A Practical Model For Rating Software Security

doi:10.5281/zenodo.3592336

Published June 18, 2013 | Version v1

Conference paper Open

A Practical Model For Rating Software Security

1. Software Improvement Group

Published in "Proceedings of the 2013 IEEE Seventh International Conference on Software Security and Reliability Companion"

We propose a new security product quality model that makes ISO 25010 operational. We specify four requirements for the model: (1) the model shall be applicable for all types of software products; (2) the model shall be applicable from the early development phase; (3) the model shall be lightweight, concrete and repeatable; (4) the model shall lead to ratings that allow for comparison between software products.

Notes

Since its creation in 2013, the proposed security model has been applied at hundreds of different organisations all around the world. During the years it has had some small changes.

Files

APracticalModelForSoftwareSecurity.pdf

Files (352.9 kB)

Name	Size	Download all
APracticalModelForSoftwareSecurity.pdf md5:650eb90f0b15d8d3c00619c6ce49067e	352.9 kB	Preview Download

	All versions	This version
Views	167	167
Downloads	598	596
Data volume	219.2 MB	218.4 MB

A Practical Model For Rating Software Security

Creators

Description

Notes

Files

APracticalModelForSoftwareSecurity.pdf

Files (352.9 kB)