[en] Edge computing is a distributed computing paradigm aiming at ensuring low latency in modern data intensive applications (e.g., video streaming and IoT). It consists of deploying computation and storage nodes close to the end-users. Unfortunately, being distributed and close to end-users, Edge systems have a wider attack surface (e.g., they may be physically reachable) and are more complex to update than other types of systems (e.g., Cloud systems) thus requiring thorough security testing activities, possibly tailored to be cost-effective. To support the development of effective and automated Edge security testing solutions, we conducted an empirical study of vulnerabilities affecting Edge frameworks. The study is driven by eight research questions that aim to determine what test triggers, test harnesses, test oracles, and input types should be considered when defining new security testing approaches dedicated to Edge systems. preconditions and inputs leading to a successful exploit, the security properties being violated, the most frequent vulnerability types, the software behaviours and developer mistakes associated to these vulnerabilities, and the severity of Edge vulnerabilities. We have inspected 147 vulnerabilities of four popular Edge frameworks. Our findings indicate that vulnerabilities slip through the testing process because of the complexity of the Edge features. Indeed, they can’t be exhaustively tested in-house because of the large number of combinations of inputs, outputs, and interfaces to be tested. Since we observed that most of the vulnerabilities do not affect the system integrity and, further, only one action (e.g., requesting a URL) is sufficient to exploit a vulnerability
Research center :
Interdisciplinary Centre for Security, Reliability and Trust (SnT) > SVV - Software Verification and Validation
Disciplines :
Computer science
Author, co-author :
MALIK, Jahanzaib ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > SVV
PASTORE, Fabrizio ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > SVV
External co-authors :
no
Language :
English
Title :
An empirical study of vulnerabilities in edge frameworks to support security testing improvement
This work has been supported by SES Luxembourg () and the Luxembourg National Research Fund (FNR) under the project INSTRUCT (Luxembourg National Research Fund ).
Jude A (2023) How will 5G and edge computing transform the future of mobile gaming? Last Accessed: 2023. https://www.ericsson.com/en/blog/2021/3/5g-edge-computing-gaming
Alwarafy A, Al-Thelaya KA, Abdallah M, Schneider J, Hamdi M (2021) A survey on security and privacy issues in edge-computing-assisted internet of things. IEEE Internet of Things Journal 8(6):4004–4022. 10.1109/JIOT.2020.3015432 DOI: 10.1109/JIOT.2020.3015432
Ammann P, Offutt J (2016) Introduction to software testing -, 2nd edn. Cambridge University Press DOI: 10.1017/9781316771273
Analysis Tools team (2022) Static analysis tools for GO Last Accessed: 2022. https://analysis-tools.dev/tag/go
Apache foundation (2022) Last Accessed: 2022. https://www.apache.org/
Ardagna CA, Asal R, Damiani E, Vu QH (2015) From security to assurance in the cloud: A survey. ACM Computing Surveys (CSUR) 48(1):1–50 DOI: 10.1145/2767005
ARM (2022) Microcontrollers and infrastructure manufacturer. Last Accessed: 2022. https://www.arm.com/
Austin A, Holmgreen C, Williams L (2013) A comparison of the efficiency and effectiveness of vulnerability discovery techniques. Information and Software Technology 55(7):1279–1288. DOIurlhttps://doi.org/10.1016/j.infsof.2012.11.007. www.sciencedirect.com/science/article/pii/S0950584912002339
Avizienis A, Laprie JC, Randell B, Landwehr C (2004) Basic concepts and taxonomy of dependable and secure computing. IEEE transactions on dependable and secure computing 1(1):11–33 DOI: 10.1109/TDSC.2004.2
