Software Engineering: Developing Frontend and Backend Resources for Geospatial Application; An Actor-Network Theory Analysis of the SolarWinds Orion Hack

Lieberman, Zach, School of Engineering and Applied Science, University of Virginia
Laugelli, Benjamin, Engineering and Society, University of Virginia
Morrison, Briana, EN-Comp Science Dept, University of Virginia

Both my technical project and STS research topic revolve around the success and failures of software engineering in the modern age. The software development lifecycle (SDLC) is a design process with a series of phases that work in a cyclical manner consisting of planning, analysis, design, implementation, and maintenance. This approach in agile development is widely used and is an important concept for both my technical and STS research. However, these two projects outline different outcomes from the same development methodology. There was a success in the case of my experiential learning experience building successful tools and services yet a failure in the case of the SolarWinds Orion attack. Nevertheless, it is important to see how both of these projects showcase the impact of the SLDC in software engineering.

My technical report discusses an experiential learning experience I had while working for a government contractor where I worked to improve upon a geospatial web application in preparation for a future government contract. Throughout this project, I was tasked with both frontend and backend development working to improve the base application which affected the rest of the teams. In my frontend development, I worked on creating two additional tools for the platform that created additional functionalities for the client and for the rest of the teams. In the backend development, I created a new microservice which allowed a particular team to submit, convert, and display binary data into plume data which created a data overlay upon the map for a more in-depth analysis. This experience gave me a firm foundation in agile development and software engineering propelling me to succeed in my future endeavors.

The STS research topic I studied reflects the lapses in software development that caused large repercussions. This research discusses the SolarWinds Orion hack where foreign entities injected malicious code into an update file affecting over 18,000 users. My paper discusses the sociotechnical factors in the lens of Actor Network Theory to display the actors present in this area and where the network failed. Gathering this perspective allowed me to analyze the topic in a broader way than previously done which garnered discussion and reasoning throughout the paper.

The foundation built through my coursework and experiential learning experience closely linked with my approach and learning within the STS research topic. The experience of going through the steps in idealizing a project and working it through step by step allowed me a clearer vision when analyzing the events of the SolarWinds Orion attack. I was also able to reflect on my project in retrospect to see where the security safeguards within my team would protect the application from the grand repercussions of a similar attack.

BS (Bachelor of Science)
computer science, cybersecurity, security

School of Engineering and Applied Science
Bachelor of Science in Computer Science
Technical Advisor: Briana Morrison
STS Advisor: Benjamin Laugelli

All rights reserved (no additional license for public reuse)
Issued Date: