Objective A popular form of software reuse involves linking open source software (OSS) libraries hosted on centralized code repositories, such as Maven or PyPI. Developers only need to declare dependencies to external libraries, and automated tools make them available to the workspace of the project. As recent events such as the LeftPad incident, which led to hundreds of thousands of websites to stop working, and the Equifax data breach, which led to a leak of hundreds of thousands of credit card numbers, have demonstrated, dependencies on networks of external libraries can introduce to projects significant operational and compliance risks as well as difficult to assess security implications. Solving these problems would boost the efficiency and production quality of software development companies by allowing them to reuse OSS code with confidence, covering a large untapped potential. To address this situation, the FASTEN project introduces fine-grained, method-level, tracking of dependencies on top of existing dependency management networks. Specifically, the project will introduce a service that tracks dependencies at the method call-graph level and performs sophisticated analyses of i) security vulnerability propagation, ii) licensing compliance, and iii) dependency risk profiles. To facilitate adoption, FASTEN will bring those analyses to the hands of developers by integrating the analysis service to popular package managers, for the Java, C, and Python programming languages. The project consortium comprises world-leading experts on ecosystem analysis, graph processing, and software risk and compliance assessment, along with established OSS community integrators and managers. Fields of science natural sciencescomputer and information sciencessoftwaresoftware developmentnatural sciencesbiological sciencesecologyecosystems Keywords Software Ecosystems Package Managers Graphs Program Analysis Call graphs Programme(s) H2020-EU.2.1.1. - INDUSTRIAL LEADERSHIP - Leadership in enabling and industrial technologies - Information and Communication Technologies (ICT) Main Programme Topic(s) ICT-16-2018 - Software Technologies Call for proposal H2020-ICT-2018-20 See other projects for this call Sub call H2020-ICT-2018-2 Funding Scheme IA - Innovation action Coordinator TECHNISCHE UNIVERSITEIT DELFT Net EU contribution € 965 580,00 Address STEVINWEG 1 2628 CN Delft Netherlands See on map Region West-Nederland Zuid-Holland Delft en Westland Activity type Higher or Secondary Education Establishments Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Total cost € 965 580,00 Participants (6) Sort alphabetically Sort by Net EU contribution Expand all Collapse all ATHENS UNIVERSITY OF ECONOMICS AND BUSINESS - RESEARCH CENTER Greece Net EU contribution € 542 750,00 Address KEFALLINIAS STREET 46 11251 Athens See on map Region Αττική Aττική Κεντρικός Τομέας Αθηνών Activity type Higher or Secondary Education Establishments Links Contact the organisation Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Total cost € 542 750,00 UNIVERSITA DEGLI STUDI DI MILANO Italy Net EU contribution € 366 225,00 Address Via Festa Del Perdono 7 20122 Milano See on map Region Nord-Ovest Lombardia Milano Activity type Higher or Secondary Education Establishments Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Total cost € 366 225,00 XWIKI France Net EU contribution € 360 578,00 Address 4 RUE DU FAUBOURG POISSONNIERE 75010 Paris See on map SME The organization defined itself as SME (small and medium-sized enterprise) at the time the Grant Agreement was signed. Yes Region Ile-de-France Ile-de-France Paris Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Total cost € 515 111,43 HOVERTURE DEUTSCHLAND AG Germany Net EU contribution € 474 058,00 Address GERICHTSTRASSE 23, HOF 5, AUFGANG 6 13347 Berlin See on map Region Berlin Berlin Berlin Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Total cost € 677 225,71 SOFTWARE IMPROVEMENT GROUP BV Netherlands Net EU contribution € 397 470,00 Address FRED. ROESKESTRAAT 115 1076 EE Amsterdam See on map SME The organization defined itself as SME (small and medium-sized enterprise) at the time the Grant Agreement was signed. Yes Region West-Nederland Noord-Holland Groot-Amsterdam Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Total cost € 567 814,29 OW2 France Net EU contribution € 381 875,00 Address 7 RUE DE PHALSBOURG 75017 Paris See on map SME The organization defined itself as SME (small and medium-sized enterprise) at the time the Grant Agreement was signed. Yes Region Ile-de-France Ile-de-France Paris Activity type Other Links Contact the organisation Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Total cost € 381 875,00
