Evaluating Software Complexity Measures
IEEE Transactions on Software Engineering
A mathematical perspective for software measures research
Software Engineering Journal
ACM SIGSOFT Software Engineering Notes
Property-Based Software Engineering Measurement
IEEE Transactions on Software Engineering
Evaluating software engineering methods and tools: part 9: quantitative case study methodology
ACM SIGSOFT Software Engineering Notes
The Unified Modeling Language user guide
The Unified Modeling Language user guide
Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security
IEEE Transactions on Software Engineering
An empirical study of operating systems errors
SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
Measurement Framework for Software Privilege Protection Based on User Interaction Analysis
METRICS '05 Proceedings of the 11th IEEE International Software Metrics Symposium
Empirical relation between coupling and attackability in software systems:: a case study on DOS
Proceedings of the 2006 workshop on Programming languages and analysis for security
A Metrics Suite for Evaluating Flexibility and Complexity in Service Oriented Architectures
Service-Oriented Computing --- ICSOC 2008 Workshops
Describing variability in service-oriented software product lines
Proceedings of the Fourth European Conference on Software Architecture: Companion Volume
| Hi-index | 0.00 |
As software attacks become widespread, the ability for a software system to resist malicious attacks has become a key concern in software quality engineering. Software attackability is a concept proposed recently in the research literature to measure the extent to which a software system or service could be the target of successful attacks. Like most external attributes, attackability is to some extent disconnected from the internal of software products. To mitigate software attackability, we need to identify and manipulate related internal software attributes. Our goal in this paper is to study software complexity as one such internal attribute. We apply the User System Interaction Effect (USIE) model, a security measurement abstraction paradigm proposed in previous research, to define and validate a sample metric for service complexity. We thereby establish the usefulness of our sample metric through empirical investigation using open source software system as target application.