Towards Using Source Code Repositories to Identify Software Supply Chain Attacks.
Duc Ly VuIvan PashchenkoFabio MassacciHenrik PlateAntonino SabettaPublished in: CCS (2020)
Keyphrases
- source code
- supply chain
- software systems
- supply chain management
- open source
- software maintenance
- software projects
- mining software repositories
- software repositories
- version control
- software evolution
- bullwhip effect
- open source projects
- supplier selection
- quantity discount
- open source software
- decision making
- revenue sharing
- free software
- static analysis
- source files
- text files
- bug localization
- software artifacts
- software engineers
- service level
- high level
- execution traces
- lead time
- program slicing
- maintenance activities
- impact analysis
- object oriented systems
- software design
- written in natural language
- program comprehension
- mailing lists
- software architecture