A Workflow for Secure and Tamper Resistant Software Test Reporting
摘要
This paper proposes a novel workflow to prevent software and test report tampering. This plays a crucial role in industries operating in critical infrastructures where special emphasis is placed on the reliability of these reports for audits. Looking at the state-of-the-art, we identify tampering with test code, pseudo-accountability, and error-prone manual testing as problems that need to be dealt with. Our proposed workflow can be regularly initiated by a supervisor. It identifies every contributor to a project in a set time and asks them to verify their contributions and ultimately sign off on these contributions. This allows for straightforward and thorough reviews of a release and leads to enhanced tamper resistance, protecting the project against malicious alterations.