Authors: Laurie Williams, Sammy Migues, Jamie Boote, Ben Hutchison
Published on: April 18, 2024
Impact Score: 7.8
Arxiv code: Arxiv:2404.12300
Summary
- What is new: P SSCRM integrates and unifies insights from leading software supply chain risk management initiatives and several government and industry standards, offering a unique, comprehensive framework.
- Why this is important: The lack of a unified framework that synthesizes the best practices and standards for managing risks in software supply chains.
- What the research proposes: Creation of the P SSCRM, a framework that distills common principles from existing initiatives and standards to aid organizations in developing robust software supply chain risk management programs.
- Results: P SSCRM provides a model for understanding, quantifying, and improving secure software supply chain management, enabling organizations to evaluate and enhance their risk management initiatives in line with industry best practices.
Technical Details
Technological frameworks used: P SSCRM Framework
Models used: Quantitative and qualitative models for risk assessment and management
Data used: Data from nine industry-leading initiatives and analysis of ten government and industry documents, frameworks, and standards
Potential Impact
Software development and IT security companies, especially in sectors with critical infrastructure or high reliance on software integrity, may find strategic advantages or necessary adjustments in response to the insights from this paper.
Want to implement this idea in a business?
We have generated a startup concept here: SecuraChain.
Leave a Reply