梁冠宇  等:面向操作系统可靠性保障的开源软件供应链                                                       3073


         [10]    Trkman P, De Oliveira MPV, Mccormack K. Value-oriented supply chain risk management: You get what you expect. Industrial
             Management & Data Systems, 2016,116(5):1061–1083.
         [11]    Neiger D, Rotaru K, Churilov L. Supply chain risk identification with value-focused process engineering. Journal of Operations
             Management, 2009,27(2):154–168.
         [12]    Tummala R, Schoenherr T. Assessing and managing risks using the supply chain risk management process (SCRMP). Supply Chain
             Management: An Int’l Journal, 2011,16(6):474–483.
         [13]    Ho W, Zheng T, Yildiz H, Talluri S. Supply chain risk management: A literature review. Int’l Journal of Production Research,
             2015,53(16):5031–5069.
         [14]    Kern D, Moser R, Hartmann E, Moder M. Supply risk management: Model development and empirical analysis. Int’l Journal of
             Physical Distribution & Logistics Management, 2012,42(1):60–82.
         [15]    Cohen MA, Kunreuther H. Operations risk management: Overview of Paul Kleindorfer’s contributions. Production and Operations
             Management, 2007,16(5):525–541.
         [16]    Gaudenzi B, Borghesi A. Managing  risks  in the  supply chain using the  AHP method. Int’l  Journal  of Logistics Management,
             2006,17(1):114–136.
         [17]    Fan Y, Stevenson M. A review of supply chain risk management: Definition, theory, and research agenda. Int’l Journal of Physical
             Distribution & Logistics Management, 2018,48(3):205–230.
         [18]    Zsidisin GA. A grounded definition of supply risk. Journal of Purchasing and Supply Management, 2003,9(5):217–224.
         [19]    Ehrlinger L, Wöß W. Towards a definition of knowledge graphs. SEMANTiCS (Posters, Demos, SuCCESS), 2016, 48.
         [20]    Amit S. Introducing the knowledge graph: Things, not strings. Google Official Blog, Retrieved September 6, 2014.
         [21]    What is a Knowledge graph. https://www.ontotext.com/knowledgehub/fundamentals/what-is-a-knowledge-graph/
         [22]    Zhou P, Liang GY, Yu JG, Wang JM, Wu JJ, Zhao C. Customized operating system for RISC-V fragmentation based on software
             supply chain. China RISC-V Forum, 2019 (in Chinese).
         [23]    Fielding RT, Taylor RN. Architectural styles and the design of network-based software architectures [Ph.D. Thesis]. University of
             California, 2000.
         [24]    Thulasiraman K, Swamy MNS. Graphs: Theory and Algorithms. John Wiley and Sons, 1992. 118.
         [25]    Kahn AB. Topological sorting of large networks. Communications of the ACM, 1962,5(11):558–562.
         附中文参考文献:
          [1]    骆斌,丁二玉,刘钦.软件工程与计算:软件开发的技术基础,卷 2.北京:机械工业出版社,2012.308–309.
          [5]    周明辉,张宇霞,谭鑫.软件数字社会学.中国科学:信息科学,2019,49:1399−1411. [doi: 10.1360/N112018-00319]
         [22]    周鹏,梁冠宇,于佳耕,王建民,武延军,赵琛.基于软件供应链的应对 RISC-V 碎片化的操作系统定制平台.中国 RISC-V 论坛,
             2019.


                       梁冠宇(1988－),男,硕士,主要研究领域为                      吴敬征(1982－),男,博士,CCF 专业会员,
                       云计算,操作系统,智能化运维.                              主要研究领域为系统安全,漏洞挖掘,操作
                                                                    系统.



                       武延军(1979－),男,博士,博士生导师,CCF                    赵琛(1967－),男,博士,博士生导师,CCF
                       高级会员,主要研究领域为操作系统,系统                          高级会员,主要研究领域为编译技术,操作
                       安全.                                          系统,网络软件.