This site may contain outdated or incomplete information.
Authoring Guidelines and Standards
The purpose of these guidelines is to ensure the production of high-quality, consistent, and impactful publications. Most pieces are authored as collaborative knowledge production efforts within working groups, under the guidance of a chair or technical leader. The topics tend to be specific under the purview of a working group, for instance, “Software Supply Chain Best Practices,” “Secure Software Factory,” or “Open and Secure - A Manual for Practicing Threat Modeling to Assess and Fortify Open Source Security,” but sometimes cover broader themes like cloud native security white papers, the lexicon, and use cases and personas.
We strive for quality over quantity, emphasizing the importance of not duplicating existing materials unless we have something new to contribute or a cloud native perspective to offer. While some of our publications serve as “tour guides” rather than comprehensive handbooks, there is a recognized need for more in-depth books on building security that are regularly updated. These guidelines aim to foster a rigorous, clear, and professional standard for all our publications, ensuring they remain valuable resources for the community.
We intentionally maintain a low-friction, low-barrier approach to publishing to keep these efforts enjoyable and accessible. However, we ask authors to consider these guidelines upfront, as the proofing and editorial work often involves significant effort from volunteers. Unlike professionals at a publishing house, these volunteers juggle these tasks alongside their regular commitments. To ease this burden, we encourage authors to strive for the highest quality in their initial drafts, ensuring clarity, accuracy, and coherence from the start. This consideration helps make the collaborative process more efficient and enjoyable for everyone involved.
For detailed guidelines on creating papers and delivering artifacts, refer to Process for Creating Papers and Publishing Protocols for Project Deliverables .
Initial Publishing Guidelines and Standards
1. Content Quality
- Relevance: Ensure all content is relevant to the topic and objectives of the publication, as well as the mission of TAG Security.
- Accuracy: Verify all facts, figures, and citations. Ensure all information is current and correct.
- Comprehensiveness: Cover the topic thoroughly, providing a clear and complete picture. Avoid unnecessary jargon and ensure the content is accessible to the target audience.
- Clarity and Coherence: Maintain a logical flow of ideas. Ensure that each section transitions smoothly to the next and that the overall structure supports the document’s objectives.
2. Structure and Organization
- Title and Abstract: Provide a clear, concise title and abstract that summarize the main points and objectives.
- Sections and Headings: Use clear and descriptive headings. Ensure that the document is divided into well-defined sections (e.g., Introduction, Background, Core Concepts, Implementation, Case Studies, Conclusion).
- Introduction: Offer a compelling introduction that outlines the purpose and scope of the document. For really short documents, like blog posts, a dedicated introduction section might be skipped, but at least an introductory paragraph is generally recommended.
- Conclusion: Summarize key findings and provide actionable recommendations or next steps.
3. Writing Style
- Tone: Maintain a professional and objective tone throughout the document.
- Clarity: Write in clear, concise language. Avoid ambiguity and redundancy.
- Consistency: Ensure consistency in terminology, abbreviations, and formatting.
4. Technical Accuracy
- Terminology: Use industry-standard terminology correctly. Provide definitions for any specialized terms or acronyms.
- Examples and Diagrams: Include relevant examples and diagrams to illustrate key points. Ensure that all visuals are clearly labeled and referenced in the text.
5. Technical Rigor
- Depth of Analysis: Provide in-depth analysis and discussion of the topic. Ensure that technical concepts are explained thoroughly and accurately.
- Methodology: Clearly describe the methodologies and frameworks used. Ensure that the approaches are scientifically sound and justified.
- Evidence and Data: Support arguments with robust evidence and data. Include empirical data, case studies, or examples to substantiate claims.
6. References and Citations
- Source Quality: Use reputable and reliable sources. Ensure that all references are properly cited.
- Citation Format: Adopt a consistent citation style (e.g., APA, IEEE). Include a comprehensive references section at the end of the document.
7. Review and Revision
- Peer Review: Submit the document for peer review by knowledgeable individuals within the community. Specifically, documents should be posted to the #tag-security channel for feedback. Incorporate feedback and revisions as needed.
- Proofreading: Conduct thorough proofreading to eliminate grammatical, typographical, and formatting errors.
8. Formatting and Presentation
- Document Layout: Use a clean and professional layout. Ensure consistent use of fonts, headings, and spacing.
- Figures and Tables: Number all figures and tables sequentially. Provide clear captions and ensure they are referenced in the text.
- Appendices: Include appendices for supplementary material that supports the main content without interrupting the flow.
Example Rubric for Evaluation
| Criteria | Excellent | Good | Fair | Poor |
|---|---|---|---|---|
| Content Quality | Thoroughly covers topic, highly accurate, very relevant | Covers topic well, mostly accurate, relevant | Partially covers topic, some inaccuracies, somewhat relevant | Lacks coverage, many inaccuracies, irrelevant |
| Structure & Organization | Clear, logical structure, well-defined sections | Mostly clear structure, sections somewhat defined | Somewhat disorganized, sections not clearly defined | Disorganized, sections poorly defined |
| Writing Style | Clear, concise, professional, consistent tone | Mostly clear and concise, professional tone | Some clarity issues, inconsistent tone | Unclear, redundant, unprofessional tone |
| Technical Accuracy | Accurate use of terminology, well-explained concepts | Mostly accurate, some terms not well explained | Several inaccuracies, many terms not explained | Many inaccuracies, terms used incorrectly |
| Technical Rigor | In-depth analysis, robust methodology, strong evidence | Good analysis, sound methodology, adequate evidence | Some analysis, basic methodology, limited evidence | Lacks depth, weak methodology, insufficient evidence |
| References & Citations | High-quality sources, properly cited | Good sources, mostly properly cited | Mixed source quality, some citations missing | Poor sources, many citations missing |
| Review & Revision | Thorough peer review, all feedback addressed | Peer review done, most feedback addressed | Limited review, some feedback addressed | No review, feedback not addressed |
| Formatting & Presentation | Professional layout, consistent formatting | Mostly professional, minor formatting inconsistencies | Some formatting issues, layout not fully professional | Poor layout, many formatting issues |
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.