{"id":"https://openalex.org/W7104639863","doi":"https://doi.org/10.1145/3757348.3757351","title":"Experimenting with Security Compliance Checking using ReFrame","display_name":"Experimenting with Security Compliance Checking using ReFrame","publication_year":2025,"publication_date":"2025-05-04","ids":{"openalex":"https://openalex.org/W7104639863","doi":"https://doi.org/10.1145/3757348.3757351"},"language":null,"primary_location":{"id":"doi:10.1145/3757348.3757351","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3757348.3757351","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3757348.3757351","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Cray User Group","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3757348.3757351","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Victor Holanda Rusu","orcid":"https://orcid.org/0009-0003-4796-611X"},"institutions":[{"id":"https://openalex.org/I4391767926","display_name":"CSCS - Swiss National Supercomputing Centre","ror":"https://ror.org/04rzmms09","country_code":null,"type":"facility","lineage":["https://openalex.org/I2799323385","https://openalex.org/I35440088","https://openalex.org/I4391767926"]},{"id":"https://openalex.org/I59105498","display_name":"Swisscom (Switzerland)","ror":"https://ror.org/04t1f4f50","country_code":"CH","type":"company","lineage":["https://openalex.org/I59105498"]}],"countries":["CH"],"is_corresponding":true,"raw_author_name":"Victor Holanda Rusu","raw_affiliation_strings":["Swiss National Supercomputing Centre, Lugano, Switzerland"],"raw_orcid":"https://orcid.org/0009-0003-4796-611X","affiliations":[{"raw_affiliation_string":"Swiss National Supercomputing Centre, Lugano, Switzerland","institution_ids":["https://openalex.org/I59105498","https://openalex.org/I4391767926"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Matteo Basso","orcid":"https://orcid.org/0009-0000-6525-4931"},"institutions":[{"id":"https://openalex.org/I4391767926","display_name":"CSCS - Swiss National Supercomputing Centre","ror":"https://ror.org/04rzmms09","country_code":null,"type":"facility","lineage":["https://openalex.org/I2799323385","https://openalex.org/I35440088","https://openalex.org/I4391767926"]},{"id":"https://openalex.org/I59105498","display_name":"Swisscom (Switzerland)","ror":"https://ror.org/04t1f4f50","country_code":"CH","type":"company","lineage":["https://openalex.org/I59105498"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Matteo Basso","raw_affiliation_strings":["Swiss National Supercomputing Centre, Lugano, Switzerland"],"raw_orcid":"https://orcid.org/0009-0000-6525-4931","affiliations":[{"raw_affiliation_string":"Swiss National Supercomputing Centre, Lugano, Switzerland","institution_ids":["https://openalex.org/I59105498","https://openalex.org/I4391767926"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Chris Gamboni","orcid":"https://orcid.org/0009-0007-3208-4412"},"institutions":[{"id":"https://openalex.org/I4391767926","display_name":"CSCS - Swiss National Supercomputing Centre","ror":"https://ror.org/04rzmms09","country_code":null,"type":"facility","lineage":["https://openalex.org/I2799323385","https://openalex.org/I35440088","https://openalex.org/I4391767926"]},{"id":"https://openalex.org/I59105498","display_name":"Swisscom (Switzerland)","ror":"https://ror.org/04t1f4f50","country_code":"CH","type":"company","lineage":["https://openalex.org/I59105498"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Chris Gamboni","raw_affiliation_strings":["Swiss National Supercomputing Centre, Lugano, Switzerland"],"raw_orcid":"https://orcid.org/0009-0007-3208-4412","affiliations":[{"raw_affiliation_string":"Swiss National Supercomputing Centre, Lugano, Switzerland","institution_ids":["https://openalex.org/I59105498","https://openalex.org/I4391767926"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Fabio Zambrino","orcid":"https://orcid.org/0009-0003-9153-0145"},"institutions":[{"id":"https://openalex.org/I4391767926","display_name":"CSCS - Swiss National Supercomputing Centre","ror":"https://ror.org/04rzmms09","country_code":null,"type":"facility","lineage":["https://openalex.org/I2799323385","https://openalex.org/I35440088","https://openalex.org/I4391767926"]},{"id":"https://openalex.org/I59105498","display_name":"Swisscom (Switzerland)","ror":"https://ror.org/04t1f4f50","country_code":"CH","type":"company","lineage":["https://openalex.org/I59105498"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Fabio