Abstract

ABSTRACT In recent years, software supply chain security has attracted significant research attention. This research subject is concerned both with the security of infrastructures used to build software and deliver it to end users and with the security of software that contains external dependencies such as third-party packages and libraries, and its chief goal is to ensure that no vulnerabilities are introduced in the path between developers and users. This paper presents a Systematic Literature Review to identify knowledge gaps in software supply chain security. For this, we considered studies published between 2012 and 2023 in the search engines of IEEE Xplore, ACM Digital Library, Engineering Village, Scopus, and arXiv. Of the 2051 studies obtained in the primary survey, only 85 are relevant for this research. Analyzing the studies, we observed gaps such as little discussion of software supply chains that involve cloud components, few proposals focused on the software distribution process, and a lack of use of threat modeling frameworks to help identify threats to the supply chain and validate the results.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Cyberinsights: Talking about the Software Supply Chain.
Axel Wirth
Biomedical instrumentation & technology | VOL. 54
Axel WirthAxel Wirth
01 Sep 2020
What are Weak Links in the npm Supply Chain?
Nusrat Zahan ... Patrice Godefroid
-
Nusrat Zahan, et. al.Nusrat Zahan ... Patrice Godefroid
01 May 2022
Building a Secure Software Supply Chain with GNU Guix
Ludovic Courtès
The Art, Science, and Engineering of Programming | VOL. 7
Ludovic CourtèsLudovic Courtès
15 Jun 2022
What are weak links in the npm supply chain?
Nusrat Zahan ... Chandra Maddila
-
Nusrat Zahan, et. al.Nusrat Zahan ... Chandra Maddila
21 May 2022
View more papers

More From: International Journal of Computers and Applications

Paper Title
Journal
Date
Author
State-of-the-art in human activity recognition based on inertial measurement unit sensors: survey and applications
Majid Sepahvand ... Fardin Abdali-Mohammadi
International Journal of Computers and Applications | VOL. -
Majid Sepahvand, et. al.Majid Sepahvand ... Fardin Abdali-Mohammadi
18 Nov 2024
Figure-ground segmentation based medical image denoising using deep convolutional neural networks
Ambika Annavarapu ... Surekha Borra
International Journal of Computers and Applications | VOL. ahead-of-print
Ambika Annavarapu, et. al.Ambika Annavarapu ... Surekha Borra
02 Nov 2024
A secure and privacy preserving model for healthcare applications based on blockchain-layered architecture
Adla Sanober ... Shamama Anwar
International Journal of Computers and Applications | VOL. ahead-of-print
Adla Sanober, et. al.Adla Sanober ... Shamama Anwar
31 Oct 2024
Capturing multiple emotions from conversational data using fine tuned transformers
Krishna Siva Prasad Mudigonda ... Vignesh Kode
International Journal of Computers and Applications | VOL. ahead-of-print
Krishna Siva Prasad Mudigonda, et. al.Krishna Siva Prasad Mudigonda ... Vignesh Kode
25 Oct 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.