What we build
VERACCORD is an open-core framework, written in Rust, for building connected devices and edge-AI systems that are secure by default: TLS on every interface, certificate revocation checked on every use, hardware-rooted identity, measured boot with continuous attestation, signed audit trails, and authenticated time. The framework is packaged à la carte — adopt one pillar or the whole platform.
Open core
- veraccord — umbrella crate and CLI (Apache-2.0)
- veraccord-sec — certificates, identity, and security posture (Apache-2.0)
- veraccord-ai — AI provenance and attestation (BUSL-1.1, source-available)
- veraccord-ssdl — config-driven secure-development-lifecycle tooling (Apache-2.0)
VERACCORD is in pre-release development. Each tier will be published to crates.io, with source on GitHub, as it reaches release.
Discipline
Every change is developed under a security development lifecycle based on IEC 62443-4-1, and the framework targets the technical requirements of IEC 62443-3-3 and -4-2 Security Level 4. These are engineering baselines we hold ourselves to and self-assess against — not third-party certifications, and not a conformity claim made on your behalf.