Treffer: Fifty Years of Open Source Software Supply-Chain Security.

The article discusses the history of open source software supply-chain security since the U.S. Air Force's release of a report in 1974 regarding the security of the Honeywell International Inc.'s Multics time-sharing operations system, and it mentions a potential problem involving a back door where the system call allowed the reading or writing of an arbitrary word of kernel memory. It states that a software supply chain is defined as all places where a software supply-chain vulnerability or attack could occur.