OpenChain ISO/IEC 5230:2020 is featured positively in the ‘Survey on Open-source Software Supply Chain Security’ published in the Journal Of Software (软件学报) Volume 33, Issue 3, 2023.
This article by JI Shou-Ling, WANG Qin-Ying, CHEN An-Ying, ZHAO Bin-Bin, YE Tong, ZHANG Xu-Hong, WU Jing-Zheng, LI Yun, YIN Jian-Wei and WU Yan-Jun is worth reading in full for insight from a key market space for open source.
In recent years, the vigorous development of open source software and the modern software development and supply models have greatly facilitated the rapid iteration and evolution of open source software, resulting in increased social benefits. The emerging collaborative software development model of open source has transformed the software development supply process from a relatively linear path to a complex network structure. Within open-source software’s complex and intertwined supply relationships, the overall security risk trend has significantly increased, drawing increasing attention from the academic and industrial communities. This work tries to define the new open-source software supply chain model and, based on attacks that have occurred over the past decade, summarizes the threat model and security trends of the open-source software supply chain. For securing the open-source software supply chain, this work provides a systematic overview from the perspectives of risk identification and reinforced defense and also highlight the new challenges and opportunities.https://www.jos.org.cn/josen/article/abstract/6717
Want To Learn More About Journal Of Software?
The Journal of Software (ISSN 1000-9825) is a Chinese comprehensive academic journal of computer software which is jointly hosted by the Institute of software, the Chinese Academy of Sciences (ISCAS) and China Computer Federal (CCF). Founded in 1990, the Journal of Software focuses on the latest innovative high-level scientific and technological achievements of great significance in the field of computer software. It advocates academic democracy and promotes academic discussion and exchange of the researchers in and out of China.
Check out their website: https://www.jos.org.cn/josen/home?id=20171219032526650&name=Home