Date of Award
Spring 5-29-2024
Document Type
Thesis (Undergraduate)
Department
Computer Science
First Advisor
Charles Palmer
Second Advisor
Vasanta Lakshmi Kommineni
Third Advisor
Allan Friedman
Abstract
Open source software has become a cornerstone of modern software development, offering unparalleled opportunities for innovation and collaboration. However, its widespread adoption has also introduced a host of security vulnerabilities, particularly in the software supply chain. This paper provides a comprehensive cost-benefit analysis of achieving various security thresholds to harden the build environment, focusing on isolated, hermetic, reproducible, and bootstrappable builds. For each build type, we provide a clear definition and outline the steps required for implementation. We then evaluate the associated costs and benefits of each build, emphasizing their roles in strengthening the build environment and enhancing supply chain security. The paper concludes with recommendations for stakeholders, including startups, large corporations, and government agencies, and proposes future research directions to enhance build environment security.
Recommended Citation
Retterer, Carly, "Open Source Supply Chain Security: a Cost-Benefit Analysis of Achieving Various Security Thresholds in Build Environments" (2024). Computer Science Senior Theses. 43.
https://digitalcommons.dartmouth.edu/cs_senior_theses/43