Third-Party Software's Trust Quagmire

Jeffrey M. Voas; George Hurlburt

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Third-Party Software's Trust Quagmire

Published

December 18, 2015

Author(s)

Jeffrey M. Voas, George Hurlburt

Abstract

Integrating software developed by third-party organizations into a larger system raises concerns about the software's quality, origin, functionality, security, and interoperability. Addressing these concerns requires rethinking the roles of software's principal supply-chain actors--vendor, assessor, and evaluator.

Citation

Computer (IEEE Computer)

Volume

Issue

Pub Type

Journals

Download Paper

https://doi.org/10.1109/MC.2015.372

Keywords

CBSE, commercial-off-the-shelf software, COTS, component-based software engineering, independent verification and validation, software composability, software engineering, software liability, software measurement, software reliability, third-party software

Information technology, Cybersecurity, Data and informatics and Software testing

Citation

Voas, J. and Hurlburt, G. (2015), Third-Party Software's Trust Quagmire, Computer (IEEE Computer), [online], https://doi.org/10.1109/MC.2015.372 (Accessed April 25, 2025)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created December 18, 2015, Updated November 10, 2018

Third-Party Software's Trust Quagmire

Author(s)

Abstract

Download Paper

Keywords

Citation

Additional citation formats

Issues