期刊名称:International Journal of Computer Technology and Applications
电子版ISSN:2229-6093
出版年度:2012
卷号:3
期号:6
页码:1991-1996
出版社:Technopark Publications
摘要:One of the biggest challenges faced by software engineers today is the engineering of secure software. Attempts are being made to apply the principles originally proposed for the engineering of “quality” software to security. One of such principles is related to the development and usage of “metrics” which are measures serving as indicators of how much of “something” software possesses. Security metrics attempt to measure the “amount” of security a software has. In this paper, we propose some metrics, which apply at the source code level that can serve as a guide for software developers in identifying the most vulnerable parts of the source code. We also demonstrate the validity of the proposed metrics through empirical results.
