Project Rekor

Software Supply Chain Transparency: this team will work with industry and open source partners to build software infrastructure to cryptographically verify provenance of software

Advisors:

Description:

This project is part of a new, experimental product to provide “software supply chain transparency” --- the ability for software producers to identify software components throughout different vendors, communities and sub-organizations. With this, high assurance software products are able to identify counterfeit software, decomission vulnerable code, and stop hackers trying to poison software delivery pipelines. Students will work in system building, security evaluation and deployment of test infrastructure.

Website

Prerequisites:

Basic programming, some knowledge of Golang may be useful, but not required. Interest in software security

Meeting Times:

  • Fall 2021: TBA

  • Spring 2022 : TBA