Systematically managed, sufficient and credible security metrics increase the understanding of the security effectiveness level of software-intensive systems during the system development and operation. Risk-driven top-down modeling enables systematic and meaningful security metrics development. We propose six strategies for security measurement objective decomposition. Their focus is on metrics development for security correctness, software and system quality, partial security effectiveness, as well as security-related compliance and tradeoff decision-making. The proposed strategies integrate an abstract security effectiveness model, security measurement objectives, and the associated measurement points in relevant system components. Secur...
Measurement is one of the foundations of sound engineering practices, be-cause-as Tom DeMarco put it...
To better control IT security in software engineering and IT management, we need to assess security ...
An efficient IT security management relies upon the ability to make a good compromise between the co...
Systematically managed, sufficient and credible security metrics increase the understanding of the s...
It is a widely accepted management principle that an activity cannot be managed well if it cannot be...
Adequate information security effectiveness during system operation is the ultimate goal of all secu...
Abstract: We introduce a novel high-level security metrics objective taxonomization model for soft-w...
We introduce a novel high-level security metrics objective taxonomization model for software- intens...
Appropriate information security solutions for software-intensive systems, together with evidence of...
The management of information security becomes easier if suitable metrics can be developed to offer ...
Security measurement of software-intensive systems is an emerging field, rapidly gaining momentum. W...
It is a widely accepted management principle that an activity cannot be managed well if it cannot be...
Security measurement of software-intensive systems is an emerging field, rapidly gaining momentum. W...
Systematically and carefully designed information security metrics can be used to provide evidence o...
Quantification of information security can be used to obtain evidence to support decision-making abo...
Measurement is one of the foundations of sound engineering practices, be-cause-as Tom DeMarco put it...
To better control IT security in software engineering and IT management, we need to assess security ...
An efficient IT security management relies upon the ability to make a good compromise between the co...
Systematically managed, sufficient and credible security metrics increase the understanding of the s...
It is a widely accepted management principle that an activity cannot be managed well if it cannot be...
Adequate information security effectiveness during system operation is the ultimate goal of all secu...
Abstract: We introduce a novel high-level security metrics objective taxonomization model for soft-w...
We introduce a novel high-level security metrics objective taxonomization model for software- intens...
Appropriate information security solutions for software-intensive systems, together with evidence of...
The management of information security becomes easier if suitable metrics can be developed to offer ...
Security measurement of software-intensive systems is an emerging field, rapidly gaining momentum. W...
It is a widely accepted management principle that an activity cannot be managed well if it cannot be...
Security measurement of software-intensive systems is an emerging field, rapidly gaining momentum. W...
Systematically and carefully designed information security metrics can be used to provide evidence o...
Quantification of information security can be used to obtain evidence to support decision-making abo...
Measurement is one of the foundations of sound engineering practices, be-cause-as Tom DeMarco put it...
To better control IT security in software engineering and IT management, we need to assess security ...
An efficient IT security management relies upon the ability to make a good compromise between the co...