Increasing Trust in the Open Source Supply Chain with Reproducible Builds and Functional Package Management - Equipe Autonomic and Critical Embedded Systems
Communication Dans Un Congrès Année : 2024

Increasing Trust in the Open Source Supply Chain with Reproducible Builds and Functional Package Management

Résumé

Functional package managers (FPMs) and reproducible builds (R-B) are technologies and methodologies that are conceptually very different from the traditional software deployment model, and that have promising properties for software supply chain security. This thesis aims to evaluate the impact of FMPs and R-B on the security of the software supply chain and propose improvements to the FPM model to further improve trust in the open source supply chain.
Fichier principal
Vignette du fichier
main.pdf (417.7 Ko) Télécharger le fichier
Origine Fichiers produits par l'(les) auteur(s)

Dates et versions

hal-04482192 , version 1 (28-02-2024)

Identifiants

Citer

Julien Malka. Increasing Trust in the Open Source Supply Chain with Reproducible Builds and Functional Package Management. 46th International Conference on Software Engineering (ICSE 2024) - Doctoral Symposium (DS) Track, Apr 2024, Lisbonne, Portugal. ⟨10.1145/3639478.3639806⟩. ⟨hal-04482192⟩
678 Consultations
194 Téléchargements

Altmetric

Partager

More