English
Related papers

Related papers: Towards Predicting Multi-Vulnerability Attack Chai…

200 papers

Most of the current software security analysis tools assess vulnerabilities in isolation. However, sophisticated software supply chain security threats often stem from cascaded vulnerability and security weakness chains that span dependent…

Software Engineering · Computer Science 2026-01-29 Laura Baird , Armin Moin

Software Bills of Material (SBOMs) have emerged as an important technology for vulnerability management amid rising supply-chain attacks. They represent component relationships within a software product and support software composition…

Software Engineering · Computer Science 2026-04-24 Shawn Rasheed , Max McPhee , Lisa Patterson , Stephen MacDonell , Jens Dietrich

The high complexity of modern software supply chains necessitates tools such as Software Bill of Materials (SBOMs) to manage component dependencies, and Software Composition Analysis (SCA) tools to identify vulnerabilities. While there…

Software Engineering · Computer Science 2025-07-29 Howell Xia , Jonah Gluck , Sevval Simsek , David Sastre Medina , David Starobinski

Supply chain security is extremely important for modern applications running at scale in the cloud. In fact, they involve a large number of heterogeneous microservices that also include third-party software. As a result, security…

Cryptography and Security · Computer Science 2025-10-08 Jacopo Bufalino , Mario Di Francesco , Agathe Blaise , Stefano Secci

The Software Bill of Materials (SBOM) is a critical tool for securing the software supply chain (SSC), but its practical utility is undermined by inaccuracies in both its generation and its application in vulnerability scanning. This paper…

Cryptography and Security · Computer Science 2026-04-20 Li Zhou , Marc Dacier , Charalambos Konstantinou

The Software Supply Chain (SSC) security is a critical concern for both users and developers. Recent incidents, like the SolarWinds Orion compromise, proved the widespread impact resulting from the distribution of compromised software. The…

Cryptography and Security · Computer Science 2024-09-11 Giacomo Benedetti , Serena Cofano , Alessandro Brighente , Mauro Conti

Software Bill of Materials (SBOMs) are increasingly regarded as essential tools for securing software supply chains (SSCs), yet their real-world use and adoption barriers remain poorly understood. This systematic literature review…

Software Engineering · Computer Science 2025-06-06 Eric O'Donoghue , Yvette Hastings , Ernesto Ortiz , A. Redempta Manzi Muneza

Software vulnerabilities remain a persistent risk, yet static and dynamic analyses often overlook structural dependencies that shape insecure behaviors. Viewing programs as heterogeneous graphs, we capture control- and data-flow relations…

Software Engineering · Computer Science 2025-10-14 Jugal Gajjar , Kaustik Ranaware , Kamalasankari Subramaniakuppusamy

Software Bills of Materials (SBOMs) are essential to ensure the transparency and integrity of the software supply chain. There is a growing body of work that investigates the accuracy of SBOM generation tools and the challenges for…

Software Engineering · Computer Science 2025-11-18 Yogya Gamage , Nadia Gonzalez Fernandez , Martin Monperrus , Benoit Baudry

Modern networked systems rely on complex software stacks, which often conceal vulnerabilities arising from intricate interdependencies. A Software Bill of Materials (SBOM) is effective for identifying dependencies and mitigating security…

Software Engineering · Computer Science 2025-12-01 Vadim Safronov , Ionut Bostan , Nicholas Allott , Andrew Martin

Software Bill of Materials (SBOM) provides new opportunities for automated vulnerability identification in software products. While the industry is adopting SBOM-based Vulnerability Scanning (SVS) to identify vulnerabilities, we…

Software Engineering · Computer Science 2025-12-22 Martin Rosso , Muhammad Asad Jahangir Jaffar , Alessandro Brighente , Mauro Conti

A Software Bill of Materials (SBOM) is becoming an essential tool for effective software dependency management. An SBOM is a list of components used in software, including details such as component names, versions, and licenses. Using…

Software Engineering · Computer Science 2025-04-10 Rio Kishimoto , Tetsuya Kanda , Yuki Manabe , Katsuro Inoue , Shi Qiu , Yoshiki Higo

Smart grids have undergone a profound digitization process, integrating new data-driven control and supervision techniques, resulting in modern digital substations (DS). Attackers are more focused on attacking the supply chain of the DS, as…

Cryptography and Security · Computer Science 2025-03-26 Xabier Yurrebaso , Fernando Ibañez , Ángel Longueira-Romero

Modern software applications heavily rely on diverse third-party components, libraries, and frameworks sourced from various vendors and open source repositories, presenting a complex challenge for securing the software supply chain. To…

The robustness of critical infrastructure systems is contingent upon the integrity and transparency of their software supply chains. A Software Bill of Materials (SBOM) is pivotal in this regard, offering an exhaustive inventory of…

Software Engineering · Computer Science 2024-01-19 Boming Xia , Dawen Zhang , Yue Liu , Qinghua Lu , Zhenchang Xing , Liming Zhu

The rapid growth of software supply chain attacks has attracted considerable attention to software bill of materials (SBOM). SBOMs are a crucial building block to ensure the transparency of software supply chains that helps improve software…

Software Engineering · Computer Science 2023-02-08 Boming Xia , Tingting Bi , Zhenchang Xing , Qinghua Lu , Liming Zhu

The SolarWinds attack, which exploited weaknesses in a software update mechanism, highlights the critical need for organizations to have better visibility into their software dependencies and potential vulnerabilities associated with them.…

Cryptography and Security · Computer Science 2025-04-23 Can Ozkan , Xinhai Zou , Dave Singelee

The Software Bill of Materials (SBOM) has emerged as a promising solution, providing a machine-readable inventory of software components used, thus bolstering supply chain security. This paper presents an extensive study concerning the…

Software Engineering · Computer Science 2023-08-31 Tingting Bi , Boming Xia , Zhenchang Xing , Qinghua Lu , Liming Zhu

Detecting vulnerabilities in source code is a critical task for software security assurance. Graph Neural Network (GNN) machine learning can be a promising approach by modeling source code as graphs. Early approaches treated code elements…

Cryptography and Security · Computer Science 2025-02-25 Yu Luo , Weifeng Xu , Dianxiang Xu

The proliferation of Internet of Things (IoT) devices has introduced significant security challenges, primarily due to the opacity of firmware components and the complexity of supply chain dependencies. IoT firmware frequently relies on…

Cryptography and Security · Computer Science 2026-01-06 Abdurrahman Tolay
‹ Prev 1 2 3 10 Next ›