kth.sePublications
EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Software Bill of Materials in Java
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Theoretical Computer Science, TCS.ORCID iD: 0000-0001-6005-5992
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Software and Computer systems, SCS.ORCID iD: 0000-0002-4015-4640
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Theoretical Computer Science, TCS.ORCID iD: 0000-0003-3116-3278
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.ORCID iD: 0000-0003-3922-9606
Show others and affiliations
2023 (English)In: SCORED 2023 - Proceedings of the 2023 Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses, Association for Computing Machinery (ACM) , 2023, p. 75-76Conference paper, Published paper (Refereed)
Abstract [en]

Modern software applications are virtually never built entirely in-house. As a matter of fact, they reuse many third-party dependencies, which form the core of their software supply chain [1]. The large number of dependencies in an application has turned into a major challenge for both security and reliability. For example, to compromise a high-value application, malicious actors can choose to attack a less well-guarded dependency of the project [2]. Even when there is no malicious intent, bugs can propagate through the software supply chain and cause breakages in applications. Gathering accurate, upto- date information about all dependencies included in an application is, therefore, of vital importance.
Place, publisher, year, edition, pages
Association for Computing Machinery (ACM) , 2023. p. 75-76
Keywords [en]
sbom, software supply chain
National Category
Computer Sciences Computer Systems
Identifiers
URN: urn:nbn:se:kth:diva-341683DOI: 10.1145/3605770.3625207ISI: 001123143300012Scopus ID: 2-s2.0-85180010428OAI: oai:DiVA.org:kth-341683DiVA, id: diva2:1823042
Conference
2nd Edition of the ACM Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses, SCORED 2023, Copenhagen, Denmark, Nov 30 2023
Funder
Swedish Foundation for Strategic Research, chains
Note

Part of proceedings ISBN 9798400702631

QC 20231229

Available from: 2023-12-29 Created: 2023-12-29 Last updated: 2024-09-30Bibliographically approved

Open Access in DiVA

fulltext(68 kB)44 downloads
File information
File name FULLTEXT01.pdfFile size 68 kBChecksum SHA-512
b403b58799b58f5ca03a543c1dacd5d7ab57bbf515f58ee06e661bc79eb4af9f58e2a791ae13cbb5ef1205a20ea86532bec4050128a29cfc58d36b90b8e30ea2
Type fulltextMimetype application/pdf

Other links

Publisher's full textScopus

Authority records

Balliu, MusardBaudry, BenoitBobadilla, SofiaEkstedt, MathiasMonperrus, MartinRon Arteaga, JavierSkoglund, GabrielSoto Valero, CésarWittlinger, Martin

Search in DiVA

By author/editor
Balliu, MusardBaudry, BenoitBobadilla, SofiaEkstedt, MathiasMonperrus, MartinRon Arteaga, JavierSharma, AmanSkoglund, GabrielSoto Valero, CésarWittlinger, Martin
By organisation
Theoretical Computer Science, TCSSoftware and Computer systems, SCSNetwork and Systems Engineering
Computer SciencesComputer Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 44 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 298 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.46.0
|
WCAG
|
KTH Library
|
DiVA support
|
Register in DiVA
|
Posting your thesis
|
SwePub