Secure the software update path against compromise — signed metadata and role separation that survive stolen keys and breached servers.

Welcome to The Update Framework (TUF): Securing Software Updates.

The Update Framework (TUF) is a framework for securing software update and distribution systems against compromise — protecting the path from publish to install even when keys are stolen or servers are breached. This free book teaches it from the ground up: software-update security threats and why naive signing isn't enough, TUF's core concepts (signed metadata, targets, the chain of trust), the four roles (root, targets, snapshot, timestamp) and why they're separated, the specific attacks TUF defends (rollback, freeze, mix-and-match, key compromise), the client verification workflow, key management with offline keys/thresholds/recovery, delegations for scaling to multi-publisher repositories, TUF in the ecosystem (Notary, Sigstore, package managers), and applying TUF in practice. Ten focused chapters with clear diagrams that show how TUF achieves compromise resilience that naive signing can't.

This title is part of the ShriIra library and is free to read in full, right here — our small contribution to making world-class knowledge easy to reach.

A note on reading it: open the Contents menu at the top of the reader to jump between chapters, use the Aa menu to set a comfortable text size, theme (light, sepia, or night), and single- or two-page layout. Your place is saved automatically, so you can always pick up where you left off.

We hope it serves you well.

— Shriira Press

Contents

1. Chapter 1 — What TUF Is
2. Chapter 2 — Software Update Security Threats
3. Chapter 3 — Core Concepts: Metadata, Signing, and Trust
4. Chapter 4 — The Roles
5. Chapter 5 — Attacks and How TUF Defends Them
6. Chapter 6 — Client Verification
7. Chapter 7 — Key Management, Thresholds, and Recovery
8. Chapter 8 — Delegations
9. Chapter 9 — TUF in the Ecosystem
10. Chapter 10 — Applying TUF and Putting It Together