Vokietija – Mokslinių tyrimų paslaugos – nixpkgs-Project

Vokietija – Mokslinių tyrimų paslaugos – nixpkgs-Project

I dalis: Perkančioji organizacija

I.1) Pavadinimas ir adresai:

Oficialus pavadinimas: Sovereign Tech Agency GmbH
Adresas: Gartenstr. 7
Miestas: Berlin
Pašto kodas: 10115
Šalis: Vokietija
Asmuo ryšiams:
El-paštas: info@sovereign.tech
Interneto adresas (-ai):
Pagrindinis adresas: https://www.sovereign.tech/

II dalis: Objektas

II.1.1) Pavadinimas:

nixpkgs-Project
Nuorodos numeris: STF-24-21

II.1.2) Pagrindinis BVPŽ kodas:

73110000 Mokslinių tyrimų ir taikomosios veiklos projektavimas bei atlikimas

II.1.3) Sutarties tipas:

Kita

II.1.4) Trumpas aprašymas:

As a research and development service, the contract is excluded from the scope of public procurement law (cf. § 116(1)(2) GWB). Nix is a software deployment system enabling reproducible builds and declarations of entire system configurations. It powers Nixpkgs, the world's largest, most up-to-date open-source package repository, and NixOS, a declaratively configured Linux distribution - forming critical infrastructure that numerous organizations rely on for their software supply chain. With its growing adoption, the ecosystem faces increasing security challenges around package distribution, vulnerability management, supply chain integrity, and update turnaround time. Nix and NixOS are used by the European Commission's IT department, scientific computing clusters, and companies providing essential public services. They enable secure and reproducible software deployment for critical infrastructure, scientific research, and public services. The technology serves the public interest by providing a reliable foundation for long-term maintenance of systems that citizens depend on daily. The following problems will be addressed within the scope of this project: the growing popularity of Nix has made it an attractive target for supply chain attacks; security vulnerabilities at Nixpkgs' scale are challenging to handle efficiently; the system lacks robust mechanisms for verifying security properties and deploying patches quickly; current infrastructure relies heavily on root privileges and lacks modern security features. The following activities will be part of the project in order to adress the afforementioned issues: - Implement a rootless Nix daemon and secure boot capabilities in NixOS - Harden and accelerate CI checks, and enhance reproducibility verification - Increase independence from large donors in our computing infrastructure - Remove script-based system activation for improved security - Roll out first-class vulnerability tracking/monitoring

II.2) Aprašymas:

II.2.1) Kitas (-i) šio pirkimo BVPŽ kodas (-ai):

73110000 Mokslinių tyrimų paslaugos
73300000 Mokslinių tyrimų ir taikomosios veiklos projektavimas bei atlikimas