English
Related papers

Related papers: Operationalizing Research Software for Supply Chai…

200 papers

The security of research software is essential for ensuring the integrity and reproducibility of scientific results. However, research software security is still largely unexplored. Due to its dependence on open source components and…

Software Engineering · Computer Science 2025-08-07 Richard Hegewald , Rebecca Beyer

This work discusses open-source software supply chain attacks and proposes a general taxonomy describing how attackers conduct them. We then provide a list of safeguards to mitigate such attacks. We present our tool "Risk Explorer for…

Cryptography and Security · Computer Science 2023-04-12 Piergiorgio Ladisa , Serena Elisa Ponta , Antonino Sabetta , Matias Martinez , Olivier Barais

The software product is a source of cyber-attacks that target organizations by using their software supply chain as a distribution vector. As the reliance of software projects on open-source or proprietary modules is increasing drastically,…

Cryptography and Security · Computer Science 2023-05-24 Betul Gokkaya , Leonardo Aniello , Basel Halak

The software supply chain involves a multitude of tools and processes that enable software developers to write, build, and ship applications. Recently, security compromises of tools or processes has led to a surge in proposals to address…

Cryptography and Security · Computer Science 2022-09-12 Marcela S. Melara , Mic Bowman

As research increasingly relies on computational methods, the reliability of scientific results depends on the quality, reproducibility, and transparency of research software. Ensuring these qualities is critical for scientific integrity…

Software Engineering · Computer Science 2025-10-14 Evan Eisinger , Michael A. Heroux

The widespread dependency on open-source software makes it a fruitful target for malicious actors, as demonstrated by recurring attacks. The complexity of today's open-source supply chains results in a significant attack surface, giving…

Cryptography and Security · Computer Science 2023-07-19 Piergiorgio Ladisa , Henrik Plate , Matias Martinez , Olivier Barais

Software testing has often to be done under severe pressure due to limited resources and a challenging time schedule facing the demand to assure the fulfillment of the software requirements. In addition, testing should unveil those software…

Software Engineering · Computer Science 2019-12-30 Michael Felderer , Ina Schieferdecker

This report presents a taxonomy of vulnerabilities created as a part of an effort to develop a framework for deriving verification and validation strategies to assess software security. This taxonomy is grounded in a theoretical model of…

Cryptography and Security · Computer Science 2007-05-23 Anil Bazaz , James D. Arthur

Context: Research software is essential for developing advanced tools and models to solve complex research problems and drive innovation across domains. Therefore, it is essential to ensure its correctness. Software testing plays a vital…

Software Engineering · Computer Science 2025-01-30 Nasir U. Eisty , Upulee Kanewala , Jeffrey C. Carver

Software systems are a significant contributor to global sustainability concerns, demanding that environmental, social, technical, and economic factors be systematically addressed from the initial requirements engineering phase. Although…

Software Engineering · Computer Science 2025-10-13 Mandira Roy , Novarun Deb , Nabendu Chaki , Agostino Cortesi

In its Vision and Strategy for Software for Science, Engineering, and Education the NSF states that it will invest in activities that: "Recognize that software strategies must include the secure and reliable deployment and operation of…

Cryptography and Security · Computer Science 2013-09-09 Randy Heiland , Betsy Thomas , Von Welch , Craig Jackson

The escalating complexity of modern software development environments has heightened concerns around supply chain security. However, existing frameworks often fall short in translating abstract security principles into concrete, actionable…

Software Engineering · Computer Science 2025-06-16 Sung Une Lee , Liming Dong , Zhenchang Xing , Muhammad Ejaz Ahmed , Stefan Avgoustakis

The software defined networking paradigm relies on the programmability of the network to automatically perform management and reconfiguration tasks. The result of adopting this programmability feature is twofold: first by designing new…

Networking and Internet Architecture · Computer Science 2019-06-25 Tiago V. Ortiz , Bruno Kimura , Jó Ueyama , Valério Rosset

Software containers are widely adopted for developing and deploying software applications. Despite their popularity, major security concerns arise during container development and deployment. Software Engineering (SE) research literature…

Software Engineering · Computer Science 2025-12-16 Maha Sroor , Teerath Das , Rahul Mohanani , Tommi Mikkonen

Software plays a central role in scientific discovery. Improving how we develop and use software for research can have both broad and deep impacts on a spectrum of challenges and opportunities society faces today. The emergence of Research…

Software Engineering · Computer Science 2022-11-17 Michael A. Heroux

Context: Scientific software plays an important role in critical decision making, for example making weather predictions based on climate models, and computation of evidence for research publications. Recently, scientists have had to…

Software Engineering · Computer Science 2018-04-06 Upulee Kanewala , James M. Bieman

Research software has been categorized in different contexts to serve different goals. We start with a look at what research software is, before we discuss the purpose of research software categories. We propose a multi-dimensional…

With the advent of open source software, a veritable treasure trove of previously proprietary software development data was made available. This opened the field of empirical software engineering research to anyone in academia. Data that is…

Software Engineering · Computer Science 2022-04-19 Adam Tutko , Austin Z. Henley , Audris Mockus

Previous research in software application domain classification has faced challenges due to the lack of a proper taxonomy that explicitly models relations between classes. As a result, current solutions are less effective for real-world…

Software Engineering · Computer Science 2024-09-25 Cezar Sas , Andrea Capiluppi

Symbolic execution is a powerful program analysis technique that allows for the systematic exploration of all program paths. Path explosion, where the number of states to track becomes unwieldy, is one of the biggest challenges hindering…

Cryptography and Security · Computer Science 2025-08-12 Joshua Bailey , Charles Nicholas
‹ Prev 1 2 3 10 Next ›