SCA Tool

1 to 6 of 13

30APR 2026
4 Theses
Final Thesis: In-Depth Analysis of Software Composition Analysis Tools: Current Curation Practices
Abstract: Software Composition Analysis (SCA) tools play a vital role in identifying vulnerabilities and ensuring license compliance in Open Source Software (OSS). However, their effectiveness is strongly influenced by the quality of metadata used during analysis. Incomplete, inconsistent, or outdated metadata can lead to false positives, undetected vulnerabilities, or misclassified licenses. This thesis investigates how […]Abstract: Software Composition Analysis (SCA) tools play a vital role in identifying vulnerabilities and ensuring license compliance in Open Source Software (OSS). However, their effectiveness is strongly influenced by the quality of metadata used during analysis. Incomplete, inconsistent, or outdated metadata can lead to false positives, undetected vulnerabilities, or misclassified licenses. This thesis investigates how […]
Read more about Final Thesis: In-Depth Analysis of Software Composition Analysis Tools: Current Curation Practices
22APR 2026
4 Theses
Final Thesis: Design and Implementation of a CHAOSS-Based Health Assessment System for Open Source Components in SCA Tool
Abstract: Open Source Software (OSS) and the communities that maintain it play an ever lasting role in the field of software development. The Linux Foundation’s Census of Free and Open Source Software states that 96% of codebases use Free and Open Source Software (Nagle et al., 2024). As the number of open source software (OSS) […]
Read more about Final Thesis: Design and Implementation of a CHAOSS-Based Health Assessment System for Open Source Components in SCA Tool
21APR 2026
4 Theses
Final Thesis: A Systematic Review of Crowdsourcing Approaches and Their Applicability to Curation
Abstract: The increasing complexity of software ecosystems requires reliable, continuously maintained Software Composition Analysis (SCA) data. Although automated scanners provide essential scalability, they lack the contextual judgment required to reliably resolve ambiguous licensing and vulnerability scenarios. This raises the question of whether crowdsourcing can support data curation within SCA environments, particularly in the context of […]Abstract: The increasing complexity of software ecosystems requires reliable, continuously maintained Software Composition Analysis (SCA) data. Although automated scanners provide essential scalability, they lack the contextual judgment required to reliably resolve ambiguous licensing and vulnerability scenarios. This raises the question of whether crowdsourcing can support data curation within SCA environments, particularly in the context of […]
Read more about Final Thesis: A Systematic Review of Crowdsourcing Approaches and Their Applicability to Curation
13APR 2026
4 Theses
Final Thesis: SCA Tool User, Organization, and System Management and Administration
Abstract: To stay legal when publishing software with open-source components, the distributor is required to provide an accurate Software Bill of Materials (SBOM) and legal notices. While the requirement may sound simple, through the lack of affordable and simple tools, the process to generate those is generally tedious. SCA Tool’s goal is to mitigate those […]
Read more about Final Thesis: SCA Tool User, Organization, and System Management and Administration
07APR 2026
4 Theses
Final Thesis: Configurable SBOM and Legal Notice Exports for SCA Tool
Abstract: Modern software development relies heavily on third-party components, creating transparency deficits in software supply chains. A Software Bill of Materials (SBOM) addresses this challenge by documenting component inventories. However, existing generation tools provide rigid outputs that cannot accommodate the diverse requirements of organizational stakeholders. This thesis develops a configurable SBOM export system that enables […]Abstract: Modern software development relies heavily on third-party components, creating transparency deficits in software supply chains. A Software Bill of Materials (SBOM) addresses this challenge by documenting component inventories. However, existing generation tools provide rigid outputs that cannot accommodate the diverse requirements of organizational stakeholders. This thesis develops a configurable SBOM export system that enables […]
Read more about Final Thesis: Configurable SBOM and Legal Notice Exports for SCA Tool
06APR 2026
4 Theses
Final Thesis: Support of New Dependency Ecosystems in SCA Tool
Abstract: Modern software development heavily relies on third-party dependencies across diverse ecosystems, presenting significant challenges in maintaining security, legal compliance, and transparency. Software composition analysis (SCA) tools have become essential in addressing these concerns, but many struggle to support the growing number of programming languages and package managers. This thesis focuses on extending an existing […]Abstract: Modern software development heavily relies on third-party dependencies across diverse ecosystems, presenting significant challenges in maintaining security, legal compliance, and transparency. Software composition analysis (SCA) tools have become essential in addressing these concerns, but many struggle to support the growing number of programming languages and package managers. This thesis focuses on extending an existing […]
Read more about Final Thesis: Support of New Dependency Ecosystems in SCA Tool