Aysan H, Punnekkat S, Dobrin R (2008) Error modeling in dependable component-based systems. In: 2008 32nd Annual IEEE International Computer Software and Applications Conference, IEEE pp. 1309–1314
Bai T, Pan C, Deng Y, Elkashlan M, Nallanathan A, Hanzo L (2020) Latency minimization for intelligent reflecting surface aided mobile edge computing. IEEE Journal on Selected Areas in Communications 38(11):2666–2682 DOI: 10.1109/JSAC.2020.3007035
Barr ET, Harman M, McMinn P, Shahbaz M, Yoo S (2015) The oracle problem in software testing: A survey. IEEE Transactions on Software Engineering 41(5):507–525 DOI: 10.1109/TSE.2014.2372785
Nassi B, Pirutin Y, Galor TC, Elovici Y, Zadov B (2022) Last Accessed: 2022. https://www.nassiben.com/glowworm-attack
Bertolino A, Angelis GD, Frantzen L, Polini A (2007) The plastic framework and tools for testing service-oriented applications. In: Software Engineering, pp. 106–139. Springer
Bertolino A, Braione P, De Angelis G, Gazzola L, Kifetew F, Mariani L, Orrù M, Pezzè M, Pietrantuono R, Russo S, Tonella P (2021) A Survey of Field-based Testing Techniques. ACM Computing Surveys 54(5). https://doi.org/10.1145/3447240
Bertolino A, De Angelis G, Kellomaki S, Polini A (2011) Enhancing service federation trustworthiness through online testing. Computer 45(1):66–72 DOI: 10.1109/MC.2011.227
Blessing J, Specter MA, Weitzner DJ (2021) You really shouldn’t roll your own crypto: An empirical study of vulnerabilities in cryptographic libraries. arXiv:2107.04940
Bondavalli A, Simoncini L (1990) Failure classification with respect to detection. [1990] Proceedings. Second IEEE Workshop on Future Trends of Distributed Computing Systems, IEEE, pp 47–53
Catolino G, Palomba F, Zaidman A, Ferrucci F (2019) Not all bugs are the same: Understanding, characterizing, and classifying bug types. Journal of Systems and Software 152:165–181 10. https://doi.org/10.1016/j.jss.2019.03.002. www.sciencedirect.com/science/article/pii/S0164121219300536
Chaleshtari NB, Pastore F, Goknil A, Briand LC (2023) Metamorphic testing for web system security. IEEE Transactions on Software Engineering. Accepted, available at https://arxiv.org/abs/2208.09505
Chen EY, Pei Y, Chen S, Tian Y, Kotcher R, Tague P (2014) Oauth demystified for mobile application developers. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS ’14, p. 892-903. Association for Computing Machinery, New York, NY, USA. https://doi.org/10.1145/2660267.2660323
Chillarege R, Bhandari IS, Chaar JK, Halliday MJ, Moebus DS, Ray BK, Wong MY (1992) Orthogonal defect classification-a concept for in-process measurements. IEEE Transactions on software Engineering 18(11):943–956 DOI: 10.1109/32.177364
ci4rail (2022) Computing Intelligence for Rail and Public Transport Last Accessed: 2022. http://www.ci4rail.com
Cinque M, Cotroneo D, Kalbarczyk Z, Iyer RK (2007) How do mobile phones fail? a failure data analysis of symbian os smart phones. In: 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’07), IEEE pp. 585–594
Cloud Native Computing Foundation (2023) Last Accessed: 2023. https://github.com/containerd/containerd
Clound Native Computing Foundation: Last Accessed: 2022. https://www.cncf.io/
Common Vulnerability Scoring System (2022) Last Accessed: 2022. https://www.first.org/cvss/
Cottrell K, Bose DB, Shahriar H, Rahman A (2021) An empirical study of vulnerabilities in robotics. In: 2021 IEEE 45th Annual Computers, Software, and Applications Conference (COMPSAC), pp. 735–744. https://doi.org/10.1109/COMPSAC51774.2021.00105
CVE Numbering Authorities (CNA) (2022) Last Accessed: 2022. https://www.cve.org/ProgramOrganization/CNAs