Zambrino","raw_affiliation_strings":["Swiss National Supercomputing Centre, Lugano, Switzerland"],"raw_orcid":"https://orcid.org/0009-0003-9153-0145","affiliations":[{"raw_affiliation_string":"Swiss National Supercomputing Centre, Lugano, Switzerland","institution_ids":["https://openalex.org/I59105498","https://openalex.org/I4391767926"]}]},{"author_position":"last","author":{"id":null,"display_name":"Massimo Benini","orcid":"https://orcid.org/0009-0009-1294-0052"},"institutions":[{"id":"https://openalex.org/I4391767926","display_name":"CSCS - Swiss National Supercomputing Centre","ror":"https://ror.org/04rzmms09","country_code":null,"type":"facility","lineage":["https://openalex.org/I2799323385","https://openalex.org/I35440088","https://openalex.org/I4391767926"]},{"id":"https://openalex.org/I59105498","display_name":"Swisscom (Switzerland)","ror":"https://ror.org/04t1f4f50","country_code":"CH","type":"company","lineage":["https://openalex.org/I59105498"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Massimo Benini","raw_affiliation_strings":["Swiss National Supercomputing Centre, Lugano, Switzerland"],"raw_orcid":"https://orcid.org/0009-0009-1294-0052","affiliations":[{"raw_affiliation_string":"Swiss National Supercomputing Centre, Lugano, Switzerland","institution_ids":["https://openalex.org/I59105498","https://openalex.org/I4391767926"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I4391767926","https://openalex.org/I59105498"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.75952897,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"19","last_page":"26"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.8481000065803528,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.8481000065803528,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.07649999856948853,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10772","display_name":"Distributed systems and fault tolerance","score":0.006899999920278788,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.621999979019165},{"id":"https://openalex.org/keywords/workflow","display_name":"Workflow","score":0.5519999861717224},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.517300009727478},{"id":"https://openalex.org/keywords/cognitive-reframing","display_name":"Cognitive reframing","score":0.4551999866962433},{"id":"https://openalex.org/keywords/compliance","display_name":"Compliance (psychology)","score":0.4092000126838684},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.4041999876499176},{"id":"https://openalex.org/keywords/scale","display_name":"Scale (ratio)","score":0.37610000371932983},{"id":"https://openalex.org/keywords/work","display_name":"Work (physics)","score":0.3709999918937683},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.35839998722076416}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7718999981880188},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.621999979019165},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5942999720573425},{"id":"https://openalex.org/C177212765","wikidata":"https://www.wikidata.org/wiki/Q627335","display_name":"Workflow","level":2,"score":0.5519999861717224},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.517300009727478},{"id":"https://openalex.org/C187029079","wikidata":"https://www.wikidata.org/wiki/Q958679","display_name":"Cognitive reframing","level":2,"score":0.4551999866962433},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.412200003862381},{"id":"https://openalex.org/C2781460075","wikidata":"https://www.wikidata.org/wiki/Q1399332","display_name":"Compliance (psychology)","level":2,"score":0.4092000126838684},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.4041999876499176},{"id":"https://openalex.org/C2778755073","wikidata":"https://www.wikidata.org/wiki/Q10858537","display_name":"Scale (ratio)","level":2,"score":0.37610000371932983},{"id":"https://openalex.org/C18762648","wikidata":"https://www.wikidata.org/wiki/Q42213","display_name":"Work (physics)","level":2,"score":0.3709999918937683},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.35839998722076416},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.3513000011444092},{"id":"https://openalex.org/C13159133","wikidata":"https://www.wikidata.org/wiki/Q365674","display_name":"Security