| The commercial stage of the software development discipline includes quality assurance techniques. These techniques generate predictable, comparable, and repeatable results. The establishment and use of such methods indicate that a research field has evolved beyond the stage of "crafts," in which each project and problem is handled as a special case. The existence of these quality assurance techniques is, therefore, an indicator of the maturity of the research area. As a result of the establishment of these techniques, software measurement can be conducted. Software measurement allows the assignment of numerical values to an achieved quality. Numerical, and therefore comparable, results facilitate decision-making with respect to the selection of alternative solutions, the compilation of an optimum set of quality assurance methods, indication for needs of improvements to existing solutions, and trade-off analyses.; Quantification techniques for products and processes within general software development have been researched and established for more than 20 years, but relatively little has been investigated and standardized with respect to the quantification of software security and survivability.; An initial understanding of how vulnerabilities manifest themselves within source code, and how code can be evaluated to estimate its security, can be gained from approaches that are implemented within automated vulnerability detection tools.; An analysis of vulnerable code constructs reveals little difference between security and non-security related problems, which suggests that security concerns should not be evaluated disjointly from the general software engineering process. That is, a substantial number of instances of code-level security issues are also reliability problems. The exploitability of these instances is a subset of the potential problems that are inherent in flawed code.; Security problems can, and should, be addressed through proactive software engineering, so that a coder with knowledge about security issues can avoid the use of vulnerable constructs. Our work supports the notion that a proactive software engineering process is very beneficial when it comes to security related questions. We are able to show that vulnerabilities have fault characteristics. Vulnerable code can therefore be mitigated through detection and removal of its fault characteristics. (Abstract shortened by UMI.)... |
