Susceptibility matrix: a new aid to software auditing

Publication TypeJournal Articles
Year of Publication2004
AuthorsJiwnani K, Zelkowitz MV
JournalSecurity Privacy, IEEE
Pagination16 - 21
Date Published2004/04//mar
ISBN Number1540-7993
Keywordsapproach;, auditing;, data;, matrix;, of, program, Security, software, susceptibility, taxonomy-based, testing;, vulnerabilities;

Testing for security is lengthy, complex, and costly, so focusing test efforts in areas that have the greatest number of security vulnerabilities is essential. This article describes a taxonomy-based approach that gives an insight into the distribution of vulnerabilities in a system.