Black, P.
(1970),
Report of workshop on Software Measures and Metrics to Reduce Security Vulnerabilities (SwMM-RSV), Dramatically Reducing Security Vulnerabilities, [online], https://samate.nist.gov/DRSV2016/
(Accessed April 23, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Report of workshop on Software Measures and Metrics to Reduce Security Vulnerabilities (SwMM-RSV)
Author(s)
Abstract
The workshop occurred on 12 July 2016 at National Institute of Standards and Technology (NIST). The workshop's object was software as a product. 20 position statements were submitted; 10 were accepted. Over 90 people attended, primarily dealing with the Federal Government. During a break-out, attendees considered how the Government can best use taxpayer money to identify, improve, package, deliver, or boost the use of software measures and metrics to significantly reduce vulnerabilities. Some ideas that came up were *code should be amenable to automatic analysis, *tool output should be standardized, *there should be boilerplate contract and procurement language, *findings about tools and libraries should be shared, *there should be business cases for secure software, *software developers should have some liability, and *programmers need to understand security.Citation
Dramatically Reducing Security Vulnerabilities
Pub Weblink
Pub Type
Websites
Keywords
software assurance, Software Measures and Metrics to Reduce Security Vulnerabilities, SwMM-RSV
Citation
Created May 7, 2017, Updated May 4, 2021