TrustSECO: A Distributed Infrastructure for Providing Trust in the Software Ecosystem

2021 ◽  
pp. 121-133
Author(s):  
Fang Hou ◽  
Siamak Farshidi ◽  
Slinger Jansen
Keyword(s):  
Software Ecosystem ◽  
Distributed Infrastructure

scholarly journals A Cryptography-Powered Infrastructure to Ensure the Integrity of Robot Workflows

2021 ◽  
Vol 1 (1) ◽  
pp. 93-118
Author(s):  
Benjamin Breiling ◽  
Bernhard Dieber ◽  
Martin Pinzger ◽  
Stefan Rass
Keyword(s):  
Real World ◽  
Digital Signature ◽  
Mobile Manipulator ◽  
Separate Entity ◽  
Application Development ◽  
Development Environment ◽  
Essential Step ◽  
Distributed Ledger ◽  
Compliant Robot ◽  
Distributed Infrastructure

With the growing popularity of robots, the development of robot applications is subject to an ever increasing number of additional requirements from e.g., safety, legal and ethical sides. The certification of an application for compliance to such requirements is an essential step in the development of a robot program. However, at this point in time it must be ensured that the integrity of this program is preserved meaning that no intentional or unintentional modifications happen to the program until the robot executes it. Based on the abstraction of robot programs as workflows we present in this work a cryptography-powered distributed infrastructure for the preservation of robot workflows. A client composes a robot program and once it is accepted a separate entity provides a digital signature for the workflow and its parameters which can be verified by the robot before executing it. We demonstrate a real-world implementation of this infrastructure using a mobile manipulator and its software stack. We also provide an outlook on the integration of this work into our larger undertaking to provide a distributed ledger-based compliant robot application development environment.

Open Distributed Infrastructure Management - ODIM

2020 ◽  
Author(s):  
M R Chengappa ◽  
Jonas Arndt ◽  
Martin Halstead ◽  
Arun Thulasi
Keyword(s):  
Infrastructure Management ◽  
Distributed Infrastructure

scholarly journals Lags in the release, adoption, and propagation of npm vulnerability fixes

2021 ◽  
Vol 26 (3) ◽  
Author(s):  
Bodin Chinthanet ◽  
Raula Gaikovina Kula ◽  
Shane McIntosh ◽  
Takashi Ishio ◽  
Akinori Ihara ◽  
...  
Keyword(s):  
Empirical Study ◽  
Empirical Investigation ◽  
Third Party ◽  
Future Research ◽  
Software Ecosystem ◽  
Security Vulnerability ◽  
Preliminary Study ◽  
Client Side

AbstractSecurity vulnerability in third-party dependencies is a growing concern not only for developers of the affected software, but for the risks it poses to an entire software ecosystem, e.g., Heartbleed vulnerability. Recent studies show that developers are slow to respond to the threat of vulnerability, sometimes taking four to eleven months to act. To ensure quick adoption and propagation of a release that contains the fix (fixing release), we conduct an empirical investigation to identify lags that may occur between the vulnerable release and its fixing release (package-side fixing release). Through a preliminary study of 231 package-side fixing release of npm projects on GitHub, we observe that a fixing release is rarely released on its own, with up to 85.72% of the bundled commits being unrelated to a fix. We then compare the package-side fixing release with changes on a client-side (client-side fixing release). Through an empirical study of the adoption and propagation tendencies of 1,290 package-side fixing releases that impact throughout a network of 1,553,325 releases of npm packages, we find that stale clients require additional migration effort, even if the package-side fixing release was quick (i.e., package-side fixing releasetypeSpatch). Furthermore, we show the influence of factors such as the branch that the package-side fixing release lands on and the severity of vulnerability on its propagation. In addition to these lags we identify and characterize, this paper lays the groundwork for future research on how to mitigate propagation lags in an ecosystem.

A Tool for Software Ecosystem Models

2020 ◽  
Author(s):  
Igor R. Alencar ◽  
Emanuel F. Coutinho ◽  
Leonardo O. Moreira ◽  
Carla I. M. Bezerra
Keyword(s):  
Ecosystem Models ◽  
Software Ecosystem

scholarly journals A study on dynamic aspects variability in the SOLAR educational software ecosystem

2020 ◽  
Vol 26 (1) ◽  
Author(s):  
Emanuel F. Coutinho ◽  
Carla I. M. Bezerra
Keyword(s):  
Educational Software ◽  
Software Evolution ◽  
Automatic Measurement ◽  
Virtual Learning Environment ◽  
Feature Model ◽  
Software Modeling ◽  
Software Ecosystem ◽  
Software Products ◽  
Feature Diagram ◽  
Software Evolution And Maintenance

Abstract A Software Ecosystem (SECO) refers to a collection of software products with some degree of symbiotic relationship. SOLAR is a Virtual Learning Environment (VLE) that enables the publication of courses and interaction with them among its various users. In this context, SOLAR SECO emerges, where diverse situations of software evolution and maintenance are part of its development process. The aim of this paper is to discuss the dynamic variability of SOLAR educational software ecosystem and software modeling. As an example, dynamic variability aspects of the feature model of SOLAR VLE discussion forum functionality were discussed, one of the most widely used services within SOLAR SECO. As a major conclusion of this work, we identified that the use of the contextual feature diagram allows the study of the dynamic aspects of a system, even more supported by tools to support automatic measurement collection.

Service Clouds: Distributed Infrastructure for Adaptive Communication Services

2007 ◽  
Vol 4 (2) ◽  
pp. 84-95 ◽  
Author(s):  
Farshad Samimi ◽  
Philip Mckinley ◽  
S. Sadjadi ◽  
Chiping Tang ◽  
Jonathan Shapiro ◽  
...  
Keyword(s):  
Adaptive Communication ◽  
Communication Services ◽  
Distributed Infrastructure
Sign in / Sign up

Export Citation Format

Share Document