Software Supply Chain Risk Management Framework

Files
Software_Supply_Chain_Risk_Management_Framework.pdf (971.22 KB)
Author(s)
Onu, Kelly
Advisor(s)
Grindal, Karl
Editor(s)
Associated Organization(s)
Organizational Unit
Series
Series
Collections
Research Publications
Supplementary to:
Permanent Link
https://hdl.handle.net/1853/76522
Abstract
Software supply chain risk management framework is a systematic process for managing software supply chain risk exposures, threats, and vulnerabilities throughout the supply chain and developing response strategies to the supply chain risks presented by third-party software. The purpose of this paper is to provide a risk management framework for organizations that use or apply open source or third-party components within their SDLC. The proposed RMF will provide guidance for how to Frame, Assess, Respond and Monitor (FARM) the security risks associated with the use of third-party software or components. This RMF will also help organizations to understand these security risks and provide recommendations to manage them.
Sponsor
Date
2021-08
Extent
Resource Type
Text
Resource Subtype
Masters Project
Rights Statement
Unless otherwise noted, all materials are protected under U.S. Copyright Law and all rights are reserved
Rights URI
https://rightsstatements.org/page/InC/1.0/?language=en