Even in security-critical systems, the use of third-party software components is common. Integrating open source components can save time/money and in some cases increase quality of the software. On the other hand it introduces a risk as it is possible for anyone to find security flaws and one has very little control of how the software is developed.
Available fall 2020
Examples of questions to be answered
- What properties must be fulfilled by third-party software to be able to safely integrate it in a security-critical system?
- Is it possible to define a set of criteria’s to determine when it is beneficiary to use in-house developed software and open source software respectively?
Preferred areas of knowledge / interest
- Software development processes
- Open source projects
- Information security