Abstract
AbstractThe worldwide software ecosystem is a trust-rich part of the world. Throughout the software life cycle, software engineers, end-users, and other stakeholders collaboratively place their trust in major hubs in the ecosystem, such as package managers, repository services, and software components. However, as our reliance on software grows, this trust is frequently violated by bad actors and crippling vulnerabilities in the software supply chain. This study aims to define software trust in the worldwide SECO, that is, to determine what signifies a trustworthy system, actor, or hub. We conduct a systematic literature review on the concept of trust in the software ecosystem. We acknowledge that trust is something between two actors in the software ecosystem, and we examine what role trust plays in the relationships between end-users and (1) software products, (2) package managers, (3) software producing organizations, and (4) software engineers. Two major findings emerged from the systematic literature review. To begin, we define trust in the software ecosystem by examining the definition and characteristics of trust. Second, we provide a list of trust factors that can be used to assemble an overview of software trust. Trust is critical in the communication between actors in the worldwide software ecosystem, particularly regarding software selection and evaluation. With this comprehensive overview of trust, software engineering researchers have a new foundation to understand and use trust to create a trustworthy software ecosystem.
Publisher
Springer Science and Business Media LLC
Reference74 articles.
1. Alarcon GM, Gibson AM, Walter C, Gamble RF, Ryan TJ, Jessup SA, Boyd BE, Capiola A (2020) Trust Perceptions of Metadata in Open-Source Software: The Role of Performance and Reputation. Systems 8(3):28
2. Amoroso Ed, Nguyen Thu, Weiss Jon, Watson John, Lapiska Pete, Starr Terry (1991) Toward an approach to measuring software trust. In: Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy, pp 198–198
3. Androutsellis-Theotokis S, Spinellis D, Kechagia M, Gousios G (2011) Open source software: a survey from 10,000 feet. Found Trends Technol Inf Oper Manag 4.3-4:187–347
4. Badampudi Deepika, Wohlin Claes, Petersen Kai (2016) Software component decision-making: in-house, OSS, COTS or outsourcing-A systematic literature review. J Syst Software 121:105–124
5. Bennett K, Layzell P, Budgen D, Brereton P, Macaulay L, Munro M (2000) Service-based software: the future for flexible software. In: Proceedings seventh Asia-Pacific software engeering conference, APSEC 2000. IEEE, pp 214–221
Cited by
4 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. AggTrust: New Approach for Aggregated Trust Value for IoT with Comparative Study;2023 6th International Conference on Contemporary Computing and Informatics (IC3I);2023-09-14
2. Requirement Change Prediction Model for Small Software Systems;Computers;2023-08-14
3. Your app is no longer welcome in our app store: partner exclusion in software ecosystems;2023 IEEE/ACM 11th International Workshop on Software Engineering for Systems-of-Systems and Software Ecosystems (SESoS);2023-05
4. The Role of Software Trust in Selection of Open-Source and Closed Software;2023 IEEE/ACM 11th International Workshop on Software Engineering for Systems-of-Systems and Software Ecosystems (SESoS);2023-05