SLSA v1.0.

Prepare evidence for SLSA v1.0 review

Buyer translation: this reference page maps the mark to a tool, system, control, deployment, or evidence question. supply-chain levels for software artifacts · SLSA v1.0 is a provenance standard: it cares about where an artifact came from and whether the chain is unbroken. Planisphere's evidence record can preserve sha-pinned, Merkle-rooted provenance in the format SLSA v1.0 expects for review.

register 09 · Compliance controls· slug slsa-v1-0· family compliance 🧬 · best-fit emoji

Reviewed 2026-07-02

01 ·

What this is.

Sixty-nine marks · cite-anchors for every regulatory regime Planisphere maps to · postmark idiom · single distinctive brass glyph per control · universal classifier · pSEO surface

Use. supply-chain levels for software artifacts.

Source. ascending staircase · 3 tiers · brass target rung.

Register. 09 · Compliance controls — one of the ten registers of the PLANiSPHERE corpus library.

02 ·

See it work.

Evidence record you can check — not code you have to trust.

Planisphere measures your tool deployment against SLSA v1.0 and seals the result into a signed, Merkle-rooted evidence record. The grade recomputes on your own hardware; the model state never crosses the boundary.

03 ·

Promise. compliance

The contract this mark binds — derived, not asserted.

SLSA v1.0 is a provenance standard: it cares about where an artifact came from and whether the chain is unbroken. Planisphere's evidence record can preserve sha-pinned, Merkle-rooted provenance in the format SLSA v1.0 expects for review.

Answers: How does a Planisphere evidence record support SLSA v1.0 review?

04 ·

Where this provenance chain ships.

Related marks, and the surface this one funnels to.

SLSA v1.0 (supply-chain levels for software artifacts) asks for an evidence record: SLSA v1.0 is a provenance standard: it cares about where an artifact came from and whether the chain is unbroken. The defense AI workflow produces that record — see how it runs at /defense.

C-SCRM reg 09 · supply-chain risk · NIST SP 800-161r1 FIPS 140-3 reg 09 · crypto module validation · 4 security levels SBOM reg 09 · software bill of materials · NTIA + CISA SCITT reg 09 · supply-chain integrity, transparency, trust · IETF SHA-256 / FIPS 180-4 reg 09 · hash algorithm · per-file pinning primitive
05 ·

Routes here from.

Where this mark is referenced in the Planisphere surface.

Defense · Education · Law · Medicine · About

Any internal link in the Planisphere site that names "SLSA v1.0" canonicalises here.

Prepare evidence for SLSA v1.0 review.

First evidence record within 21 days of access · re-runs in a single business day.