Software Assurance Measurement -- State of the Practice

Abstract

This report identifies and describes the current state of the practice in software assurance measurement. This discussion focuses on the methods and technologies that are applicable in the domain of existing software products, software services, and software processes. This report is not meant to be prescriptive; instead, it attempts to provide an end-to-end discussion of the state of the practice in software assurance measurement. In addition, it points out significant emerging trends in the field. The overall discussion touches on the existing principles, concepts, methods, tools, techniques, and best practices for detection of defects and vulnerabilities in code.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Nov 01, 2013
Accession Number
ADA592417

Entities

People

  • Dan Shoemaker
  • Nancy R. Mead

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Cyber
  • Engineered Resilient Systems

DTIC Thesaurus Topics

  • Business Administration
  • Code Injection
  • Computer Programming
  • Computer Programs
  • Computers
  • Cybersecurity
  • Information Systems
  • Management Personnel
  • National Security
  • Object-Oriented Programming Language
  • Organizational Structure
  • Reliability
  • Software Development
  • Software Metrics
  • Software Testing
  • Test And Evaluation
  • Vulnerability

Fields of Study

  • Computer science
  • Engineering

Readers

  • Computational Modeling and Simulation
  • Defense Acquisition Program Management
  • Systems Analysis and Design