English
Related papers

Related papers: Enterprise-Driven Open Source Software: A Case Stu…

200 papers

Many software products are composed of components integrated from other teams or external parties. Each additional link in a software product's supply chain increases the risk of the injection of malicious behavior. To improve supply chain…

Software Engineering · Computer Science 2025-03-31 Kelechi G. Kalu , Tanya Singla , Chinenye Okafor , Santiago Torres-Arias , James C. Davis

Purpose: Continuous Software Engineering (CSE) promises improved efficiency, quality, and responsiveness in software-intensive organizations. However, fully adopting CSE is often constrained by complex products, legacy systems,…

Software Engineering · Computer Science 2025-11-05 Eriks Klotins , Magnus Ahlgren , Nicolas Martin Vivaldi , Even-Andre Karlsson

It's long been accepted that continuous integration (CI) in software engineering increases the code quality of enterprise projects when adhered to by it's practitioners. But is any of that effort to increase code quality and velocity…

Software Engineering · Computer Science 2024-02-13 Parth Sane

Open-source software (OSS) dependencies introduce systemic risks that are difficult to manage at scale. Existing Software Composition Analysis (SCA) and reachability tools generate severe alert fatigue by treating risk as an intrinsic…

Software Engineering · Computer Science 2026-05-04 Henry Ruckman-Utting , Vrushal Nedungadi , Taiga Okuma , LeTian Wang , Stephen Ehebald , Mohammad A. Tayebi

The continuous integration and continuous deployment (CI/CD) pipelines are widely adopted on Internet hosting platforms, such as GitHub. With the popularity, the CI/CD pipeline faces various security threats. However, current CI/CD…

Cryptography and Security · Computer Science 2024-02-01 Ziyue Pan , Wenbo Shen , Xingkai Wang , Yutian Yang , Rui Chang , Yao Liu , Chengwei Liu , Yang Liu , Kui Ren

Security remains a critical challenge in modern web applications, where threats such as unauthorized access, data breaches, and injection attacks continue to undermine trust and reliability. Traditional Object-Oriented Programming (OOP)…

Software Engineering · Computer Science 2025-09-10 Mterorga Ukor

The Open Source Software movement has been growing exponentially for a number of years with no signs of slowing. Driving this growth is the widespread availability of libraries and frameworks that provide many functionalities. Developers…

Software Engineering · Computer Science 2022-06-22 Stan Zajdel , Diego Elias Costa , Hafedh Mili

Current Continuous Integration processes face significant intrinsic cybersecurity challenges. The idea is not only to solve and test formal or regulatory security requirements of source code but also to adhere to the same principles to the…

Cryptography and Security · Computer Science 2021-12-14 David Fernández González , Francisco Javier Rodríguez Lera , Gonzalo Esteban , Camino Fernández Llamas

Nowadays, the use of agile software development methods like Scrum is common in industry and academia. Considering the current attacking landscape, it is clear that developing secure software should be a main concern in all software…

Cryptography and Security · Computer Science 2015-07-13 Christoph Pohl , Hans-Joachim Hof

Software supply chain attacks have increased exponentially since 2020. The primary attack vectors for supply chain attacks are through: (1) software components; (2) the build infrastructure; and (3) humans (a.k.a software practitioners).…

Cryptography and Security · Computer Science 2025-09-11 Laurie Williams , Sammy Migues

Open-source software (OSS) supply chain security has become a topic of concern for organizations. Patching an OSS vulnerability can require updating other dependent software products in addition to the original package. However, the…

Software Engineering · Computer Science 2024-04-19 Cadence Patrick , Kimberly Ruth , Zakir Durumeric

Context: DevOps has become one of the fastest-growing software development paradigms in the industry. However, this trend has presented the challenge of ensuring secure software delivery while maintaining the agility of DevOps. The efforts…

Software Engineering · Computer Science 2023-05-02 Roshan N. Rajapakse , Mansooreh Zahedi , M. Ali Babar , Haifeng Shen

Safety assurance is a paramount factor in the large-scale deployment of various autonomous systems (e.g., self-driving vehicles). However, the execution of safety engineering practices and processes have been challenged by an increasing…

Software Engineering · Computer Science 2020-08-12 Umair Siddique

Traditionally, promoted by the internet companies, continuous delivery is more and more appealing to industries which develop systems with safety-critical functions. Since safety-critical systems must meet regulatory requirements and…

Software Engineering · Computer Science 2021-06-15 Marc Zeller

Integrating third-party software components is a common practice in modern software development, offering significant advantages in terms of efficiency and innovation. However, this practice is fraught with risks related to software…

Software Engineering · Computer Science 2025-07-11 Boyuan Li , Chengwei Liu , Lingling Fan , Sen Chen , Zhenlin Zhang , Zheli Liu

The adoption of DevOps practices in embedded systems and firmware development is emerging as a response to the growing complexity of modern hardware--software co-designed products. Unlike cloud-native applications, embedded systems…

Software Engineering · Computer Science 2025-07-02 Parthiv Katapara , Anand Sharma

In recent years, there has been a growing concern with software integrity, that is, the assurance that software has not been tampered with on the path between developers and users. This path is represented by a software development pipeline…

Cryptography and Security · Computer Science 2022-11-14 B. M. Reichert , R. R. Obelheiro

Open-source software (OSS) is a critical component of modern software systems, yet supply chain security remains challenging in practice due to unavailable or obfuscated source code. Consequently, security teams often rely on runtime…

Cryptography and Security · Computer Science 2026-05-27 Zhuoran Tan , Ke Xiao , Jeremy Singer , Christos Anagnostopoulos

Background: Open Source Software (OSS) is often seen as an option to mitigate risks of lock-ins. Yet, single-vendor OSS can still result in soft lock-ins due to knowledge asymmetries and technical barriers. Aim: This study explores actors…

Software Engineering · Computer Science 2024-09-04 Per Persson , Johan Linåker

Software development industries are increasingly adopting containers to enhance the scalability and flexibility of software applications. Security in containerized projects is a critical challenge that can lead to data breaches and…

Software Engineering · Computer Science 2025-04-11 Maha Sroor , Rahul Mohanani , Ricardo Colomo-Palacios , Sandun Dasanayake , Tommi Mikkonen