Litcius/Paper detail

Reproducible Builds: Increasing the Integrity of Software Supply Chains

Chris Lamb, Stefano Zacchiroli

2021IEEE Software74 citationsDOIOpen Access PDF

Abstract

Although it is possible to increase confidence in free and open source software by reviewing its source code, trusting code is not the same as trusting its executable counterparts. This article examines reproducible builds, an approach that can determine whether generated binaries correspond to the original source code.

Topics & Concepts

ExecutableComputer scienceSource codeSoftware engineeringCode reviewProgramming languageSoftwareCode (set theory)Software developmentBackportingSoftware qualitySoftware constructionOperating systemSet (abstract data type)Software Engineering ResearchAdvanced Malware Detection TechniquesScientific Computing and Data Management
Reproducible Builds: Increasing the Integrity of Software Supply Chains | Litcius