Guide to Securing Scientific Software
Creators
- 1. Pittsburgh Supercomputing Center
- 2. National Center for Supercomputing Applications
- 3. University of Wisconsin-Madison
- 4. Indiana University
- 5. Lawrence Berkeley National Laboratory
Description
In 2021, Trusted CI is conducting our focused "annual challenge" on the security (sometimes called "assurance") of software used by scientific computing and cyberinfrastructure. The goal of this year-long project, involving seven Trusted CI members, is to broadly improve the robustness of software used in scientific computing with respect to security.
During the first part of the year, Trusted CI interviewed creators of scientific software and released a findings report based on those conversations. Part of that effort focused on identifying gaps in the software security of the projects and analyzing what barriers prevented them from being addressed.
This guide is a direct result of those findings and attempts to begin bridging those gaps by providing concrete advice for anyone involved in developing or managing software for scientific projects.
It is our hope that this effort will help scientific software projects better understand and ameliorate some of the most important gaps in the security of scientific software, and also to help policymakers understand those gaps so they can better understand the need for committing resources to improving the state of scientific software security. Ultimately, we hope that the effort will support scientific discovery itself by shedding light on the risks incurred in creating and using scientific software.
Notes
Files
2021 Software Guide.pdf
Files
(588.2 kB)
Name | Size | Download all |
---|---|---|
md5:2772c076d5a76eee1531aa22669ea223
|
588.2 kB | Preview Download |