DocumentCode :
657510
Title :
Using software reliability models for security assessment — Verification of assumptions
Author :
Da Young Lee ; Vouk, Mladen ; Williams, Laurie
Author_Institution :
Dept. of Comput. Sci., North Carolina State Univ., Raleigh, NC, USA
fYear :
2013
fDate :
4-7 Nov. 2013
Firstpage :
23
Lastpage :
24
Abstract :
Can software reliability models be used to assess software security? One of the issues is that security problems are relatively rare under “normal” operational profiles, while “classical” reliability models may not be suitable for use in attack conditions. We investigated a range of Fedora open source software security problems to see if some of the basic assumptions behind software reliability growth models hold for discovery of security problems in non-attack situations. We find that in some cases, under “normal” operational use, security problem detection process may be described as a Poisson process. In those cases, we can use appropriate classical software reliability growth models to assess “security reliability” of that software in non-attack situations.
Keywords :
public domain software; security of data; software reliability; stochastic processes; Fedora open source software security problems; Poisson process; nonattack situations; security problem detection process; software reliability growth models; software security reliability assessment; Abstracts; Computational modeling; Exponential distribution; Predictive models; Security; Software reliability;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Software Reliability Engineering Workshops (ISSREW), 2013 IEEE International Symposium on
Conference_Location :
Pasadena, CA
Type :
conf
DOI :
10.1109/ISSREW.2013.6688858
Filename :
6688858
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=657510
بازگشت