Abstract

dc. description. abstract The Scientific Workflow Integrity with Pegasus (SWIP) project adds data integrity checking to the Pegasus workflow management system (https://pegasus. isi. edu/). As part of SWIP, we perform software assurance (SwA) on the Pegasus software using the Software Assurance Marketplace (SWAMP, https://www. mir-swamp. org/). Initially, we planned to perform SwA only on the parts of the code base related to SWIP, ie, only the code related to the data integrity checks. However, during the course of the SWIP project, a decision was made to perform SwA on the entire Pegasus code base. In addition, the project took on a research effort of trying to quantify differences in SwA results between Pegasus versions. We summarize our SwA process and results here. SwA results provide insight, but they are still subjective; developers of the software being assessed (Pegasus in this project) need to determine how those results need to be addressed. en

Date

September 5, 2025

Authors

Randy Heiland, Mats Rynge, Karan Vahi, Ewa Deelman, Von Welch