A Viewpoint on Human Factors in Software Supply Chain Security: A Research Agenda

While securing dependencies and build systems is necessary, recent attacks have shown that developers are a commonly successfully attacked link in the chain. Therefore, a comprehensive approach that considers the human factor is crucial for effective software supply chain security.

Saved in:
Bibliographic Details
Published in:IEEE security & privacy 2023-11, Vol.21 (6), p.59-63
Main Authors: Fourne, Marcel, Wermke, Dominik, Fahl, Sascha, Acar, Yasemin
Format: Magazinearticle
Language:English
Subjects:
Human factors
Privacy
Security
Software
Supply chain management
Supply chains
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by
cites cdi_FETCH-LOGICAL-c246t-e2ca0ac15ac76e67419d227f950b6b1b08f96dfed07cb37c4536563886b8c6de3
container_end_page 63
container_issue 6
container_start_page 59
container_title IEEE security & privacy
container_volume 21
creator Fourne, Marcel
Wermke, Dominik
Fahl, Sascha
Acar, Yasemin
description While securing dependencies and build systems is necessary, recent attacks have shown that developers are a commonly successfully attacked link in the chain. Therefore, a comprehensive approach that considers the human factor is crucial for effective software supply chain security.
doi_str_mv 10.1109/MSEC.2023.3316569
format magazinearticle
fullrecord <record><control><sourceid>proquest_ieee_</sourceid><recordid>TN_cdi_ieee_primary_10315781</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>10315781</ieee_id><sourcerecordid>2890112806</sourcerecordid><originalsourceid>FETCH-LOGICAL-c246t-e2ca0ac15ac76e67419d227f950b6b1b08f96dfed07cb37c4536563886b8c6de3</originalsourceid><addsrcrecordid>eNpNkFFLwzAQx4MoOKcfQPAh4HNnLmnSxLdSNidMRKe-hjRNXcfW1qRl7NvbMh98uuP4_e-4H0K3QGYARD28rOfZjBLKZoyB4EKdoQlwLqOYxOJ87GMSJUqxS3QVwpYQCsDlBL2l-Ktyh7ap6g43NV72e1PjhbFd4wOuarxuyu5gvMPrvm13R5xtzDh1tvdVd3zEKX53wRlvNzj9dnVhrtFFaXbB3fzVKfpczD-yZbR6fXrO0lVkaSy6yFFriLHAjU2EE0kMqqA0KRUnucghJ7JUoihdQRKbs8TGnA1vMSlFLq0oHJui-9Pe1jc_vQud3ja9r4eTmkpFAKgkYqDgRFnfhOBdqVtf7Y0_aiB6NKdHc3o0p__MDZm7U6Zyzv3jGfBEAvsF6TFo6Q</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>magazinearticle</recordtype><pqid>2890112806</pqid></control><display><type>magazinearticle</type><title>A Viewpoint on Human Factors in Software Supply Chain Security: A Research Agenda</title><source>IEEE Electronic Library (IEL) Journals</source><creator>Fourne, Marcel ; Wermke, Dominik ; Fahl, Sascha ; Acar, Yasemin</creator><creatorcontrib>Fourne, Marcel ; Wermke, Dominik ; Fahl, Sascha ; Acar, Yasemin</creatorcontrib><description>While securing dependencies and build systems is necessary, recent attacks have shown that developers are a commonly successfully attacked link in the chain. Therefore, a comprehensive approach that considers the human factor is crucial for effective software supply chain security.</description><identifier>ISSN: 1540-7993</identifier><identifier>EISSN: 1558-4046</identifier><identifier>DOI: 10.1109/MSEC.2023.3316569</identifier><identifier>CODEN: ISPMCN</identifier><language>eng</language><publisher>New York: IEEE</publisher><subject>Human factors ; Privacy ; Security ; Software ; Supply chain management ; Supply chains</subject><ispartof>IEEE security &amp; privacy, 2023-11, Vol.21 (6), p.59-63</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2023</rights><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c246t-e2ca0ac15ac76e67419d227f950b6b1b08f96dfed07cb37c4536563886b8c6de3</cites><orcidid>0000-0003-4442-0085 ; 0000-0002-5644-3316 ; 0000-0001-7167-7383 ; 0009-0008-2921-1254</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/10315781$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>780,784,27925,54796</link.rule.ids></links><search><creatorcontrib>Fourne, Marcel</creatorcontrib><creatorcontrib>Wermke, Dominik</creatorcontrib><creatorcontrib>Fahl, Sascha</creatorcontrib><creatorcontrib>Acar, Yasemin</creatorcontrib><title>A Viewpoint on Human Factors in Software Supply Chain Security: A Research Agenda</title><title>IEEE security &amp; privacy</title><addtitle>MSEC</addtitle><description>While securing dependencies and build systems is necessary, recent attacks have shown that developers are a commonly successfully attacked link in the chain. Therefore, a comprehensive approach that considers the human factor is crucial for effective software supply chain security.