SoK: Analysis of Software Supply Chain Security by Establishing Secure Design Properties

14 June 2024

Papers citing "SoK: Analysis of Software Supply Chain Security by Establishing Secure Design Properties"

6 / 6 papers shown

Title
Why Johnny Signs with Sigstore: Examining Tooling as a Factor in Software Signing Adoption in the Sigstore Ecosystem Kelechi G. Kalu Sofia Okorafor Tanmay Singla Santiago Torres-Arias James C. Davis 29 0 0 01 Mar 2025
A Mixed-Methods Study of Open-Source Software Maintainers On Vulnerability Management and Platform Security Features Jessy Ayala Yu-Jye Tung Joshua Garcia 35 2 0 12 Sep 2024
Establishing Provenance Before Coding: Traditional and Next-Gen Software Signing Taylor R. Schorlemmer Ethan H. Burmane Kelechi G. Kalu Santiago Torres-Arias James C. Davis 36 0 0 04 Jul 2024
An Industry Interview Study of Software Signing for Supply Chain Security Kelechi G. Kalu Tanya Singla C. Okafor Santiago Torres-Arias James C. Davis 23 4 0 12 Jun 2024
Signing in Four Public Software Package Registries: Quantity, Quality, and Influencing Factors Taylor R. Schorlemmer Kelechi G. Kalu Luke Chigges Kyung Myung Ko Eman Abdul-Muhd Abu Isghair Saurabh Baghi Santiago Torres-Arias James C. Davis 27 9 0 26 Jan 2024
An Empirical Study of Pre-Trained Model Reuse in the Hugging Face Deep Learning Model Registry Wenxin Jiang Nicholas Synovic Matt Hyatt Taylor R. Schorlemmer R. Sethi Yung-Hsiang Lu George K. Thiruvathukal James C. Davis 30 64 0 05 Mar 2023