UNDERSTANDING AND MANAGING COMPLEX SOFTWARE VULNERABILITIES: AN EMPIRICAL ANALYSIS OF OPEN-SOURCE OPERATING SYSTEMS

Authors

  • Jean-Loup RICHET IAE Paris - Sorbonne Business School, Université Paris 1 Panthéon-Sorbonne, Paris, France
  • Wafa BOUAYNAYA Wafa BOUAYNAYA IAE d’Amiens et LEFMI, Université de Picardie Jules Verne, France

DOI:

https://doi.org/10.54695/sim.28.1.0087

Keywords:

Complexity, Open-Source Operating Systems, Vulnerability Management.

Abstract

There is a growing gap between practitioners and researchers: existing scholarly research on software vulnerabilities cannot adequately guide developers to effectively manage their vulnerabilities in the complex context of ‘software as amalgam’, tight coupling and open source. We respond to practitioners’ calls for more research on vulnerability management with a case of effective vulnerability management in the context of an open-source operating system (OSOS). Hence, our paper is aimed at bridging this gap with practice and discussing this overlooked concern in the academic literature: how do organizations effectively manage their vulnerabilities? We provide an empirical contribution with an extreme case of vulnerability management in a large OSOS (Debian). Our research uncovers behavioral dynamics and practices that foster responsiveness and adaptation in complex vulnerability management.

Published

2023-04-01

How to Cite

RICHET, J.-L. ., & Wafa BOUAYNAYA, W. B. (2023). UNDERSTANDING AND MANAGING COMPLEX SOFTWARE VULNERABILITIES: AN EMPIRICAL ANALYSIS OF OPEN-SOURCE OPERATING SYSTEMS. Systèmes d’information Et Management, 28(1), 87. https://doi.org/10.54695/sim.28.1.0087

Issue

Vol. 28 No. 1 (2023): SIM

Section

Articles