Our main aim is to model the attack surface in the Open Source Software Supply Chain scenario. The graph presented is an attack tree. The main features of an attack tree are:
Please, feel free to play with the attack graph.
Our main goal is to conduct a survey to assess our taxonomy and collect feedback on our modelization. We have designed two types of surveys: