Logo Politecnico di Torino
ENIT
WebThesis

A vulnerability model for software supply chains

Giovanni Bloise

A vulnerability model for software supply chains.

Rel. Fulvio Valenza, Daniele Bringhenti, Riccardo Sisto, Gianmarco Bachiorrini. Politecnico di Torino, Master of science program in Cybersecurity, 2025

[thumbnail of Tesi_di_laurea]
Preview
 PDF (Tesi_di_laurea) - Thesis
Licence: Creative Commons Attribution Non-commercial No Derivatives.
Download (6MB) | Preview

Abstract

This thesis addresses the need to detect vulnerabilities in digital supply chains (DSCs). Modern supply chains rely on interconnected services such as software components, cloud platforms and IoT devices. While this interconnection brings several advantages, it also introduces new security challenges: the overall level of protection is no longer determined only by strong internal defenses, but also depends on the security level of each actor in the chain. Specifically, each link in the DSC needs a high level of security, which makes manual monitoring of the whole supply chain not scalable. To address this issue, this work starts from an existing threat analysis framework, TAMELESS (Threat & Attack ModEL Smart System).

TAMELESS is a tool that, given as input the components of a system, their relationships, and properties, can identify potential threats

Relators

Fulvio Valenza, Daniele Bringhenti, Riccardo Sisto, Gianmarco Bachiorrini

Academic year

2025/26

Publication type

Electronic

Number of Pages

83

Course of studies

Master of science program in Cybersecurity

Classe di laurea

New organization > Master science > LM-32 - COMPUTER SYSTEMS ENGINEERING

URI

https://webthesis.biblio.polito.it/id/eprint/37922
Modify record (reserved for operators) Modify record (reserved for operators)
Logo Politecnico di Torino