A Secure Future for Open-Source Computational Science and Engineering

Journalists, public policy analysts, and economists have called attention to the growing importance that high-performance and scientific computing have to national security and industrial leadership. As computing continues to power scientific advances in virtually every discipline, so too does it improve our economic productivity and quality of life. The increasing social, political, and economic importance of research software, however, has also brought the question of software security to the fore. Just as unintentional software errors can threaten the integrity of scientific studies, malicious actors could leverage vulnerabilities to alter results, exfiltrate data, and sabotage computing resources. In this editorial, the authors argue for the need to incorporate security practices and perspectives throughout the research software lifecycle, and they propose directions for future work in this space.