Properties for Security Measures of Software Products

A large number of attacks on computing systems succeed because of the existence of software flaws (e.g. buffer overflow, race conditions etc.) that could be fixed through a careful design process. An effective way of improving the quality of software products consists of using metrics to guide the development process. The field of software security metrics however is still in infancy in contrast with the area of traditional software metrics such as reliability metrics for which several key results have been obtained so far. We identify in this paper a number of internal software attributes that could be related to a variety of security qualities. Since theoretical validation is an important step in the development of any metrics program, we focus in this paper on studying the measurement properties associated with these internal attributes. The properties, based on popular security design principles in use in security engineering processes, can be used to guide the search of software security metrics. We study the feasibility of our theoretical framework by presenting case studies based on metrics derived from existing security measurement frameworks, namely the attack surface metrics system and the privilege graph paradigm.

[1]  Jan H. P. Eloff Selection process for security packages , 1983, Comput. Secur..

[2]  Norman E. Fenton,et al.  Software Metrics: A Rigorous Approach , 1991 .

[3]  Jeannette M. Wing,et al.  Measuring a System's Attack Surface , 2004 .

[4]  Sandro Morasca,et al.  Towards a theoretical framework for measuring software attributes , 1997, Proceedings Fourth International Software Metrics Symposium.

[5]  Albert L. Baker,et al.  A mathematical perspective for software measures research , 1990, Softw. Eng. J..

[6]  Elaine J. Weyuker,et al.  Evaluating Software Complexity Measures , 2010, IEEE Trans. Software Eng..

[7]  Marvin V. Zelkowitz,et al.  A formal program complexity model and its application , 1992, J. Syst. Softw..

[8]  William A. Wulf,et al.  TOWARDS A FRAMEWORK FOR SECURITY MEASUREMENT , 1997 .

[9]  Norman E. Fenton,et al.  Measurement : A Necessary Scientific Basis , 2004 .

[10]  Shari Lawrence Pfleeger,et al.  Towards a Framework for Software Measurement Validation , 1995, IEEE Trans. Software Eng..

[11]  Michael Howard,et al.  Measuring Relative Attack Surfaces , 2005 .

[12]  Marc Dacier,et al.  Privilege Graph: an Extension to the Typed Access Matrix Model , 1994, ESORICS.

[13]  Elaine J. Weyuker,et al.  Comments on "Toward a Framework for Software Measurement Validation" , 1997, IEEE Trans. Software Eng..

[14]  Sandro Morasca,et al.  Property-Based Software Engineering Measurement , 1996, IEEE Trans. Software Eng..

[15]  Shari Lawrence Pfleeger,et al.  Reply to: Comments on "Toward a Framework for Software Measurement Validation" , 1997, IEEE Trans. Software Eng..

[16]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.

[17]  William H. Sanders,et al.  Model-based evaluation: from dependability to security , 2004, IEEE Transactions on Dependable and Secure Computing.

[18]  Ravi S. Sandhu The typed access matrix model , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.