</description><subject>Human factors</subject><subject>Privacy</subject><subject>Security</subject><subject>Software</subject><subject>Supply chain management</subject><subject>Supply chains</subject><issn>1540-7993</issn><issn>1558-4046</issn><fulltext>true</fulltext><rsrctype>magazinearticle</rsrctype><creationdate>2023</creationdate><recordtype>magazinearticle</recordtype><recordid>eNpNkFFLwzAQx4MoOKcfQPAh4HNnLmnSxLdSNidMRKe-hjRNXcfW1qRl7NvbMh98uuP4_e-4H0K3QGYARD28rOfZjBLKZoyB4EKdoQlwLqOYxOJ87GMSJUqxS3QVwpYQCsDlBL2l-Ktyh7ap6g43NV72e1PjhbFd4wOuarxuyu5gvMPrvm13R5xtzDh1tvdVd3zEKX53wRlvNzj9dnVhrtFFaXbB3fzVKfpczD-yZbR6fXrO0lVkaSy6yFFriLHAjU2EE0kMqqA0KRUnucghJ7JUoihdQRKbs8TGnA1vMSlFLq0oHJui-9Pe1jc_vQud3ja9r4eTmkpFAKgkYqDgRFnfhOBdqVtf7Y0_aiB6NKdHc3o0p__MDZm7U6Zyzv3jGfBEAvsF6TFo6Q</recordid><startdate>202311</startdate><enddate>202311</enddate><creator>Fourne, Marcel</creator><creator>Wermke, Dominik</creator><creator>Fahl, Sascha</creator><creator>Acar, Yasemin</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0000-0003-4442-0085</orcidid><orcidid>https://orcid.org/0000-0002-5644-3316</orcidid><orcidid>https://orcid.org/0000-0001-7167-7383</orcidid><orcidid>https://orcid.org/0009-0008-2921-1254</orcidid></search><sort><creationdate>202311</creationdate><title>A Viewpoint on Human Factors in Software Supply Chain Security: A Research Agenda</title><author>Fourne, Marcel ; Wermke, Dominik ; Fahl, Sascha ; Acar, Yasemin</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c246t-e2ca0ac15ac76e67419d227f950b6b1b08f96dfed07cb37c4536563886b8c6de3</frbrgroupid><rsrctype>magazinearticle</rsrctype><prefilter>magazinearticle</prefilter><language>eng</language><creationdate>2023</creationdate><topic>Human factors</topic><topic>Privacy</topic><topic>Security</topic><topic>Software</topic><topic>Supply chain management</topic><topic>Supply chains</topic><toplevel>online_resources</toplevel><creatorcontrib>Fourne, Marcel</creatorcontrib><creatorcontrib>Wermke, Dominik</creatorcontrib><creatorcontrib>Fahl, Sascha</creatorcontrib><creatorcontrib>Acar, Yasemin</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005–Present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library Online</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE security &amp; privacy</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Fourne, Marcel</au><au>Wermke, Dominik</au><au>Fahl, Sascha</au><au>Acar, Yasemin</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>A Viewpoint on Human Factors in Software Supply Chain Security: A Research Agenda</atitle><jtitle>IEEE security &amp; privacy</jtitle><stitle>MSEC</stitle><date>2023-11</date><risdate>2023</risdate><volume>21</volume><issue>6</issue><spage>59</spage><epage>63</epage><pages>59-63</pages><issn>1540-7993</issn><eissn>1558-4046</eissn><coden>ISPMCN</coden><abstract>While securing dependencies and build systems is necessary, recent attacks have shown that developers are a commonly successfully attacked link in the chain. Therefore, a comprehensive approach that considers the human factor is crucial for effective software supply chain security.</abstract><cop>New York</cop><pub>IEEE</pub><doi>10.1109/MSEC.2023.3316569</doi><tpages>5</tpages><orcidid>https://orcid.org/0000-0003-4442-0085</orcidid><orcidid>https://orcid.org/0000-0002-5644-3316</orcidid><orcidid>https://orcid.org/0000-0001-7167-7383</orcidid><orcidid>https://orcid.org/0009-0008-2921-1254</orcidid></addata></record>
fulltext fulltext
identifier ISSN: 1540-7993
ispartof IEEE security & privacy, 2023-11, Vol.21 (6), p.59-63
issn 1540-7993
1558-4046
language eng
recordid cdi_ieee_primary_10315781
source IEEE Electronic Library (IEL) Journals
subjects Human factors
Privacy
Security
Software
Supply chain management
Supply chains
title A Viewpoint on Human Factors in Software Supply Chain Security: A Research Agenda
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-07T19%3A57%3A45IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_ieee_&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=A%20Viewpoint%20on%20Human%20Factors%20in%20Software%20Supply%20Chain%20Security:%20A%20Research%20Agenda&rft.jtitle=IEEE%20security%20&%20privacy&rft.au=Fourne,%20Marcel&rft.date=2023-11&rft.volume=21&rft.issue=6&rft.spage=59&rft.epage=63&rft.pages=59-63&rft.issn=1540-7993&rft.eissn=1558-4046&rft.coden=ISPMCN&rft_id=info:doi/10.1109/MSEC.2023.3316569&rft_dat=%3Cproquest_ieee_%3E2890112806%3C/proquest_ieee_%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c246t-e2ca0ac15ac76e67419d227f950b6b1b08f96dfed07cb37c4536563886b8c6de3%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2890112806&rft_id=info:pmid/&rft_ieee_id=10315781&rfr_iscdi=true