English
Related papers

Related papers: What is Software Supply Chain Security?

200 papers

The software product is a source of cyber-attacks that target organizations by using their software supply chain as a distribution vector. As the reliance of software projects on open-source or proprietary modules is increasing drastically,…

Cryptography and Security · Computer Science 2023-05-24 Betul Gokkaya , Leonardo Aniello , Basel Halak

This article delves into the strategic approaches and preventive measures necessary to safeguard the software supply chain against evolving threats. It aims to foster an understanding of the challenges and vulnerabilities inherent in…

Cryptography and Security · Computer Science 2024-07-22 Ahmed Akinsola , Abdullah Akinde

This paper systematizes knowledge about secure software supply chain patterns. It identifies four stages of a software supply chain attack and proposes three security properties crucial for a secured supply chain: transparency, validity,…

Cryptography and Security · Computer Science 2024-06-17 Chinenye Okafor , Taylor R. Schorlemmer , Santiago Torres-Arias , James C. Davis

Software systems have grown as an indispensable commodity used across various industries, and almost all essential services depend on them for effective operation. The software is no longer an independent or stand-alone piece of code…

Software Engineering · Computer Science 2025-05-29 Ritwik Murali , Akash Ravi

This work discusses open-source software supply chain attacks and proposes a general taxonomy describing how attackers conduct them. We then provide a list of safeguards to mitigate such attacks. We present our tool "Risk Explorer for…

Cryptography and Security · Computer Science 2023-04-12 Piergiorgio Ladisa , Serena Elisa Ponta , Antonino Sabetta , Matias Martinez , Olivier Barais

Software supply chain attacks have increased exponentially since 2020. The primary attack vectors for supply chain attacks are through: (1) software components; (2) the build infrastructure; and (3) humans (a.k.a software practitioners).…

Cryptography and Security · Computer Science 2025-09-11 Laurie Williams , Sammy Migues

The software supply chain comprises a highly complex set of operations, processes, tools, institutions and human factors involved in creating a piece of software. A number of high-profile attacks that exploit a weakness in this complex…

Cryptography and Security · Computer Science 2024-05-30 Eman Abu Ishgair , Marcela S. Melara , Santiago Torres-Arias

Today's digital ecosystem relies heavily on software supply chains, which enable developers to reuse code and ship software at scale. However, a single vulnerable component can jeopardize the entire supply chain. In recent years,…

Cryptography and Security · Computer Science 2026-05-29 Md Atiqur Rahman , Yasemin Acar , Michel Cucker , William Enck , Alexandros Kapravelos , Christian Kastner , Dominik Wermke , Laurie Williams

In recent years, technology has advanced considerably with the introduction of many systems including advanced robotics, big data analytics, cloud computing, machine learning and many more. The opportunities to exploit the yet to come…

Cryptography and Security · Computer Science 2023-11-21 Sam Wen Ping , Jeffrey Cheok Jun Wah , Lee Wen Jie , Jeremy Bong Yong Han , Saira Muzafar

Secure development process is a procedure taken by developers to ensure the programs developed are following the general security standards and will always be up to date so that the outcomes are well secured and obedient. As a software…

Software Engineering · Computer Science 2020-12-22 Abdul Hadi bin Abdul Rahman , Abdullah Nazir , Kim Tae Hyun , Tan Horng Yarng , Fatima-tuz-Zahra

Supply chain is emerging as the next frontier of threats in the rapidly evolving IoT ecosystem. It is fundamentally more complex compared to traditional ICT systems. We analyze supply chain risks in IoT systems and their unique aspects,…

Cryptography and Security · Computer Science 2019-08-22 Muhammad Junaid Farooq , Quanyan Zhu

Software supply chains, while providing immense economic and software development value, are only as strong as their weakest link. Over the past several years, there has been an exponential increase in cyberattacks specifically targeting…

Many software products are composed of components integrated from other teams or external parties. Each additional link in a software product's supply chain increases the risk of the injection of malicious behavior. To improve supply chain…

Software Engineering · Computer Science 2025-03-31 Kelechi G. Kalu , Tanya Singla , Chinenye Okafor , Santiago Torres-Arias , James C. Davis

While new technologies emerge, human errors always looming. Software supply chain is increasingly complex and intertwined, the security of a service has become paramount to ensuring the integrity of products, safeguarding data privacy, and…

Cryptography and Security · Computer Science 2025-01-22 Vasileios Alevizos , George A Papakostas , Akebu Simasiku , Dimitra Malliarou , Antonis Messinis , Sabrina Edralin , Clark Xu , Zongliang Yue

While providing economic and software development value, software supply chains are only as strong as their weakest link. Over the past several years, there has been an exponential increase in cyberattacks, specifically targeting vulnerable…

Cryptography and Security · Computer Science 2025-05-16 Imranur Rahman , Yasemin Acar , Michel Cukier , William Enck , Christian Kastner , Alexandros Kapravelos , Dominik Wermke , Laurie Williams

Information protection is becoming a focal point for designing, creating and implementing software applications within highly integrated technology environments. The use of a safe coding technique in the software development process is…

Software Engineering · Computer Science 2020-12-11 Isaac Chin Eian , Lim Ka Yong , Majesty Yeap Xiao Li , Noor Affan Bin Noor Hasmaddi , Fatima-tuz-Zahra

Secure software engineering is a fundamental activity in modern software development. However, while the field of security research has been advancing quite fast, in practice, there is still a vast knowledge gap between the security experts…

Software Engineering · Computer Science 2021-04-09 Vivek Arora , Enrique Larios Vargas , Maurício Aniche , Arie van Deursen

The increasing frequency and sophistication of software supply chain attacks pose severe risks to critical infrastructure sectors, threatening national security, economic stability, and public safety. Despite growing awareness, existing…

Software Engineering · Computer Science 2025-10-31 Liming Dong , Sung Une Lee , Zhenchang Xing , Muhammad Ejaz Ahmed , Stefan Avgoustakis

Supply chain security is extremely important for modern applications running at scale in the cloud. In fact, they involve a large number of heterogeneous microservices that also include third-party software. As a result, security…

Cryptography and Security · Computer Science 2025-10-08 Jacopo Bufalino , Mario Di Francesco , Agathe Blaise , Stefano Secci

Software-as-a-service (SaaS) is a type of software service delivery model which encompasses a broad range of business opportunities and challenges. Users and service providers are reluctant to integrate their business into SaaS due to its…

Cryptography and Security · Computer Science 2015-05-08 Pushpinder Kaur Chouhan , Feng Yao , Suleiman Y. Yerima , Sakir Sezer
‹ Prev 1 2 3 10 Next ›