The lack of adequate information security solutions in software-intensive systems can have serious consequences for businesses and stakeholders. Carefully and systematically designed information security and trust metrics can be used to offer evidence of the system under development or operation. A requirement-centric decomposition method to develop feasible security metrics has been developed to fulfil this need.
|Title of host publication||Scientific activities in Safety & Security 2009|
|Publisher||VTT Technical Research Centre of Finland|
|Publication status||Published - 2009|
|MoE publication type||D2 Article in professional manuals or guides or professional information systems or text book material|
Savola, R. (2009). Information security and trust metrics development. In V. Rouhiainen (Ed.), Scientific activities in Safety & Security 2009 (pp. 16-17). VTT Technical Research Centre of Finland. http://www.vtt.fi/inf/julkaisut/muut/2009/SafetySecurityReview09.pdf