Software Assurance Measurement -- State of the Practice

Abstract : This report identifies and describes the current state of the practice in software assurance measurement. This discussion focuses on the methods and technologies that are applicable in the domain of existing software products, software services, and software processes. This report is not meant to be prescriptive; instead, it attempts to provide an end-to-end discussion of the state of the practice in software assurance measurement. In addition, it points out significant emerging trends in the field. The overall discussion touches on the existing principles, concepts, methods, tools, techniques, and best practices for detection of defects and vulnerabilities in code.

[1]  Brenda Whittaker,et al.  What went wrong? Unsuccessful information technology projects , 1999, Inf. Manag. Comput. Secur..

[2]  Shari Lawrence Pfleeger,et al.  Software Metrics : A Rigorous and Practical Approach , 1998 .

[3]  Cemal Yilmaz,et al.  Software Metrics , 2008, Wiley Encyclopedia of Computer Science and Engineering.

[4]  Watts S. Humphrey,et al.  Managing the software process , 1989, The SEI series in software engineering.

[5]  Mark C. Paulk,et al.  Capability Maturity Model , 1991 .

[6]  Erikos Alkalai,et al.  Software Validation and Verication Plan , 2014 .

[7]  Michael J. Kass Software Assurance Metrics and Tool Evaluation (SAMATE) , 2005 .