Date of Award

9-2024

Document Type

Thesis

Degree Name

Master of Science in Systems Engineering

Department

Department of Systems Engineering and Management

First Advisor

Warren J. Connell, PhD

Abstract

This thesis explores the integration of Blockchain Technology (BT) into the Software Development Life Cycle (SDLC) to satisfy the Software Bill of Materials (SBOM) requirement for government software systems. This study begins by synthesizing a standard SDLC definition from various government and industry references, which may provide the foundation for future efforts to standardize software development practices across the government software development community. This study proceeds to define working definitions for the software supply chain (SSC) and software supply chain management (SCM) before introducing and detailing the SBOM requirement as well as providing an overview of prior research regarding SBOMs and the applicability of BT to SCM. Subsequently, by employing Model-Based Systems Engineering (MBSE) techniques, this research leverages BT to propose a dynamic solution that updates SBOM data with each software version change as an integral component of the SDLC, thereby enhancing traceability and security. The findings suggest that this approach not only satisfies needs highlighted by prior BT research efforts, but also addresses concerns detailed in SBOM requirements documents regarding the static nature of SBOMs. This dynamic SBOM solution has the potential to significantly improve software supply chain management and security, offering a foundational framework to future research and analysis.

AFIT Designator

AFIT-ENV-MS-24-S-136

Comments

A 12-month embargo was observed for posting this work on AFIT Scholar.

Distribution Statement A, Approved for Public Release. PA case number on file.

Share

COinS