Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Dramatically Reducing Software Vulnerabilities: Report to the White House Office of Science and Technology Policy

Published

Author(s)

Paul E. Black, Mark L. Badger, Barbara Guttman, Elizabeth N. Fong

Abstract

The call for a dramatic reduction in software vulnerability is heard from multiple sources, recently from the February 2016 Federal Cybersecurity Research and Development Strategic Plan. This plan starts by describing well known risks: current systems perform increasingly vital tasks and are widely known to possess vulnerabilities. These vulnerabilities are often not easy to discover and difficult to correct. Cybersecurity has not kept pace, and the pace that is needed is rapidly accelerating. The goal of this report is to present a list of specific technical approaches that have the potential to make a dramatic difference in reducing vulnerabilities--by stopping them before they occur, by finding them before they are exploited or by reducing their impact.
Citation
NIST Interagency/Internal Report (NISTIR) - 8151
Report Number
8151

Keywords

measurement, metrics, software assurance, software measures, security vulnerabilities, reduce software vulnerability

Citation

Black, P. , Badger, M. , Guttman, B. and Fong, E. (2016), Dramatically Reducing Software Vulnerabilities: Report to the White House Office of Science and Technology Policy, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.IR.8151 (Accessed March 19, 2024)
Created December 1, 2016, Updated May 4, 2021