Overview

Computers and connected systems are central to modern life, but they also expose substantial security risks. The Secure Systems Laboratory (SSL) at New York University addresses these challenges by designing practical, open-source solutions that improve the security of real-world systems at scale. The lab is directed by Professor Justin Cappos, whose research focuses on resilient software infrastructure, virtualization technologies, software engineering debugging tools, and software supply chain integrity.

Key lab technologies include the secure software update framework The Update Framework (TUF) and in-toto the de facto standard for software supply chain attestations, both of which are graduated projects of the Cloud Native Computing Foundation (CNCF). It also includes the widely used Uptane standard which is used both for securing automotive software updates and on millions of other devices; and gittuf, which improves the security of Git repositories. These and other projects developed at SSL are used across container ecosystems, open-source projects, embedded systems, and enterprise environments on millions of computers worldwide.

At SSL, we believe security research should have real-world impact. SSL projects are developed in collaboration with foundations and standards bodies such as the JDF, CNCF, and the Open Source Security Foundation (OpenSSF), helping ensure that research results translate into widely adopted, interoperable solutions. Learn more about collaborating here.