Within the framework of the 19th Spanish Meeting on Cryptology and Information Security (RECSI 2026), held at the University of La Laguna (Tenerife) from 17 to 21 March, researcher Carlos Villarrubia, from Rey Juan Carlos University (URJC) and collaborator with the Security and Auditing Group (GSyA) at the University of Castilla-La Mancha, presented the paper ‘A Framework for Traceability and Risk Control in Software Supply Chain Cybersecurity’.

The study addresses the growing risks associated with the software supply chain, particularly those arising from the use of third-party components and the increasing complexity of modern development environments. As its main contribution, it proposes a comprehensive framework based on blockchain technology that ensures end-to-end traceability, as well as risk management and control throughout the entire supply chain. The solution integrates verification, auditing, and continuous assessment mechanisms, aligning with leading security standards.

The proposal stands out for its holistic approach and its ability to enhance transparency, integrity, and trust in software development and distribution.