{"id":"https://openalex.org/W4415034651","doi":"https://doi.org/10.1109/scam67354.2025.00018","title":"FaaSGuard: Secure CI/CD for Serverless Applications \u2013 An OpenFaaS Case Study","display_name":"FaaSGuard: Secure CI/CD for Serverless Applications \u2013 An OpenFaaS Case Study","publication_year":2025,"publication_date":"2025-09-08","ids":{"openalex":"https://openalex.org/W4415034651","doi":"https://doi.org/10.1109/scam67354.2025.00018"},"language":"en","primary_location":{"id":"doi:10.1109/scam67354.2025.00018","is_oa":false,"landing_page_url":"https://doi.org/10.1109/scam67354.2025.00018","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE International Conference on Source Code Analysis &amp;amp; Manipulation (SCAM)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5042574095","display_name":"Amine Barrak","orcid":"https://orcid.org/0000-0002-0046-2454"},"institutions":[{"id":"https://openalex.org/I177721651","display_name":"Oakland University","ror":"https://ror.org/01ythxj32","country_code":"US","type":"education","lineage":["https://openalex.org/I177721651"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Amine Barrak","raw_affiliation_strings":["Oakland University,Department of Computer Science and Engineering,Rochester,MI,USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Oakland University,Department of Computer Science and Engineering,Rochester,MI,USA","institution_ids":["https://openalex.org/I177721651"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5116335571","display_name":"Emna Ksontini","orcid":null},"institutions":[{"id":"https://openalex.org/I153901656","display_name":"University of North Carolina Wilmington","ror":"https://ror.org/02t0qr014","country_code":"US","type":"education","lineage":["https://openalex.org/I153901656"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Emna Ksontini","raw_affiliation_strings":["University of North Carolina Wilmington,Wilmington,NC,USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of North Carolina Wilmington,Wilmington,NC,USA","institution_ids":["https://openalex.org/I153901656"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5119937872","display_name":"Ridouane Atike","orcid":null},"institutions":[{"id":"https://openalex.org/I104914703","display_name":"Universit\u00e9 du Qu\u00e9bec \u00e0 Chicoutimi","ror":"https://ror.org/00y3hzd62","country_code":"CA","type":"education","lineage":["https://openalex.org/I104914703","https://openalex.org/I49663120"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Ridouane Atike","raw_affiliation_strings":["University of Quebec at Chicoutimi,Chicoutimi,Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Quebec at Chicoutimi,Chicoutimi,Canada","institution_ids":["https://openalex.org/I104914703"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5030108374","display_name":"Fehmi Jaafar","orcid":null},"institutions":[{"id":"https://openalex.org/I104914703","display_name":"Universit\u00e9 du Qu\u00e9bec \u00e0 Chicoutimi","ror":"https://ror.org/00y3hzd62","country_code":"CA","type":"education","lineage":["https://openalex.org/I104914703","https://openalex.org/I49663120"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Fehmi Jaafar","raw_affiliation_strings":["University of Quebec at Chicoutimi,Chicoutimi,Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Quebec at Chicoutimi,Chicoutimi,Canada","institution_ids":["https://openalex.org/I104914703"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":2.2161,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.90373219,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":91,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"110","last_page":"115"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11181","display_name":"Advanced Data Storage Technologies","score":0.9805999994277954,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11181","display_name":"Advanced Data Storage Technologies","score":0.9805999994277954,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/pipeline","display_name":"Pipeline (software)","score":0.5212000012397766},{"id":"https://openalex.org/keywords/ephemeral-key","display_name":"Ephemeral key","score":0.4740000069141388},{"id":"https://openalex.org/keywords/bridge","display_name":"Bridge (graph theory)","score":0.4575999975204468},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.42820000648498535},{"id":"https://openalex.org/keywords/resource","display_name":"Resource (disambiguation)","score":0.3752000033855438},{"id":"https://openalex.org/keywords/resource-management","display_name":"Resource management (computing)","score":0.3160000145435333}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7857999801635742},{"id":"https://openalex.org/C43521106","wikidata":"https://www.wikidata.org/wiki/Q2165493","display_name":"Pipeline (software)","level":2,"score":0.5212000012397766},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4977000057697296},{"id":"https://openalex.org/C76947770","wikidata":"https://www.wikidata.org/wiki/Q4533181","display_name":"Ephemeral key","level":2,"score":0.4740000069141388},{"id":"https://openalex.org/C100776233","wikidata":"https://www.wikidata.org/wiki/Q2532492","display_name":"Bridge (graph theory)","level":2,"score":0.4575999975204468},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.42820000648498535},{"id":"https://openalex.org/C206345919","wikidata":"https://www.wikidata.org/wiki/Q20380951","display_name":"Resource (disambiguation)","level":2,"score":0.3752000033855438},{"id":"https://openalex.org/C2780609101","wikidata":"https://www.wikidata.org/wiki/Q17156588","display_name":"Resource management (computing)","level":2,"score":0.3160000145435333},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.3131999969482422},{"id":"https://openalex.org/C2986045029","wikidata":"https://www.wikidata.org/wiki/Q294240","display_name":"Public security","level":2,"score":0.2815999984741211},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.27720001339912415},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.2662999927997589},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.259799987077713}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/scam67354.2025.00018","is_oa":false,"landing_page_url":"https://doi.org/10.1109/scam67354.2025.00018","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE International Conference on Source Code Analysis &amp;amp; Manipulation (SCAM)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":24,"referenced_works":["https://openalex.org/W2763095368","https://openalex.org/W2970994372","https://openalex.org/W3012914409","https://openalex.org/W3155888300","https://openalex.org/W3166416521","https://openalex.org/W3178064249","https://openalex.org/W3179934812","https://openalex.org/W3193569759","https://openalex.org/W3195255266","https://openalex.org/W3202324008","https://openalex.org/W3212224036","https://openalex.org/W4283787764","https://openalex.org/W4288357434","https://openalex.org/W4312221128","https://openalex.org/W4313889498","https://openalex.org/W4315480688","https://openalex.org/W4320881594","https://openalex.org/W4390229293","https://openalex.org/W4401247868","https://openalex.org/W4402603146","https://openalex.org/W4404371157","https://openalex.org/W4405218909","https://openalex.org/W4405237797","https://openalex.org/W4405448803"],"related_works":[],"abstract_inverted_index":{"Serverless":[0],"computing":[1],"significantly":[2],"alters":[3],"software":[4],"development":[5,88],"by":[6],"abstracting":[7],"infrastructure":[8],"management":[9],"and":[10,29,55,93,103,130,138],"enabling":[11],"rapid,":[12],"modular,":[13],"event-driven":[14],"deployments.":[15],"Despite":[16],"its":[17],"benefits,":[18],"the":[19,49,87],"distinct":[20],"characteristics":[21],"of":[22,48,86],"serverless":[23,74,118],"functions,":[24],"such":[25,97],"as":[26,98],"ephemeral":[27],"execution":[28],"fine-grained":[30],"scalability,":[31],"pose":[32],"unique":[33],"security":[34,57,81],"challenges,":[35],"particularly":[36],"in":[37],"open-source":[38,73],"platforms":[39],"like":[40],"OpenFaaS.":[41],"Existing":[42],"approaches":[43],"typically":[44],"address":[45],"isolated":[46],"phases":[47],"DevSecOps":[50,68],"lifecycle,":[51],"lacking":[52],"an":[53],"integrated":[54],"comprehensive":[56],"strategy.":[58],"To":[59],"bridge":[60],"this":[61],"gap,":[62],"we":[63],"propose":[64],"FaaSGuard,":[65],"a":[66,112],"unified":[67],"pipeline":[69],"explicitly":[70],"designed":[71],"for":[72],"environments.":[75],"FaaSGuard":[76,127],"systematically":[77],"embeds":[78],"lightweight,":[79],"fail-closed":[80],"checks":[82],"into":[83],"every":[84],"stage":[85],"lifecycle\u2014planning,":[89],"coding,":[90],"building,":[91],"deployment,":[92],"monitoring\u2014effectively":[94],"addressing":[95],"threats":[96],"injection":[99],"attacks,":[100],"hard-coded":[101],"secrets,":[102],"resource":[104],"exhaustion.":[105],"We":[106],"validate":[107],"our":[108],"approach":[109],"empirically":[110],"through":[111],"case":[113],"study":[114],"involving":[115],"20":[116],"real-world":[117],"functions":[119],"from":[120],"public":[121],"GitHub":[122],"repositories.":[123],"Results":[124],"indicate":[125],"that":[126],"effectively":[128],"detects":[129],"prevents":[131],"critical":[132],"vulnerabilities,":[133],"demonstrating":[134],"high":[135],"precision":[136],"(95%)":[137],"recall":[139],"(91%)":[140],"without":[141],"significant":[142],"disruption":[143],"to":[144],"established":[145],"CI/CD":[146],"practices.":[147]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}