A Systematic Mapping Study on Risks and Vulnerabilities in Software Containers

Maha Sroor; Teerath Das; Rahul Mohanani; Tommi Mikkonen

Paper

A Systematic Mapping Study on Risks and Vulnerabilities in Software Containers

Abstract

Software containers are widely adopted for developing and deploying software applications. Despite their popularity, major security concerns arise during container development and deployment. Software Engineering (SE) research literature reveals a lack of reviewed, aggregated, and organized knowledge of risks, vulnerabilities, security practices, and tools in container-based systems development and deployment. Therefore, we conducted a Systematic Mapping Study (SMS) based on 129 selected primary studies to explore and organize existing knowledge on security issues in software container systems. Data from the primary studies enabled us to identify critical risks and vulnerabilities across the container life-cycle and categorize them using a novel taxonomy. Additionally, the findings highlight the causes and implications and provide a list of mitigation techniques to overcome these risks and vulnerabilities. Furthermore, we provide an aggregation of security practices and tools that can help support and improve the overall security of container systems. This study offers critical insights into the current landscape of security issues within software container systems. Our analysis highlights the need for future SE research to focus on security enhancement practices that strengthen container systems and develop effective mitigation strategies to comprehensively address existing risks and vulnerabilities.