Review on Exception Analysis Methods for Software Supply Chain
Author:
Affiliation:

Clc Number:

Fund Project:

  • Article
  • |
  • Figures
  • |
  • Metrics
  • |
  • Reference
  • |
  • Related
  • |
  • Cited by
  • |
  • Materials
  • |
  • Comments
    Abstract:

    Software occupies an increasingly important position in various fields of the national economy. Under the background of the Internet of everything, interaction, analysis and collaboration of information are becoming more and more common, and dependencies among programs/softwares are increasing. It makes people put forward higher requirements for system reliability and robustness. A software supply chain consists of open source components and third-party components, and its security problems have become the focus of both academia and industry in recent years. As an important part of open source software, library functions are closely related to the security of the software supply chain. In order to improve software development efficiency, software libraries or application programming interfaces (APIs) will be frequently used in the process of programming, but errors or vulnerabilities in library functions may be exploited by attackers to compromise the security of the software supply chain. These errors or vulnerabilities are often related to exceptions in library functions. Therefore, the exception analysis methods of library functions are summarized from the two aspects of accuracy and efficiency in this study. The basic idea and important process of each exception analysis method are described, and a preliminary solution is given for the challenges faced by library function exception analysis. Exception analysis of library functions in the software supply chain is helpful to enhance the robustness of software system and to ensure the security of the software supply chain.

    Reference
    Related
    Cited by
Get Citation

葛丽丽,帅东昕,谢金言,张迎周,薛渝川,杨嘉毅,密杰,卢跃.面向软件供应链的异常分析方法综述.软件学报,2023,34(6):2606-2627

Copy
Share
Article Metrics
  • Abstract:
  • PDF:
  • HTML:
  • Cited by:
History
  • Received:September 05,2022
  • Revised:December 14,2022
  • Adopted:
  • Online: January 13,2023
  • Published:
You are the firstVisitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063