation formats, including provenance, see “Specifications” in the menu at the top of the page.

Table of contents

Page Description
Security levels Overview of SLSA, intended for all audiences. If you read one page, read this.
Key principles Background on the guiding principles behind SLSA.
Terminology Terminology and model used by SLSA.
Requirements Detailed technical requirements, intended for system implementers.
Threats & mitigations Specific supply chain attacks and how SLSA helps.
FAQ Questions and more information.