A Guide for Software Assurance for SWIP

Thumbnail Image
Files
A Guide for Software Assurance for SWIP.pdf (3.81 MB)
If you need an accessible version of this item, please email your request to iusw@iu.edu so that they may create one and provide it to you.
Date
2019-08
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Permanent Link
https://hdl.handle.net/2022/23413
Abstract
The Scientific Workflow Integrity with Pegasus (SWIP) project adds data integrity checking to the Pegasus workflow management system (https://pegasus.isi.edu/). As part of SWIP, we perform software assurance (SwA) on the Pegasus software using the Software Assurance Marketplace (SWAMP, https://www.mir-swamp.org/). Initially, we planned to perform SwA only on the parts of the code base related to SWIP, i.e., only the code related to the data integrity checks. However, during the course of the SWIP project, a decision was made to perform SwA on the entire Pegasus code base. In addition, the project took on a research effort of trying to quantify differences in SwA results between Pegasus versions. We summarize our SwA process and results here. SwA results provide insight, but they are still subjective; developers of the software being assessed (Pegasus in this project) need to determine how those results need to be addressed.
Description
Keywords
cybersecurity, software assurance, data integrity
Citation
DOI
Link(s) to data and video for this item
Relation
Rights
https://creativecommons.org/licenses/by/4.0/
Type
Technical Report
Collections
Center for Applied Cybersecurity Research