ADDF security review process
Autonomous Driving Data Framework (ADDF) was built with security in mind. Before release to the public, AWS performed an initial, internal security review of ADDF and resolved any identified security issues. Both AWS and the open-source community contribute to ongoing security reviews of the framework.
Regular security reviews by AWS
ADDF is published under the awslabs GitHub organization that is owned by AWS. AWS performs regular automatic and manual security reviews of the code in this organization, to verify security on a best-effort basis. According to AWS policy, AWS doesn't disclose information about the security review frequency, approach, or tools used. Furthermore, AWS doesn't publish any internal audit reports about ADDF. However, any identified security findings are fixed and published through pull request, with high urgency.
Note
ADDF as a framework is delivered on an 'AS-IS' BASIS, WITHOUT WARRANTIES OR
CONDITIONS OF ANY KIND, either express or implied, including without limitation, any
warranties or conditions of title, non-infringement, merchantabiity, or fitness for
a particulary purpose, as stated in the Apache License 2.0
Open-source security reviews and contributions
ADDF is an open-source project that welcomes contributions. We invite all users to
conduct their own security review of the framework and contribute by reporting any
security-related findings. If you find an issue in the code, please follow the
guidelines in Security issue notifications