PhD defence: Trust in Software Ecosystems
Software ecosystems are complex networks of organisations and individuals that collaboratively develop and maintain the software that our society depends on. Trust is a fundamental part of the software ecosystem, whether it is an individual deciding to install an app, a business manager deciding to use a multi-million accounting system, or a government deciding to use a cloud system.
However, the rapid growth and decentralisation of software ecosystems have introduced significant challenges in ensuring software trustworthiness. Malicious actors can exploit vulnerabilities, introduce harmful code, or take advantage of outdated packages. Software engineers and end-users face considerable risks in selecting reliable and secure software.
This PhD dissertation introduces a community-managed tool that underpins the software ecosystem with a trust layer. It collects trust data on software packages and projects to help users assess the reliability, vulnerabilities, and trustworthiness of software packages. Implemented within npm, this tool is able to retrieve trust scores from a distributed ledger for safety checks, policy enforcement, and dependency scans. This dissertation explores how empirical software engineering can strengthen trust in the global software ecosystem. It offers both theoretical insights and practical methods for fostering the development of more trustworthy software.
PLEASE NOTE: If a candidate gives a layman's talk, the livestream will start fifteen minutes earlier.
- Start date and time
- End date and time
- Location
- Hybride: online (livestream link) and for invited guests in the Utrecht University Hall, Domplein 29
- PhD candidate
- F. Hou
- Dissertation
- Trust in Software Ecosystems
- PhD supervisor(s)
- dr. R.L. Jansen
- prof. dr. S. Brinkkemper
- More information
- Full text via Utrecht University Repository