A Strategic Approach for Risk Analysis of Production Software Systems

Novel Application of Multi-Layer Perceptrons (MLP) Neural Networks to Model HIV in South Africa using Seroprevalence Data from Antenatal Clinics
An Effective Evolutionary Clustering Algorithm: Hepatitis C Case Study
Adaptivity and Adaptability of Learning Object’s Interface
Migration of Legacy Information System based on Business Process Theory
Enhanced TCP Westwood Congestion Avoidance Mechanism (TCP WestwoodNew)

Home Archives Volume 10 Number 2A Strategic Approach for Risk Analysis of Production Software Systems

Call for Paper - May 2023 Edition

IJCA solicits original research papers for the May 2023 Edition. Last date of manuscript submission is April 20, 2023. Read More

A Strategic Approach for Risk Analysis of Production Software Systems

International Journal of Computer Applications

Number 2 - Article 5

Year of Publication: 2010

Authors:

Sumithra A

Ramaraj E

Sree Ram Kumar T

10.5120/1453-1964

Sumithra A, Ramaraj E and Sree Ram Kumar T. Article:A Strategic Approach for Risk Analysis of Production Software Systems. International Journal of Computer Applications 10(2):23–30, November 2010. Published By Foundation of Computer Science. BibTeX

@article{key:article,
	author = {Sumithra A and Ramaraj E and Sree Ram Kumar T},
	title = {Article:A Strategic Approach for Risk Analysis of Production Software Systems},
	journal = {International Journal of Computer Applications},
	year = {2010},
	volume = {10},
	number = {2},
	pages = {23--30},
	month = {November},
	note = {Published By Foundation of Computer Science}
}

Abstract

Defects in production software can incur heavy damage to a business operation; yet most current approaches to software security assessment focus primarily on new code development. The paper aims at introducing a strategic approach for reducing the operational security risk. The familiar top-down structured development process used by internal development groups is totally inappropriate for risk analysis of production software systems. And generally the cost of finding and fixing a bug in a production system is regarded as too high. So there is an imperative necessity to focus on approaches tailored specifically for production software systems which is the one attempted here.

Reference

2005 Breach Analysis, April 2006 http://www.software.co.il/downloads/breachAnalysis2005.xls
Privacy Rights Clearinghouse, http://www.privacyrights.org/
Developing Secure Software, Noopur Davis, http://www.softwaretechnews.com/stn8-2/noopur.html
Top-down Security”, Alan Paller, http://infosecuritymag.techtarget.com/articles/1999/paller.shtml
In production, it’s often 100 times more expensive than finding and fixing the bug during requirements and design phase”. Barry Boehm, Victor R. Basili, IEE Computer, 34(1): 135-137, 2001
CVSS (Common Vulnerability Scoring System) is a standard way to convey vulnerability severity and help determine urgency and priority of response, http://www.first.org/cvss/intro/ Vendors such as Cisco, Symantec and Skype use CVSS to score their own application vulnerabilities.
CLASP (Comprehensive, Lightweight Application Security Process), http://www.owasp.org/index.php/CLASP

Index Terms

Computer Science

Software Engineering

Key words

Risk Production Software System Security Risk Vulnerability Software Components

Most Read Research Articles

A Strategic Approach for Risk Analysis of Production Software Systems

Abstract

Reference

Index Terms

Key words