Dai H, Murphy C, Kaiser G (2010) Configuration fuzzing for software vulnerability detection. In: 2010 International Conference on Availability, Reliability and Security, pp. 525–530. IEEE
Dai H, Murphy C, Kaiser GE (2012) Confu: Configuration fuzzing testing framework for software vulnerability detection. In: Security-Aware Systems Applications and Software Development Methods, IGI Global pp. 152–167
De Angelis G, Bertolino A, Polini A (2011) (role) cast: A framework for on-line service testing. In: International Conference on Web Information Systems and Technologies, vol. 2, pp. 13–18. SCITEPRESS
Dempsey K, Shah, N, Arnold C, Johnston JR, Jones AC, Orebaugh A, Scholl M, Stine K (2022) NIST Special Publication 800-137 Information Security. Last Accessed: 2022. https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-137.pdf
Elder S, Zahan N, Shu R, Metro M, Kozarev V, Menzies T, Williams L (2022) Do I really need all this work to find vulnerabilities? Empirical Software Engineering 27(6):154. 10.1007/s10664-022-10179-6 DOI: 10.1007/s10664-022-10179-6
Fabric8 Maven Plugin: Last Accessed: 2022. https://maven.fabric8.io
Fayad M, Schmidt DC (1997) Object-oriented application frameworks. Commun. ACM 40(10):32–38. 10.1145/262793.262798 DOI: 10.1145/262793.262798
Felderer M, Büchler M, Johns M, Brucker AD, Breu R, Pretschner A (2016) Security testing: A survey. Advances in Computers, Elsevier 101:1–51 DOI: 10.1016/bs.adcom.2015.11.003
Fink G, Bishop M (1997) Property-based testing: A new approach to testing for assurance. SIGSOFT Softw. Eng. Notes 22(4):74–80. 10.1145/263244.263267 DOI: 10.1145/263244.263267
Fisher RA (1922) On the interpretation of x2 from contingency tables, and the calculation of p. Journal of the Royal Statistical Society 85(1):87–94 DOI: 10.2307/2340521
Murphy G (2023) Asset Tracking - Living on the Edge Last Accessed: 2023. https://www.iottechnews.com/news/2022/nov/09/asset-tracking-living-on-the-edge/
Gazzola L Mariani L Pastore F, Pezze M (2017) An exploratory study of field failures. In: 2017 IEEE 28th International Symposium on Software Reliability Engineering (ISSRE), IEEE pp. 67–77
Google (2022) Go lang Last Accessed: 2022. https://go.dev
Gopalakrishna N, Anandayuvaraj D, Detti A, Bland F, Rahaman S, Davis JC (2022) “if security is required”: Engineering and security practices for machine learning-based iot devices. In: 2022 IEEE/ACM 4th International Workshop on Software Engineering Research and Practices for the IoT (SERP4IoT), pp. 1–8. IEEE Computer Society, Los Alamitos, CA, USA. 10.1145/3528227.3528565
Hagar JD (2002) IoT System Testing: An IoT Journey from Devices to Analytics and the Edge. Apress
Honnef D (2022) Staticcheck: static analysis tool for the go programming language. Last Accessed: 2022. “ https://staticcheck.io/ "
Huawei (2022) Last Accessed: 2022. http://www.huawei.com
Hui ZW, Huang S, Ji MY (2016) A runtime-testing method for integer overflow detection based on metamorphic relations. Journal of Intelligent & Fuzzy Systems 31(4):2349–2361 DOI: 10.3233/JIFS-169076
Invicti (2022) Acunetix. Last Accessed: 2022. https://www.acunetix.com/plp/web-vulnerability-scanner/?utm_term=acunetix&utm_campaign=1077471751&utm_content=55423374169&utm_source=Adwords&utm_medium=cpc&gclid=EAIaIQobChMIjbm99ZTI9gIVgxoGAB1IsAK3EAAYASAAEgJo0PD_BwE
ISO/IEC/IEEE International Standard - Systems and software engineering–Vocabulary (2017) ISO/IEC/IEEE 24765:2017(E) pp. 1–541. https://doi.org/10.1109/IEEESTD.2017.8016712
Jin X, Katsis C, Sang F, Sun J, Kundu A, Kompella R (2022) Edge security: Challenges and issues. arXiv:1048550/ARXIV.2206.07164
K3OS (2022) K3OS Automated Test Suite. Last Accessed: 2022. https://github.com/rancher/k3os/blob/master/scripts/test
K3OS (2022a)K3OS Edge Computing Framework. Last Accessed: 2022. https://k3os.io/
