Project

An Exploration of Binary Equivalence Operators to Improve Software Supplychain Security

Principal Investigator

Victoria University of Wellington, NZ

Oracle Principal Investigator

Behnaz Hassanshahi, Principal Researcher
Padmanabhan Krishnan, Research Director

Summary

This research collaboration explores binary equivalence, a key technology that underpins software supply chain security. This is a foundational, yet under-researched technology that can be used to (1) assess (reproducible/alternative/independent) builds, (2) to establish consensus when multiple parties run independent build services, and to detect vulnerabilities that can be exploited in software supply chain attacks.