This repository hosts the governance, processes, and artifacts of the HDF Ecosystem Safety, Security, and Privacy (SSP) Special Interest Group (SIG).
The SSP SIG exists to:
- Improve the safety, security, and privacy posture of all projects within The HDF Group ecosystem. While our primary focus is the core HDF5 library and file format, our scope explicitly encompasses HSDS, official tools, language bindings, and other related projects.
- Coordinate community expertise around threat modeling, audits, incident readiness, and secure operational practices across these projects.
- Provide practical guidance, checklists, and tooling for users and implementers across the broader HDF ecosystem.
We welcome participation from:
- Contributors and maintainers of HDF5 and all related HDF Group projects (including HSDS, viewer tools, API bindings, and ecosystem plugins).
- Organizations that deploy HDF5 or other HDF technologies in production (research, HPC, industry, cloud).
- Security, privacy, and reliability practitioners with relevant expertise.
- Propose work via a Proposal issue (use the "SSP Proposal" template).
- Join SSP SIG meetings and help review proposals and decisions.
- Help author and review guidance, checklists, and reference configs for HDF projects.
- Participate in audits and tabletop exercises.
See:
CHARTER.md— the remit and operating model of the SIG.GOVERNANCE.md— roles, decision-making, and lifecycle.CONTRIBUTING.md— how to get involved.SECURITY.md— coordinated vulnerability disclosure.- POLICIES — policies governing HDF5 and other HDF Group software.
SSP SIG meetings are typically held on a regular cadence (e.g., bi-weekly), with an agenda and minutes recorded using the "SSP SIG Meeting Minutes" issue template.
Links to recurring meeting invites, video calls, and notes will be added here once established.
Textual content in this repository is provided under the Creative Commons 4.0 license license unless otherwise noted.
This material is based upon work supported by the National Science Foundation under Federal Award No. 2534078. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.