Koziol J (2010) Charlie Miller Reveals His Process for Security Research. https://resources.infosecinstitute.com/topic/how-charlie-miller-does-research/
Kube-score (2022) Static code analysis for kubernetes object definitions. Last Accessed: 2022. https://kube-score.com/
KubeEdge (2022) KubeEdge Deployment using Keadm. Last Accessed: 2022. https://kubeedge.io/en/docs/setup/keadm/
KubeEdge (2022a) KubeEdge Development Process. Last Accessed: 2022. https://kubeedge-docs.readthedocs.io/en/latest/getting-started/contribute.html
KubeEdge (2022b) KubeEdge Edge Computing Framework. Last Accessed: 2022. https://kubeedge.io/en/
KubeEdge (2022c) KubeEdge End-To-End Test Suite Last Accessed: 2022. https://github.com/kubeedge/kubeedge/tree/master/tests/e2e
KubeEdge (2023) KubeEdge GitHub issue tracker Last Accessed: 2022. https://github.com/kubeedge/kubeedge/issues
KubeEdge (2023a) KubeEdge Integration Test Suite Last Accessed: 2022. https://github.com/kubeedge/kubeedge/tree/master/tests/integration
KubeEdge (2023b) KubeEdge Issue 1017 Last Accessed: 2022. https://github.com/kubeedge/kubeedge/issues/1017
KubeEdge (2023c) KubeEdge Issue 1736 Last Accessed: 2022. https://github.com/kubeedge/kubeedge/issues/1736
KubeEdge (2023d) KubeEdge Security Team Last Accessed: 2022. https://github.com/kubeedge/community/tree/master/security-team
KubeEdge (2023e) KubeEdge Sig-Security Team Last Accessed: 2022. https://github.com/kubeedge/community/tree/master/sig-security
KubeEdge Edge framework examples (2022) KubeEdge Last Accessed: 2022. https://kubeedge.io/en/docs/developer/device:crd/
Kubernetes (2022) Kubernetes pods Last Accessed: 2022. https://kubernetes.io/docs/concepts/workloads/pods/
Kubernetes (2022a) Kubernetes Security Special Interest Group Last Accessed: 2022. https://github.com/kubernetes/community/tree/master/sig-security
Kubernetes (2022b) Logging in Kubernetes Last Accessed: 2022. https://github.com/kubernetes/community/blob/master/contributors/devel/sig-instrumentation/logging.md
Kubernetes (2022c) Open-source system for automating deployment, scaling, and management of containerized applications Last Accessed: 2022. https://kubernetes.io
Kubernetes (2023) Test Report on KubeEdge’ Support for 100,000 Edge Nodes Last Accessed: 2022. https://kubeedge.io/en/blog/scalability-test-report/
Linares-Vásquez M, Bavota G, Escobar-Velásquez C (2017) An empirical study on android-related vulnerabilities. In: 2017 IEEE/ACM 14th International Conference on Mining Software Repositories (MSR), pp. 2–13. https://doi.org/10.1109/MSR.2017.60
Linux foundation (2022) Last Accessed: 2022. https://www.kernel.org/
Luxembourg National Research Fund (2022) INSTRUCT - INtegrated Satellite - TeRrestrial Systems for Ubiquitous Beyond 5G CommunicaTions Last Accessed: 2022. https://instruct-ipbg.uni.lu/
Mai PX, Gokni A, Shar LK, Pastore F, Briand LC, Shaame S (2018) Modeling security and privacy requirements: a use case-driven approach. Information and Software Technology 100:165–182 DOI: 10.1016/j.infsof.2018.04.007
Mai PX, Pastore F, Goknil A, Briand LC (2019) MCP: A security testing tool driven by requirements. In: ICSE’19, pp. 55–58. https://doi.org/10.1109/ICSE-Companion.2019.00037
MainFlux (2022) Consulting and Security Audits Last Accessed: 2022. https://mainflux.com/consulting.html
Mainflux (2022a) Mainflux Last Accessed: 2022. https://github.com/mainflux/mainflux/issues
MainFlux (2022b) Mainflux Benchmark Last Accessed: 2022. https://github.com/mainflux/benchmark
Mainflux Framework (2022) Mainflux Last Accessed: 2022. https://mainflux.com/
Malik J, Pastore F (2023) Replicability package Last Accessed: 2023. https://doi.org/10.5281/zenodo.7826981
