English
Related papers

Related papers: An Integrity-Focused Threat Model for Software Dev…

200 papers

With the increasing adoption of Continuous Integration and Continuous Deployment pipelines, securing software supply chains has become a critical challenge for modern DevOps teams. This study addresses these challenges by applying a…

Software Engineering · Computer Science 2025-06-10 Sowmiya Dhandapani

This article delves into the strategic approaches and preventive measures necessary to safeguard the software supply chain against evolving threats. It aims to foster an understanding of the challenges and vulnerabilities inherent in…

Cryptography and Security · Computer Science 2024-07-22 Ahmed Akinsola , Abdullah Akinde

Computing systems face diverse and substantial cybersecurity threats. To mitigate these cybersecurity threats, software engineers need to be competent in the skill of threat modeling. In industry and academia, there are many frameworks for…

Cryptography and Security · Computer Science 2024-04-26 Siddhant S. Joshi , Preeti Mukherjee , Kirsten A. Davis , James C. Davis

Continuous Deployment (CD) has emerged as a new practice in the software industry to continuously and automatically deploy software changes into production. Continuous Deployment Pipeline (CDP) supports CD practice by transferring the…

Software Engineering · Computer Science 2017-03-14 Faheem Ullah , Adam Johannes Raft , Mojtaba Shahin , Mansooreh Zahedi , Muhammad Ali Babar

Information protection is becoming a focal point for designing, creating and implementing software applications within highly integrated technology environments. The use of a safe coding technique in the software development process is…

Software Engineering · Computer Science 2020-12-11 Isaac Chin Eian , Lim Ka Yong , Majesty Yeap Xiao Li , Noor Affan Bin Noor Hasmaddi , Fatima-tuz-Zahra

This paper systematizes knowledge about secure software supply chain patterns. It identifies four stages of a software supply chain attack and proposes three security properties crucial for a secured supply chain: transparency, validity,…

Cryptography and Security · Computer Science 2024-06-17 Chinenye Okafor , Taylor R. Schorlemmer , Santiago Torres-Arias , James C. Davis

Software systems have grown as an indispensable commodity used across various industries, and almost all essential services depend on them for effective operation. The software is no longer an independent or stand-alone piece of code…

Software Engineering · Computer Science 2025-05-29 Ritwik Murali , Akash Ravi

The continuous integration and continuous deployment (CI/CD) pipelines are widely adopted on Internet hosting platforms, such as GitHub. With the popularity, the CI/CD pipeline faces various security threats. However, current CI/CD…

Cryptography and Security · Computer Science 2024-02-01 Ziyue Pan , Wenbo Shen , Xingkai Wang , Yutian Yang , Rui Chang , Yao Liu , Chengwei Liu , Yang Liu , Kui Ren

Agile development methods are commonly used to iteratively develop the information systems and they can easily handle ever-changing business requirements. Scrum is one of the most popular agile software development frameworks. The…

Software Engineering · Computer Science 2015-04-07 Martin Tomanek , Tomas Klima

Microsoft's STRIDE methodology is at the forefront of threat modeling, supporting the increasingly critical quality attribute of security in software-intensive systems. However, in a comprehensive security evaluation process, the general…

Cryptography and Security · Computer Science 2025-03-26 Alvi Jawad , Jason Jaskolka , Ashraf Matrawy , Mohamed Ibnkahla

The software development process is considered as one of the key guidelines in the creation of said software and this approach is necessary for providing a more efficient yet satisfactory output. Without separation of work into distinct…

Software Engineering · Computer Science 2020-12-15 Alya Hannah Ahmad Kamal , Caryn Chuah Yi Yen , Gan Jia Hui , Pang Sze Ling , Fatima-tuz-Zahra

The use of free and open source software (FOSS) components in all software systems is estimated to be above 90%. With such high usage and because of the heterogeneity of FOSS tools, repositories, developers and ecosystem, the level of…

Cryptography and Security · Computer Science 2023-11-21 Luıs Soeiro , Thomas Robert , Stefano Zacchiroli

The increasing frequency and sophistication of software supply chain attacks pose severe risks to critical infrastructure sectors, threatening national security, economic stability, and public safety. Despite growing awareness, existing…

Software Engineering · Computer Science 2025-10-31 Liming Dong , Sung Une Lee , Zhenchang Xing , Muhammad Ejaz Ahmed , Stefan Avgoustakis

Secure development process is a procedure taken by developers to ensure the programs developed are following the general security standards and will always be up to date so that the outcomes are well secured and obedient. As a software…

Software Engineering · Computer Science 2020-12-22 Abdul Hadi bin Abdul Rahman , Abdullah Nazir , Kim Tae Hyun , Tan Horng Yarng , Fatima-tuz-Zahra

In the last decade, companies adopted DevOps as a fast path to deliver software products according to customer expectations, with well aligned teams and in continuous cycles. As a basic practice, DevOps relies on pipelines that simulate…

Software Engineering · Computer Science 2021-05-28 Fabiola Moyón Constante , Rafael Soares , Maria Pinto-Albuquerque , Daniel Méndez , Kristian Beckers

For a qualitative system sound security practices must be a crucial part throughout the entire software lifecycle. Furthermore, agile software development has paved the way for overcoming the problems faced by developers during traditional…

Software Engineering · Computer Science 2013-12-25 Sonia , Archana Singhal , Hema Banati

Traditionally, applications that are used in large and small enterprises were deployed on "bare metal" servers installed with operating systems. Recently, the use of multiple virtual machines (VMs) on the same physical server was adopted…

Cryptography and Security · Computer Science 2021-11-24 Ann Yi Wong , Eyasu Getahun Chekole , Martin Ochoa , Jianying Zhou

The software build process transforms source code into deployable artifacts, representing a critical yet vulnerable stage in software development. Build infrastructure security poses unique challenges: the complexity of multi-component…

In recent years, the number of cyber attacks has grown rapidly. An effective way to reduce the attack surface and protect software is adoption of methodologies that apply security at each step of the software development lifecycle. While…

Cryptography and Security · Computer Science 2023-07-06 Arina Kudriavtseva , Olga Gadyatskaya

The software supply chain involves a multitude of tools and processes that enable software developers to write, build, and ship applications. Recently, security compromises of tools or processes has led to a surge in proposals to address…

Cryptography and Security · Computer Science 2022-09-12 Marcela S. Melara , Mic Bowman
‹ Prev 1 2 3 10 Next ›