Risk Assessment of Using Open Source Projects: Analysis of the Existing Approaches

Risk Assessment of Using Open Source Projects: Analysis of the Existing Approaches

This article analyzes the existing approaches to assess and account for the components used in software, including open source software. The existing frameworks for assessing software development processes, including information security, are analyzed. The typical risks of using open source componen...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Automatic control and computer sciences 2023-12, Vol.57 (8), p.938-946
Hauptverfasser: Eremeev, M. A., Zakharchuk, I. I.
Format: Artikel
Sprache:eng
Schlagworte:
Computer Science
Control Structures and Microprogramming
Open source software
Project management
Risk assessment
Security
Software development
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 946
container_issue 8
container_start_page 938
container_title Automatic control and computer sciences
container_volume 57
creator Eremeev, M. A.
Zakharchuk, I. I.
description This article analyzes the existing approaches to assess and account for the components used in software, including open source software. The existing frameworks for assessing software development processes, including information security, are analyzed. The typical risks of using open source components and free licenses are considered. The possibility of assessing development processes to identify threats to information security in open source projects and the need to automate this process in order to ensure the efficiency of dependence management in projects that use open components as dependencies are noted.
doi_str_mv 10.3103/S0146411623080059
format Article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2933509261</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2933509261</sourcerecordid><originalsourceid>FETCH-LOGICAL-c268t-793b458fb53993bec4441aba6234024f2941a45a7ba1c97c8ace50312ab9a1813</originalsourceid><addsrcrecordid>eNp1kE1Lw0AQhhdRsFZ_gLcFz9Gd_Uh3vYVSq1CotBa8hc2yaVPbJO6kYP-9Gyp4EE8zw_u880XILbB7AUw8LBnIVAKkXDDNmDJnZABK6QSYfj8ng15Oev2SXCFuI6G0Tgdksajwg2aIHnHv6442JV1hVa_pvPU1XTaH4Dx9Dc3Wuw4faVbb3REr7Llu4-nkq8Kux7O2DY11G4_X5KK0O_Q3P3FIVk-Tt_FzMptPX8bZLHE81V0yMqKQSpeFEiam3kkpwRY2XiAZlyU3sZTKjgoLzoycts4rJoDbwljQIIbk7tQ3Dv48eOzybdw27oc5N0IoZnjaU3CiXGgQgy_zNlR7G445sLx_Xf7nddHDTx6MbL324bfz_6Zv5Ppu2g</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2933509261</pqid></control><display><type>article</type><title>Risk Assessment of Using Open Source Projects: Analysis of the Existing Approaches</title><source>SpringerLink Journals</source><creator>Eremeev, M. A. ; Zakharchuk, I. I.</creator><creatorcontrib>Eremeev, M. A. ; Zakharchuk, I. I.</creatorcontrib><description>This article analyzes the existing approaches to assess and account for the components used in software, including open source software. The existing frameworks for assessing software development processes, including information security, are analyzed. The typical risks of using open source components and free licenses are considered. The possibility of assessing development processes to identify threats to information security in open source projects and the need to automate this process in order to ensure the efficiency of dependence management in projects that use open components as dependencies are noted.</description><identifier>ISSN: 0146-4116</identifier><identifier>EISSN: 1558-108X</identifier><identifier>DOI: 10.3103/S0146411623080059</identifier><language>eng</language><publisher>Moscow: Pleiades Publishing</publisher><subject>Computer Science ; Control Structures and Microprogramming ; Open source software ; Project management ; Risk assessment ; Security ; Software development</subject><ispartof>Automatic control and computer sciences, 2023-12, Vol.57 (8), p.938-946</ispartof><rights>Allerton Press, Inc. 2023. ISSN 0146-4116, Automatic Control and Computer Sciences, 2023, Vol. 57, No. 8, pp. 938–946. © Allerton Press, Inc., 2023. Russian Text © The Author(s), 2023, published in Problemy Informatsionnoi Bezopasnosti, Komp’yuternye Sistemy.</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c268t-793b458fb53993bec4441aba6234024f2941a45a7ba1c97c8ace50312ab9a1813</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://link.springer.com/content/pdf/10.3103/S0146411623080059$$EPDF$$P50$$Gspringer$$H</linktopdf><linktohtml>$$Uhttps://link.springer.com/10.3103/S0146411623080059$$EHTML$$P50$$Gspringer$$H</linktohtml><link.rule.ids>314,776,780,27901,27902,41464,42533,51294</link.rule.ids></links><search><creatorcontrib>Eremeev, M. A.</creatorcontrib><creatorcontrib>Zakharchuk, I. I.