search menu icon-carat-right cmu-wordmark

Measures and Measurement for Secure Software Development

July 2013 White Paper
Carol Dekkers, David Zubrow, James McCurley

In this paper, the authors discuss how measurement can be applied improve the security characteristics of the software being developed.

Publisher:

CERT

Abstract

This article discusses how measurement can be applied to software development processes and work products to monitor and improve the security characteristics of the software being developed. It is aimed at practitioners—designers, architects, requirements specialists, coders, testers, and managers—who desire guidance as to the best way to approach measurement for secure development. It does not address security measurements of system or network operations.