The xz -utils breach highlighted the importance of maintaining the security of open source software, as vulnerabilities can have far-reaching consequences for digital infrastructure. Open source communities believe that more needs to be done but agreement on how best to approach the challenge remains out of reach. This debate mirrors discussions around trade security that surfaced soon afterthe 9/11 attacks on New York and Washington D.C., which resulted in a series of initiatives aimed at balancing the needs of global trade and international security. Using this case study as a model, the research project will bring together policymakers, industry, academics, and open source communities to devise practical steps for protecting critical digital infrastructure and offer novel approaches to securing open source software.