Skip to content. | Skip to navigation

Personal tools

Navigation

You are here: Home / Openness / Security of Open Source Software : A Survey of Technical Stakeholders’ Perceptions and Actions

Security of Open Source Software : A Survey of Technical Stakeholders’ Perceptions and Actions

Posted by Divyansha Sehgal at Apr 13, 2023 06:01 AM | Permalink

Filed under: Openness

Security of Open Source Software : A Survey of Technical Stakeholders’ Perceptions and Actions

Open-source software (OSS) components are largely assumed to be secure due to their open nature. However, that is not always the case. Of late, there has been an increased incidence of software supply-chain issues, with some industry reports estimating a 300% increase in attacks that exploit existing vulnerabilities between 2020 and 2021.
This report by Centre for Internet and Society surveys technical stakeholders to determine how they select OSS components to use in their projects and how they think broadly about the security of the projects they create.

Highlights:

90% of respondents work in companies with a dedicated team responsible for the security of software. 80% of them do not carry out any further security checks on an OSS once it has been approved for use by their security teams.
80% of respondents see comprehensive documentation as an important factor when selecting an OSS for use.
70% of respondents report validating dependencies in their selected open-source software component.
50% of respondents consider how actively an open-source software is maintained before selecting it for their projects.
40% of respondents do not anticipate accidental exploitation of vulnerabilities or expect malice from bad actors when they create software.
30% of respondents report not doing any post-release maintenance on the OSS component used and deployed.

Click to download the full report

Filed under: Openness

Open Data: Open Data and Land Ownership May 22, 2019; Talks by Richard Abisla and Kaliya Young Feb 28, 2019; An open data ecosystem can boost India's GDP by $22 B and double farmer income May 23, 2018; On World Water Day - Open Data for Water Resources Mar 22, 2018; Open Data and Land Ownership - Environment Scan Feb 12, 2018

Events: Discussion on Open Standards with Bernd Erk and Jiten Vaidya Jul 04, 2019; Talks by Richard Abisla and Kaliya Young Feb 28, 2019; NASA Space Apps Challenge 2017 Apr 20, 2017; CoinFest 2016 Apr 04, 2016; Seminar on Open Access in Research Area: A Strategic Approach Dec 15, 2015

Meta

13 April, 2023
Openness

Author

Divyansha Sehgal

Powered by Plone & Python

Funded by

Offices

Bengaluru: #32, 1st Floor, 2nd Block, Austin Town, Viveka Nagar, Bengaluru, Karnataka 560047.

null

Support Us

Please help us defend citizen and user rights on the Internet!

You may donate online via Instamojo. Or, write a cheque in favour of ‘The Centre for Internet and Society’ and mail it to us at Ground Floor, No 173, 9th Cross, 2nd Stage, Indiranagar, Bangalore 560038. These charitable contributions will be towards the Institutional Corpus Fund of the Centre for Internet and Society.

Follow our Works

Newsletter: Subscribe

researchers@work blog: medium.com/rawblog

Twitter (CIS): @cis_india

Twitter (CIS-A2K): @cisa2k

Instagram: @cis.india

Youtube: Centre for Internet and Society

Request for Collaboration

We invite researchers, practitioners, artists, and theoreticians, both organisationally and as individuals, to engage with us on topics related internet and society, and improve our collective understanding of this field. To discuss such possibilities, please write to us at communications[at]cis-india[dot]org with an indication of the form and the content of the collaboration you might be interested in.

In general, we offer financial support for collaborative/invited works only through public calls.

About Us

The Centre for Internet and Society (CIS) is a non-profit organisation that undertakes interdisciplinary research on internet and digital technologies from policy and academic perspectives. The areas of focus include digital accessibility for persons with disabilities, access to knowledge, intellectual property rights, openness (including open data, free and open source software, open standards, open access, open educational resources, and open video), internet governance, telecommunication reform, digital privacy, and cyber-security. The research at CIS seeks to understand the reconfiguration of social processes and structures through the internet and digital media technologies, and vice versa.

Through its diverse initiatives, CIS explores, intervenes in, and advances contemporary discourse and regulatory practices around internet, technology, and society in India, and elsewhere.