English
Related papers

Related papers: What is Software Supply Chain Security?

200 papers

Difficulty of safety-related software standards to help producing software for safe systems is discussed. Some research activity and other actions are proposed to focus on and possibly resolve long-lasting related problems.

Software Engineering · Computer Science 2014-04-29 Mario Fusani , Giuseppe Lami

The Proactive Software Supply Chain Risk Management Framework (P SSCRM) described in this document is designed to help you understand and plan a secure software supply chain risk management initiative. P SSCRM was created through a process…

Cryptography and Security · Computer Science 2025-05-16 Laurie Williams , Sammy Migues , Jamie Boote , Ben Hutchison

Recent years have shown increased cyber attacks targeting less secure elements in the software supply chain and causing fatal damage to businesses and organizations. Past well-known examples of software supply chain attacks are the…

Cryptography and Security · Computer Science 2023-08-15 William Enck , Yasemin Acar , Michel Cukier , Alexandros Kapravelos , Christian Kästner , Laurie Williams

The software development process is considered as one of the key guidelines in the creation of said software and this approach is necessary for providing a more efficient yet satisfactory output. Without separation of work into distinct…

Software Engineering · Computer Science 2020-12-15 Alya Hannah Ahmad Kamal , Caryn Chuah Yi Yen , Gan Jia Hui , Pang Sze Ling , Fatima-tuz-Zahra

In recent years, various software supply chain (SSC) attacks have posed significant risks to the global community. Severe consequences may arise if developers integrate insecure code snippets that are vulnerable to SSC attacks into their…

Cryptography and Security · Computer Science 2025-09-25 Xiaofan Li , Xing Gao

Software vulnerabilities remain a significant risk factor in achieving security objectives within software development organizations. This is especially true where either proprietary or open-source software (OSS) is included in the…

Software Engineering · Computer Science 2025-09-23 James J. Cusick

A software supply chain attack is characterized by the injection of malicious code into a software package in order to compromise dependent systems further down the chain. Recent years saw a number of supply chain attacks that leverage the…

Cryptography and Security · Computer Science 2020-05-20 Marc Ohm , Henrik Plate , Arnold Sykosch , Michael Meier

Software Bill of Materials (SBOMs) are increasingly regarded as essential tools for securing software supply chains (SSCs), yet their real-world use and adoption barriers remain poorly understood. This systematic literature review…

Software Engineering · Computer Science 2025-06-06 Eric O'Donoghue , Yvette Hastings , Ernesto Ortiz , A. Redempta Manzi Muneza

Safety-critical software systems are those whose failure or malfunction could result in casualty and/or serious financial loss. In such systems, safety assurance cases (SACs) are an emerging approach that adopts a proactive strategy to…

Software Engineering · Computer Science 2018-03-23 Jinghui Cheng , Micayla Goodrum , Ronald Metoyer , Jane Cleland-Huang

Supply chain management encompasses various processes including various conventional logistics activities, and various other processes These processes are supported -- to a certain limit -- by coordination and integration mechanisms which…

Multiagent Systems · Computer Science 2018-11-06 Gilles Neubert , Yacine Ouzrout , Abdelaziz Bouras

Software security is of utmost importance for most software systems. Developers must systematically select, plan, design, implement, and especially, maintain and evolve security features -- functionalities to mitigate attacks or protect…

Software Engineering · Computer Science 2025-09-30 Kevin Hermann , Sven Peldszus , Jan-Philipp Steghöfer , Thorsten Berger

The software process model consists of a set of activities undertaken to design, develop and maintain software systems. A variety of software process models have been designed to structure, describe and prescribe the software development…

Software Engineering · Computer Science 2013-06-06 Rupinder Kaur , Jyotsna Sengupta

Information security isn't just about software and hardware -- it's at least as much about policies and processes. But the research community overwhelmingly focuses on the former over the latter, while gaping policy and process problems…

Cryptography and Security · Computer Science 2024-03-25 Arvind Narayanan , Kevin Lee

Nowadays, the use of agile software development methods like Scrum is common in industry and academia. Considering the current attacking landscape, it is clear that developing secure software should be a main concern in all software…

Cryptography and Security · Computer Science 2015-07-13 Christoph Pohl , Hans-Joachim Hof

The Software Bill of Materials (SBOM) has emerged as a promising solution, providing a machine-readable inventory of software components used, thus bolstering supply chain security. This paper presents an extensive study concerning the…

Software Engineering · Computer Science 2023-08-31 Tingting Bi , Boming Xia , Zhenchang Xing , Qinghua Lu , Liming Zhu

It is no secret that many projects fail, regardless of the business sector, software projects are notoriously disaster victims, not necessarily because of technological failure, but more often due to their uncertainties. The threats…

Software Engineering · Computer Science 2014-12-12 Marcelo Marinho , Suzana Sampaio , Telma Lima , Hermano Moura

Supply chains form the backbone of modern economies and therefore require reliable information flows. In practice, however, supply chains face severe technical challenges, especially regarding security and privacy. In this work, we…

Critical software systems face stringent requirements in safety, security, and reliability due to the circumstances surrounding their operation. Safety and security have progressively gained importance over the years due to the integration…

Software Engineering · Computer Science 2015-12-16 Julio Escribano-Barreno , Marisol García-Valls

The rapid growth of software supply chain attacks has attracted considerable attention to software bill of materials (SBOM). SBOMs are a crucial building block to ensure the transparency of software supply chains that helps improve software…

Software Engineering · Computer Science 2023-02-08 Boming Xia , Tingting Bi , Zhenchang Xing , Qinghua Lu , Liming Zhu

Supply chain security has become a very important vector to consider when defending against adversary attacks. Due to this, more and more developers are keen on improving their supply chains to make them more robust against future threats.…

Cryptography and Security · Computer Science 2025-04-02 Courtney Miller , William Enck , Yasemin Acar , Michel Cukier , Alexandros Kapravelos , Christian Kastner , Dominik Wermke , Laurie Williams