BotBeat
...
← Back

> ▌

AdaAda
UPDATEAda2026-03-05

AdaCore Achieves SLSA Build Level 3 Certification to Strengthen Software Supply Chain Security

Key Takeaways

  • ▸AdaCore has achieved SLSA Build Level 3 certification, demonstrating advanced software supply chain security practices with hardened, isolated builds and comprehensive artifact attestation
  • ▸The company maintains CMMC Level 2 conformance across its entire organization and has implemented NIST 800-171 controls for protecting sensitive government information
  • ▸AdaCore now provides signed SBOMs and provenance files to improve transparency and enable customers to verify the integrity and origin of software artifacts
Source:
Hacker Newshttps://www.adacore.com/blog/adacore-software-supply-chain-security-evolution↗

Summary

AdaCore, a provider of software development tools for safety-critical and security-critical systems, has announced significant progress in its software supply chain security initiatives, achieving SLSA (Supply Chain Levels for Software Artifacts) Build Level 3 certification. The company's efforts align with increasing cybersecurity requirements from both U.S. and European regulators, including CMMC 2.0, NIST SSDF, and emerging EU frameworks like the Cyber Resilience Act and NIS2 directive.

The achievement represents a comprehensive approach to build system security, incorporating signed Software Bills of Materials (SBOMs), provenance files, and hardened, isolated build environments. AdaCore has implemented CMMC Level 2 conformance company-wide and adopted NIST 800-171 controls for protecting Federal Contract Information and Controlled Unclassified Information. The company emphasizes that these measures extend beyond regulatory compliance to establish stronger trust relationships with customers.

AdaCore's SLSA Build Level 3 certification involves rigorous verification of build processes, ensuring that software artifacts are produced in isolated, tamper-resistant environments with full traceability. This includes cryptographically signed attestations that provide customers with verifiable evidence of build integrity and origin. The initiative covers AdaCore's suite of products including GNAT Pro compilation toolchains, SPARK Pro formal verification tools, and static analysis solutions for Ada, C/C++, and Rust programming languages.

  • The security initiative positions AdaCore to meet both current regulatory requirements (NIST SSDF, CMMC) and emerging EU frameworks including the Cyber Resilience Act and NIS2 directive
MLOps & InfrastructureCybersecurityRegulation & PolicyAI Safety & Alignment

More from Ada

AdaAda
PRODUCT LAUNCH

Adam Launches CADAM: Open-Source Text-to-CAD Platform Runs Entirely in Browser

2026-06-17
AdaAda
POLICY & REGULATION

Canada Launches 'AI for All' National Strategy to Close Adoption Gap

2026-06-04
AdaAda
UPDATE

Teradata CEO Tells Staff: No Raises This Year—We're Investing in AI

2026-06-04

Comments

Suggested

LLM Agent EcosystemLLM Agent Ecosystem
RESEARCH

Researchers Expose Critical Payload-Less Attack on LLM Agent Supply Chains

2026-07-04
OpenAIOpenAI
INDUSTRY REPORT

Investigation Uncovers AI-Generated Deepfakes in Lily Jay Foundation Charity Fraud

2026-07-04
AppleApple
RESEARCH

Researchers Discover Six Vulnerabilities in Apple AirDrop and Google/Samsung Quick Share Protocols

2026-07-04
← Back to news
© 2026 BotBeat
AboutPrivacy PolicyTerms of ServiceContact Us