SCA Tool

6 total

16MAR 2026
4 Theses
Final Thesis: SCA Tool API für automatisierte CI Workflows
Abstract: The goal of this thesis was to develop an automation that enables developers to seamlessly integrate SCA Tool into their development workflows. To this end, an OpenAPI-compliant CI/CD-Integration was implemented for both the GitHub and GitLab platforms. A user-friendly guide was created to support the configuration of the provided pipelines. For the safe communication […]
Read more about Final Thesis: SCA Tool API für automatisierte CI Workflows
13MAR 2026
4 Theses
Final Thesis: Evaluation and Improvement of C based dependency ecosystems in SCA Tool
Abstract: Open Source Software (OSS) is widely adopted, but introduces security and license compliance risks that must be managed. Software Composition Analysis (SCA) tools address these challenges by identifying dependencies, generating Software Bill of Materials (SBOM), and detecting vulnerabilities. Although SCA Tool already supported ecosystems such as npm, it lacked support for C-based (e.g., C, […]Abstract: Open Source Software (OSS) is widely adopted, but introduces security and license compliance risks that must be managed. Software Composition Analysis (SCA) tools address these challenges by identifying dependencies, generating Software Bill of Materials (SBOM), and detecting vulnerabilities. Although SCA Tool already supported ecosystems such as npm, it lacked support for C-based (e.g., C, […]
Read more about Final Thesis: Evaluation and Improvement of C based dependency ecosystems in SCA Tool
12MAR 2026
4 Theses
Final Thesis: Enhancing the Security of SCA Tool through the Implementation of Technical and Organisational Safeguards
Abstract: This work focuses on holistically increasing security in the Software Composition Analysis (SCA) tool through the practical implementation of technical and organizational measures. Building on a previous security audit, weaknesses in organizational processes and technical components are addressed, further risks are investigated, and countermeasures are designed. The security mechanisms were developed on the basis […]Abstract: This work focuses on holistically increasing security in the Software Composition Analysis (SCA) tool through the practical implementation of technical and organizational measures. Building on a previous security audit, weaknesses in organizational processes and technical components are addressed, further risks are investigated, and countermeasures are designed. The security mechanisms were developed on the basis […]
Read more about Final Thesis: Enhancing the Security of SCA Tool through the Implementation of Technical and Organisational Safeguards
11MAR 2026
4 Theses
Final Thesis: SCA Tool Security Audit
Abstract: A security audit of SCA Tool Application, its IT infrastructure’s configuration, and the ISM within the organization SCA Tool was conducted. The objective was to establish a foundation for an ISMS and provide actionable recommendations for specific vulnerabilities. During the vulnerability assessment, penetration testing tools were utilized, source code analyses were performed, and organizational […]Abstract: A security audit of SCA Tool Application, its IT infrastructure’s configuration, and the ISM within the organization SCA Tool was conducted. The objective was to establish a foundation for an ISMS and provide actionable recommendations for specific vulnerabilities. During the vulnerability assessment, penetration testing tools were utilized, source code analyses were performed, and organizational […]
Read more about Final Thesis: SCA Tool Security Audit
29SEP 2025
4 Theses
Final Thesis: License Text Viewer for Simplified Open Source Compliance
Abstract: The software development landscape has changed drastically over the years. With an estimated up to 98% of codebases including open-source software (Nagle et al., 2022) and the rise of package managers and development frameworks, it has never been simpler to start incorporating numerous amounts of open-source projects. So simple, in fact, that managing different […]
Read more about Final Thesis: License Text Viewer for Simplified Open Source Compliance
01AUG 2025
4 Theses
Final Thesis: A Multi-Dimensional Model and Algorithm for the Classification and Remediation of Software Vulnerabilities
Abstract: This master’s thesis addresses shortcomings in the vulnerability management component of the Software Composition Analysis (SCA) Tool developed by the Professorship for Open Source Software (POS) at the Friedrich-Alexander University Erlangen-Nürnberg (FAU), by proposing a multidimensional classification and remediation framework for software vulnerabilities. The developed approach integrates the Common Vulnerability Scoring System (CVSS) for […]Abstract: This master’s thesis addresses shortcomings in the vulnerability management component of the Software Composition Analysis (SCA) Tool developed by the Professorship for Open Source Software (POS) at the Friedrich-Alexander University Erlangen-Nürnberg (FAU), by proposing a multidimensional classification and remediation framework for software vulnerabilities. The developed approach integrates the Common Vulnerability Scoring System (CVSS) for […]
Read more about Final Thesis: A Multi-Dimensional Model and Algorithm for the Classification and Remediation of Software Vulnerabilities