Manes VJ, Han H, Han C, Cha SK, Egele M, Schwartz EJ, Woo M (2021) The Art, Science, and Engineering of Fuzzing: A Survey. IEEE Transactions on Software Engineering 47(11):2312–2331. 10.1109/TSE.2019.2946563 DOI: 10.1109/TSE.2019.2946563
Mazuera-Rozo A, Bautista-Mora J, Linares-Vásquez M, Rueda S, Bavota G (2019) The android os stack and its vulnerabilities: an empirical study. Empirical Software Engineering 24(4):2056–2101 DOI: 10.1007/s10664-019-09689-7
Metasploit (2022) Metasploit edge computing framework Last Accessed: 2022. https://www.metasploit.com
Microsoft (2022) Accelerating IoT solution development and testing with Azure IoT Device Simulation Last Accessed: 2022. https://azure.microsoft.com/pl-pl/blog/accelerating-iot-solution-development-and-testing-with-azure-iot-device-simulation/
Microsoft (2022) Visual Studio Code Kubernetes Tools Last Accessed: 2022. https://marketplace.visualstudio.com/items?itemName=ms-kubernetes-tools.vscode-kubernetes-tools
MITRE (2022) Last Accessed: 2022. https://github.com/kubeedge/kubeedge/issues/2362
MITRE (2022a) Common Vulnerabilities and Exposures project Last Accessed: 2022. https://cve.mitre.org/cve/
MITRE (2022) Common Weaknesses Enumeration project Last Accessed: 2022. https://cwe.mitre.org
MITRE Corporation (2022) Last Accessed: 2022. https://www.mitre.org
MITRE: CVE-2014-5278 (2022) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5278
MITRE: CVE-2019-11252 (2022) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11252
MITRE: CVE-2020-13597 (2022) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13597
MITRE: CVE-2020-15157 (2022) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15157
MITRE:CVE-2020-2211 (2022) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2211
MITRE: CVE-2020-28914 (2023) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28914
MITRE: CVE-2020-35514 (2023) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35514
MITRE: CVE-2020-8557 (2023) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8557
MITRE: CVE-2020-8558 (2023) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8558
MITRE: CVE-2020-8559 (2022) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8559
MITRE: CVE-2020-8563 (2022) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8563
MITRE: CVE-2020-8565 (2022) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8565
MITRE: CVE-2020-8566 (2022) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8566
MITRE: CVE-2021-20218 (2022) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20218
MITRE: CVE-2021-21251 (2022) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21251
MITRE: CVE-2021-21334 (2022) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21334
MITRE: CVE-2021-25737 (2022) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25737
MITRE: CVE-2021-28166 (2022) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28166
MITRE: CVE-2021-28448 (2022) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28448
MITRE: CVE-2021-31938 (2022) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31938
MITRE: CVE-2021-32783 (2022) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32783
MITRE: CVE-2021-34431 (2002) CVE-2021-34431 Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34431
MITRE: CVE-2021-3499 (2022) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3499
MITRE: CVE-2021-38545 (2022) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38545
MITRE: VE-2021-39159 (2022) Last Accessed: 2022. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39159
Mosenia A, Jha NK (2017) A comprehensive study of security of internet-of-things. IEEE Transactions on Emerging Topics in Computing 5(4):586–602. 10.1109/TETC.2016.2606384 DOI: 10.1109/TETC.2016.2606384
Mosquitto (2022) Last Accessed: 2022. https://mosquitto.org
Mozilla foundation (2022) Last Accessed: 2022. https://www.mozilla.org
MQTT (2022) Last Accessed: 2022. https://mqtt.org/
