Identification of basic measurable security components in software intensive systems

Reijo Savola

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    Abstract

    Appropriate information security solutions for software-intensive systems, together with evidence of their security performance help to prevent serious consequences for businesses and the stakeholders. Security metrics can be used to offer this evidence. We investigate practical and holistic development of security metrics for software-intensive systems. Our approach is security requirement-centric. The high-level security requirements are expressed in terms of lower-level measurable components applying a decomposition approach. Detailed security metrics are developed based on the basic measurable components identified at the leaf level of the decomposition.
    Original languageEnglish
    Title of host publicationProceeedings of the ISSA 2009 Conference
    Place of PublicationJohannesburg
    PublisherUniversity of Pretoria
    Pages69-80
    ISBN (Print)978-1-86854-740-1
    Publication statusPublished - 2009
    MoE publication typeA4 Article in a conference publication
    Event2009 Information Security South Africa, ISSA 2009 Conference - Johannesburg, South Africa
    Duration: 6 Jul 20098 Jul 2009

    Conference

    Conference2009 Information Security South Africa, ISSA 2009 Conference
    Country/TerritorySouth Africa
    CityJohannesburg
    Period6/07/098/07/09

    Fingerprint

    Dive into the research topics of 'Identification of basic measurable security components in software intensive systems'. Together they form a unique fingerprint.

    Cite this