Container supply chain security in GCP - Time & Space Complexity

We want to understand how the time needed to secure container supply chains changes as we add more containers or steps.

Specifically, how does the number of security checks and scans grow when the supply chain grows?

Analyze the time complexity of the following operation sequence.

// Pseudocode for container supply chain security steps
for each container_image in container_images_list:
  scan container_image for vulnerabilities
  verify container_image signature
  deploy container_image if checks pass

This sequence scans and verifies each container image before deployment to ensure security.

Identify the API calls, resource provisioning, data transfers that repeat.

• Primary operation: Scanning and verifying each container image.
• How many times: Once per container image in the list.

As the number of container images increases, the total number of scans and verifications grows proportionally.

Input Size (n)	Approx. Api Calls/Operations
10	10 scans + 10 verifications = 20 operations
100	100 scans + 100 verifications = 200 operations
1000	1000 scans + 1000 verifications = 2000 operations

Pattern observation: The operations increase directly with the number of container images.

Time Complexity: O(n)

This means the time to secure the supply chain grows linearly with the number of container images.

[X] Wrong: "Adding more container images won't affect the total security check time much because scans run fast."

[OK] Correct: Each container image requires its own scan and verification, so total time adds up directly with more images.

Understanding how security steps scale helps you design systems that stay safe even as they grow.

This skill shows you can think about real-world cloud security challenges clearly and simply.

"What if we introduced parallel scanning for container images? How would the time complexity change?"