An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Report of workshop on Software Measures and Metrics to Reduce Security Vulnerabilities (SwMM-RSV)
Author(s)
Paul E. Black
Abstract
The workshop occurred on 12 July 2016 at National Institute of Standards and Technology (NIST). The workshop's object was software as a product. 20 position statements were submitted; 10 were accepted. Over 90 people attended, primarily dealing with the Federal Government. During a break-out, attendees considered how the Government can best use taxpayer money to identify, improve, package, deliver, or boost the use of software measures and metrics to significantly reduce vulnerabilities. Some ideas that came up were *code should be amenable to automatic analysis, *tool output should be standardized, *there should be boilerplate contract and procurement language, *findings about tools and libraries should be shared, *there should be business cases for secure software, *software developers should have some liability, and *programmers need to understand security.
Black, P.
(1970),
Report of workshop on Software Measures and Metrics to Reduce Security Vulnerabilities (SwMM-RSV), Dramatically Reducing Security Vulnerabilities, [online], https://samate.nist.gov/DRSV2016/
(Accessed October 9, 2024)