All:

Here's a team report, as part of an architecture class, where they
examined open source software projects:
https://se.ewi.tudelft.nl/desosa2019/
If you look at a part that discusses Zephyr:
https://se.ewi.tudelft.nl/desosa2019/chapters/zephyr/#Autotools

You can see a reference to the CII Best Practices badge! It sayd:
"In conclusion, Zephyr could serve as a role model not only for
Real-time Operating Systems, but also for open-source software
projects in general. It is a good example of how successful management
of open-source contributions and a well defined and documented
architecture can ensure and retain the software’s quality. They follow
some of the [CII best] practices as can be seen from their gold badge
and this process goes a long way in avoiding technical debt."

This report came out in Dec 2019, so it's a bit dated in terms of the
Zephyr release they're looking at (pre-LTS). However, as Kate Stewart
noted, "it has some nice creative ways of showing the info... I like
how they did some of the classifications."

My sincere thanks to Brett, and Kate Stewart, for noticing this &
telling me about it!


--- David A. Wheeler
Director of Open Source Supply Chain Security, The Linux Foundation

--
--- David A. Wheeler
Director of Open Source Supply Chain Security, The Linux Foundation