</creatorcontrib><title>Risk Assessment of Using Open Source Projects: Analysis of the Existing Approaches</title><title>Automatic control and computer sciences</title><addtitle>Aut. Control Comp. Sci</addtitle><description>This article analyzes the existing approaches to assess and account for the components used in software, including open source software. The existing frameworks for assessing software development processes, including information security, are analyzed. The typical risks of using open source components and free licenses are considered. The possibility of assessing development processes to identify threats to information security in open source projects and the need to automate this process in order to ensure the efficiency of dependence management in projects that use open components as dependencies are noted.</description><subject>Computer Science</subject><subject>Control Structures and Microprogramming</subject><subject>Open source software</subject><subject>Project management</subject><subject>Risk assessment</subject><subject>Security</subject><subject>Software development</subject><issn>0146-4116</issn><issn>1558-108X</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2023</creationdate><recordtype>article</recordtype><recordid>eNp1kE1Lw0AQhhdRsFZ_gLcFz9Gd_Uh3vYVSq1CotBa8hc2yaVPbJO6kYP-9Gyp4EE8zw_u880XILbB7AUw8LBnIVAKkXDDNmDJnZABK6QSYfj8ng15Oev2SXCFuI6G0Tgdksajwg2aIHnHv6442JV1hVa_pvPU1XTaH4Dx9Dc3Wuw4faVbb3REr7Llu4-nkq8Kux7O2DY11G4_X5KK0O_Q3P3FIVk-Tt_FzMptPX8bZLHE81V0yMqKQSpeFEiam3kkpwRY2XiAZlyU3sZTKjgoLzoycts4rJoDbwljQIIbk7tQ3Dv48eOzybdw27oc5N0IoZnjaU3CiXGgQgy_zNlR7G445sLx_Xf7nddHDTx6MbL324bfz_6Zv5Ppu2g</recordid><startdate>20231201</startdate><enddate>20231201</enddate><creator>Eremeev, M. A.</creator><creator>Zakharchuk, I. I.</creator><general>Pleiades Publishing</general><general>Springer Nature B.V</general><scope>AAYXX</scope><scope>CITATION</scope></search><sort><creationdate>20231201</creationdate><title>Risk Assessment of Using Open Source Projects: Analysis of the Existing Approaches</title><author>Eremeev, M. A. ; Zakharchuk, I. I.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c268t-793b458fb53993bec4441aba6234024f2941a45a7ba1c97c8ace50312ab9a1813</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2023</creationdate><topic>Computer Science</topic><topic>Control Structures and Microprogramming</topic><topic>Open source software</topic><topic>Project management</topic><topic>Risk assessment</topic><topic>Security</topic><topic>Software development</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Eremeev, M. A.</creatorcontrib><creatorcontrib>Zakharchuk, I. I.</creatorcontrib><collection>CrossRef</collection><jtitle>Automatic control and computer sciences</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Eremeev, M. A.</au><au>Zakharchuk, I. I.</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Risk Assessment of Using Open Source Projects: Analysis of the Existing Approaches</atitle><jtitle>Automatic control and computer sciences</jtitle><stitle>Aut. Control Comp. Sci</stitle><date>2023-12-01</date><risdate>2023</risdate><volume>57</volume><issue>8</issue><spage>938</spage><epage>946</epage><pages>938-946</pages><issn>0146-4116</issn><eissn>1558-108X</eissn><abstract>This article analyzes the existing approaches to assess and account for the components used in software, including open source software. The existing frameworks for assessing software development processes, including information security, are analyzed. The typical risks of using open source components and free licenses are considered. The possibility of assessing development processes to identify threats to information security in open source projects and the need to automate this process in order to ensure the efficiency of dependence management in projects that use open components as dependencies are noted.</abstract><cop>Moscow</cop><pub>Pleiades Publishing</pub><doi>10.3103/S0146411623080059</doi><tpages>9</tpages></addata></record>
fulltext fulltext
identifier ISSN: 0146-4116
ispartof Automatic control and computer sciences, 2023-12, Vol.57 (8), p.938-946
issn 0146-4116
1558-108X
language eng
recordid cdi_proquest_journals_2933509261
source SpringerLink Journals
subjects Computer Science
Control Structures and Microprogramming
Open source software
Project management
Risk assessment
Security
Software development
title Risk Assessment of Using Open Source Projects: Analysis of the Existing Approaches
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-29T02%3A28%3A02IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Risk%20Assessment%20of%20Using%20Open%20Source%20Projects:%20Analysis%20of%20the%20Existing%20Approaches&rft.jtitle=Automatic%20control%20and%20computer%20sciences&rft.au=Eremeev,%20M.%20A.&rft.date=2023-12-01&rft.volume=57&rft.issue=8&rft.spage=938&rft.epage=946&rft.pages=938-946&rft.issn=0146-4116&rft.eissn=1558-108X&rft_id=info:doi/10.3103/S0146411623080059&rft_dat=%3Cproquest_cross%3E2933509261%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2933509261&rft_id=info:pmid/&rfr_iscdi=true