Reproducible Builds: Increasing the Integrity of Software Supply Chains | IEEE Journals & Magazine | IEEE Xplore
Subscribe
ADVANCED SEARCH
Journals & Magazines >IEEE Software >Volume: 39 Issue: 2

Reproducible Builds: Increasing the Integrity of Software Supply Chains

PDF
Chris Lamb; Stefano Zacchiroli
All Authors

Abstract:

Although it is possible to increase confidence in free and open source software by reviewing its source code, trusting code is not the same as trusting its executable cou...Show More

Metadata

Abstract:

Although it is possible to increase confidence in free and open source software by reviewing its source code, trusting code is not the same as trusting its executable counterparts. This article examines reproducible builds, an approach that can determine whether generated binaries correspond to the original source code.
Published in: IEEE Software ( Volume: 39, Issue: 2, March-April 2022)
Page(s): 62 - 70
Date of Publication: 13 April 2021

ISSN Information:

DOI: 10.1109/MS.2021.3073045
Contents

You can’t trust code that you did not totally create yourself. […] No amount of source-level verification or scrutiny will protect you from using untrusted code.

Contact IEEE to Subscribe
More Like This
CDE: A Tool for Creating Portable Experimental Software Packages

Computing in Science & Engineering

Published: 2012

ME3A: Software tool for the identification of energy saving measures in existing buildings: Automated identification of saving measures for buildings using measured energy consumpt...

2016 IEEE 16th International Conference on Environment and Electrical Engineering (EEEIC)

Published: 2016

Show More

References

References is not available for this document.

IEEE Account

Purchase Details

Profile Information

Need Help?

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2025 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.