Estimating the Cost of Security for COTS Software
نویسندگان
چکیده
This paper describes enhancements being made to the University of Southern California’s COnstructive COTS (COCOTS) integration cost model to address security concerns. The paper starts by summarizing the actions we have taken to enhance COCOMO II to model the impact of security on development effort and duration. It then relates the COCOMO II approach to the COCOTS estimating framework so that the enhancements proposed can be incorporated into the COCOTS model. After summarizing the team’s progress in developing counterpart COCOTS security cost drivers and expert-consensus cost driver parameter values, the paper points to the steps that will be taken to validate the findings and calibrate the model.
منابع مشابه
Measuring Security Investment Benefit for COTS Based Systems - A Stakeholder Value Driven Approach
This paper presents the Threat Modeling method based on Attacking Path Analysis (T-MAP) which quantifies security threats by calculating the total severity weights of relevant attacking paths for Commercial Off The Shelf (COTS) based systems. Compared to existing approaches, T-MAP is sensitive to an organization’s business value priorities and IT environment. It distills the technical details o...
متن کاملMeasuring Security Investment Benefit for Off the Shelf Software Systems - A Stakeholder Value Driven Approach
This paper presents the Threat Modeling method based on Attacking Path Analysis (T-MAP) which quantifies security threats by calculating the total severity weights of relevant attacking paths for Commercial Off The Shelf (COTS) based systems. Compared to existing approaches, T-MAP is sensitive to an organization’s business value priorities and IT environment. It distills the technical details o...
متن کاملSoftware architecture classification for estimating the cost of cots integration - Software Engineering, 1999. Proceedings of the 1999 International Conference on
The use of commercial-off-the-shelf (COTS) products creates a software integration problem, whether a single COTS software component is being integrated into a software system, or the whole system is being built primarily from COTS products. This integration may require considerable effort and affect system quality. A good estimate of integration cost can help in the decision of whether or not ...
متن کاملAn Empirical Study on Off-the-Shelf Component Usage in Industrial Projects
Using OTS (Off-The-Shelf) components in software projects has become increasing popular in the IT industry. After project managers opt for OTS components, they can decide to use COTS (Commercial-Off-The-Shelf) components or OSS (Open Source Software) components instead of building these themselves. This paper describes an empirical study on why project decisionmakers use COTS components instead...
متن کاملThe Evolution of Software Estimating
Exponential improvements in software development environments and increased vulnerability to security couple with an ever widening circle of applicable uses for software in large scale systems. Add to this the growing trend toward non-traditional methods of delivering software solutions such as outsourcing software development, integrating commercial off-the-shelf (COTS) solutions, and incorpor...
متن کامل