Criticality Score

The Criticality Score gives criticality score for an open source project. The project is maintained by members of the Securing Critical Projects WG.

Goals:

  • Generate a criticality score for every open source project.
  • Create a list of critical projects that the open source community depends on.
  • Use this data to proactively improve the security posture of these critical projects.

A project’s criticality score defines the influence and importance of a project. It is a number between 0 (least-critical) and 1 (most-critical). It is based on the following algorithm by Rob Pike:

If you want to get involved or have ideas you’d like to chat about, we discuss this project in the Securing Critical Projects WG meetings.