Journal of Information Security Reserach ›› 2024, Vol. 10 ›› Issue (8): 780-.
Previous Articles
Zhang Lei and Wen Shuyun
Online:
Published:
张蕾闻书韵
通讯作者:
作者简介:
Abstract: Basic software is the cornerstone of supporting the efficient and stable operation of computer systems, which determines the level of development of digital infrastructure. The industrial chain of basic software, represented by operating system, database and middleware, occupies an upstream position in the entire software industry, which directly determines the scale and the efficiency of the downstream output. Due to the characteristics of long R&D cycle and large R&D investment, basic software has gradually attracted attention from various countries and risen to the level of national strategy in the increasingly complex environment of software supply chain. In recent years, while China’s basic software industry has developed rapidly with the help of open source, many security incidents of basic software supply chain have occurred, which brings risks and challenges. This paper reviews the current situation of the basic software supply chain security, analyzes the risks and challenges faced by the basic software supply chain, and puts forward reasonable suggestions from four aspects: policy, industry, user and ecology.
Key words: basic software, national strategy, supply chain security, risk and challenge, countermeasure
摘要: 基础软件是支撑计算机系统高效稳定运行的基石,决定数字基础设施发展的水平.以操作系统、数据库、中间件为代表的基础软件产业链在整个软件产业处于上游位置,直接影响下游产出的规模和效益.由于基础软件具有研发周期长、投入大等特点,在软件供应链日益复杂的环境下,逐渐引起各国重视并上升至国家战略高度.近年来,我国基础软件产业借助开源路径提速发展的同时,发生了众多基础软件供应链安全事件,带来了风险挑战.梳理了基础软件供应链安全现状,分析基础软件供应链面临的风险挑战,并从政策、产业、用户、生态4个层面提出合理化对策建议.
关键词: 基础软件, 国家战略, 供应链安全, 风险挑战, 对策建议
CLC Number:
TP311.52
张蕾, 闻书韵, . 基础软件供应链安全现状分析与对策建议[J]. 信息安全研究, 2024, 10(8): 780-.
0 / / Recommend
Add to citation manager EndNote|Ris|BibTeX
URL: http://www.sicris.cn/EN/
http://www.sicris.cn/EN/Y2024/V10/I8/780