On the feasibility of utilizing security metrics in software-intensive systems

    Research output: Contribution to journalArticleScientificpeer-review

    Abstract

    Security measurement of software-intensive systems is an emerging field, rapidly gaining momentum. Well-designed security metrics offer credible and sufficient evidence of security level and performance for security decision-making. In this study, we introduce a novel security metrics feasibility validation approach, consisting of validation criteria and an associated validation process that takes into account the used measurement approaches and the use of security metrics. The approach is based on the identification of needs for and challenges in using security metrics, and the identification of good properties of security metrics from related work.
    Original languageEnglish
    Pages (from-to)230-239
    Number of pages10
    JournalInternational Journal of Computer Science and Network Security
    Volume10
    Issue number1
    Publication statusPublished - 2010
    MoE publication typeA1 Journal article-refereed

    Keywords

    • Security metrics
    • security measurement
    • feasibility
    • security engineering
    • software engineering

    Fingerprint Dive into the research topics of 'On the feasibility of utilizing security metrics in software-intensive systems'. Together they form a unique fingerprint.

  • Cite this