Security measurements within the framework of quality assessment models for free/libre open source software

Authors:
Arne-Kristian Groven;Kirsten Haaland;Ruediger Glott;Anna Tannenberg
Affiliations:
Norsk Regnesentral, Blindern, Oslo, Norway;UNU-MERIT, Maastricht, The Netherlands;UNU-MERIT, Maastricht, The Netherlands;FreeCode AS, Oslo, Norway
Venue:
Proceedings of the Fourth European Conference on Software Architecture: Companion Volume
Year:
2010

Citing 3
Cited 1

Software modeling and measurement: the Goal/Question/Metric paradigm

Software modeling and measurement: the Goal/Question/Metric paradigm
Quantitative evaluation of software quality

ICSE '76 Proceedings of the 2nd international conference on Software engineering
Process Assessment and ISO/IEC 15504: A Reference Book

Process Assessment and ISO/IEC 15504: A Reference Book

Preliminary lessons from a software evolution analysis of Moodle

Proceedings of the First International Conference on Technological Ecosystem for Enhancing Multiculturality

Quantified Score

Hi-index	0.00

Visualization

Abstract

This article, presents a comparison of a first generation software quality assessment model (OpenBRR) and a second generation model (QualOSS) by applying them to the case of Asterisk, a FLOSS implementation of a telephone private branch exchange (PBX, VoIP). The key trend in the evolution of FLOSS quality assessment models is the movement from manual and descriptive to more automated and analytical models, and from the involvement of a few metrics to hundreds of metrics. Concerning the security measurements, they are much more sophisticated in QualOSS than in OpenBRR. Where OpenBRR have only three security metrics, QualOSS has nine security indicator with altogether 30-40 security metrics. This article shows how security are measured in the two assessment models, putting it into the overall context of the two approaches.