engineering","level":5,"score":0.3465000092983246},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.3292999863624573},{"id":"https://openalex.org/C114869243","wikidata":"https://www.wikidata.org/wiki/Q133735","display_name":"Security through obscurity","level":5,"score":0.3269999921321869},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.3147999942302704},{"id":"https://openalex.org/C77109596","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Application security","level":5,"score":0.2994999885559082},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.2980000078678131},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.29679998755455017},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.28850001096725464},{"id":"https://openalex.org/C86844869","wikidata":"https://www.wikidata.org/wiki/Q2798820","display_name":"Hacker","level":2,"score":0.2831999957561493},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.2831000089645386},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.273499995470047},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.27000001072883606},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.26600000262260437}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3757348.3757351","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3757348.3757351","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3757348.3757351","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Cray User Group","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3757348.3757351","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3757348.3757351","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3757348.3757351","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Cray User Group","raw_type":"proceedings-article"},"sustainable_development_goals":[{"score":0.6460678577423096,"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9"}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W7104639863.pdf"},"referenced_works_count":2,"referenced_works":["https://openalex.org/W2895149331","https://openalex.org/W3013717548"],"related_works":[],"abstract_inverted_index":{"Security":[0],"compliance":[1,26,63,74,106,175],"is":[2],"a":[3,50,86,90],"growing":[4],"concern":[5],"in":[6,56,98,174],"High-Performance":[7],"Computing":[8],"(HPC)":[9],"environments,":[10],"where":[11],"the":[12,36,46,66,99,168],"complexity":[13],"and":[14,60,101,126,135,143,166],"scale":[15],"of":[16,38,48,114],"infrastructure":[17],"pose":[18],"unique":[19],"challenges":[20],"to":[21,158],"maintaining":[22],"system":[23,109,124],"integrity.":[24],"Traditional":[25],"tools":[27,154],"are":[28],"often":[29],"seen":[30],"as":[31],"intrusive":[32],"or":[33],"disconnected":[34],"from":[35],"workflows":[37],"HPC":[39],"engineers.":[40],"In":[41],"this":[42],"work,":[43],"we":[44,70],"explore":[45],"use":[47],"ReFrame,":[49],"regression":[51],"testing":[52],"framework":[53],"widely":[54],"adopted":[55],"HPC,":[57],"for":[58,170],"implementing":[59],"managing":[61],"security":[62,88,95,121,161],"checks.":[64],"Leveraging":[65],"community-maintained":[67],"ComplianceAsCode":[68],"project,":[69],"generate":[71],"portable,":[72],"programmable":[73],"tests":[75],"that":[76,92,116],"integrate":[77],"seamlessly":[78],"into":[79,107],"existing":[80],"engineering":[81],"practices.":[82],"Our":[83],"approach":[84],"enables":[85],"shift-left":[87],"model,":[89],"practice":[91],"advocates":[93],"moving":[94],"considerations":[96],"earlier":[97],"development":[100],"deployment":[102],"pipeline,":[103],"by":[104],"embedding":[105],"routine":[108],"validation,":[110],"promoting":[111],"early":[112],"detection":[113],"misconfigurations":[115],"may":[117],"impact":[118],"not":[119],"only":[120],"but":[122],"also":[123],"performance":[125,141],"reliability.":[127],"We":[128],"evaluate":[129],"our":[130],"implementation":[131],"on":[132],"RHEL":[133],"9.5":[134],"openSUSE":[136],"Leap":[137],"15.4,":[138],"demonstrating":[139],"minimal":[140],"overhead":[142],"strong":[144],"alignment":[145],"with":[146],"OSCAP":[147],"results.":[148],"This":[149],"work":[150],"illustrates":[151],"how":[152],"familiar":[153],"can":[155],"be":[156],"extended":[157],"meet":[159],"evolving":[160],"needs":[162],"without":[163],"compromising":[164],"usability,":[165],"sets":[167],"foundation":[169],"future":[171],"community-driven":[172],"enhancements":[173],"automation.":[176]},"counts_by_year":[],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-11-11T00:00:00"}