Building components with embedded security monitors
Proceedings of the joint ACM SIGSOFT conference -- QoSA and ACM SIGSOFT symposium -- ISARCS on Quality of software architectures -- QoSA and architecting critical systems -- ISARCS
OSDC: adapting ODC for developing more secure software
Proceedings of the 28th Annual ACM Symposium on Applied Computing
| Hi-index | 0.00 |
Secure software is crucial in today’s software dependent world. However, most of the time, security is not addressed from the very beginning of a software development life cycle (SDLC), and it is only incorporated after the software has been developed. Even when security is considered since the inception of the software development, there is no concrete way to quantify security of an SDLC artifact. This quantification is necessary to know about the security state of an SDLC artifact after each phase of software development. Moreover, this could help the software developers in allocating further resources to increase security and decrease the vulnerabilities in any software. In this paper, we use vulnerability occurrences to calculate a vulnerability index of an SDLC artifact that provides an indication about the existing vulnerabilities. Moreover, we calculate a security index by using the combined potential damage that can be caused due to vulnerabilities.