Nassi B, Pirutin Y, Galor T, Elovici Y, Zadov B (2021) Glowworm attack: Optical tempest sound recovery via a device’s power indicator led. In: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, CCS ’21, p. 1900-1914. Association for Computing Machinery, New York, NY, USA. 10.1145/3460120.3484775
National Vulnerability Database (2022) Last Accessed: 2022. https://nvd.nist.gov
OWASP (2022) OWASp Top Ten. Last Accessed: 2022. https://owasp.org/www-project-top-ten/
Rancher (2022) Rancher container management Last Accessed: 2022. https://rancher.com/
SES Luxembourg (2022) SES broadcasting services Last Accessed: 2022. https://www.ses.com/find-service/broadcasters
SES Luxembourg (2022a) SES connectivity for commercial aviation Last Accessed: 2022. https://www.ses.com/find-service/commercial-aviation
SES Luxembourg (2022b) SES connectivity for commercial maritime Last Accessed: 2022. https://www.ses.com/find-service/commercial-maritime
SES Luxembourg (2023) SES, leading satellite operator Last Accessed: 2022. https://ses.com/
Shabtai A, Elovici Y, Rokach L (2012) A Survey of Data Leakage Detection and Prevention Solutions. Springer Publishing Company, Incorporated
SonarQube (2022) Last Accessed: 2022. https://www.sonarqube.org/
Sonarsource (2022) Sonarsource tools for GO Last Accessed: 2022. “ https://rules.sonarsource.com/go ”
Stankovic JA (2014) Research directions for the internet of things. IEEE internet of things journal 1(1):3–9 DOI: 10.1109/JIOT.2014.2312291
Suse (2022) Suse software Last Accessed: 2022. https://www.suse.com
Tabrizchi H, Kuchaki Rafsanjani M (2020) A survey on security challenges in cloud computing: issues, threats, and solutions. The journal of supercomputing 76(12):9493–9532 DOI: 10.1007/s11227-020-03213-1
The Chief I/O (2022) 7 Static Analysis Tools to Secure and Build Stable Kubernetes Clusters Last Accessed: 2022. https://thechief.io/c/editorial/7-static-analysis-tools-to-secure-and-build-stable-kubernetes-clusters/
Todd Erdley (2023) How Edge Computing Unleashes Innovation in Live Streaming? Last Accessed: 2023. https://www.tvtechnology.com/opinion/how-edge-computing-unleashes-innovation-in-live-streaming
VerneMQ Broker (2022) Vernemq Last Accessed: 2022. https://vernemq.com/
Xiao Y, Jia Y, Liu C, Cheng X, Yu J, Lv W (2019) Edge computing security: State of the art and challenges. Proceedings of the IEEE 107(8):1608–1631. 10.1109/JPROC.2019.2918437 DOI: 10.1109/JPROC.2019.2918437
Yomo Framework (2022) Yomo Last Accessed: 2022. https://yomo.run/
Zahid M, Inayat I, Daneva M, Mehmood Z (2021) Security risks in cyber physical systems-a systematic mapping study. Journal of Software: Evolution and Process 33(9):e2346. 10.1002/smr.2346 DOI: 10.1002/smr.2346
Zalewski M (20202) American Fuzzy Lop: a security-oriented fuzzer. http://lcamtuf.coredump.cx/afl/
Zaman S, Adams B, Hassan AE (2011) Security versus performance bugs: A case study on firefox. In: Proceedings of the 8th Working Conference on Mining Software Repositories, MSR ’11, p. 93-102. Association for Computing Machinery, New York, NY, USA. 10.1145/1985441.1985457
Zetta (2022) Zetta Automated Test Suite Last Accessed: 2022. https://github.com/zettajs/zetta/tree/master/test
Zetta (2022a) Zetta Edge Computing Framework Last Accessed: 2022. https://github.com/zettajs/zetta/wiki/Overview
Zetta (2022b) Zetta GitHub bug reports Last Accessed: 2022. https://github.com/zettajs/zetta/issues
Zetta (2023) Zetta Issue 335 Last Accessed: 2022. https://github.com/zettajs/zetta/issues/335
Zetta Edge framework examples (2022) Last Accessed: 2022. https://www.zettajs.org/projects/
Zhang J (2004) An approach to facilitate reliability testing of web services components. In: 15th International Symposium on Software Reliability Engineering, IEEE pp. 210–218
