This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
On the Brittleness of Software and the Infeasibility of Security Metrics
July/August 2006 (vol. 4 no. 4)
pp. 96
Steven M. Bellovin, Columbia University
How secure is a computer system? Bridges have a load limit, but it isn't determined (as "Calvin and Hobbes" would have it) by building an identical bridge and running trucks over it until it collapses. In a more relevant vein, safes are rated for how long they'll resist attack under given circumstances. Can we do the same for software?
Index Terms:
security, software, defense systems, defense
Citation:
Steven M. Bellovin, "On the Brittleness of Software and the Infeasibility of Security Metrics," IEEE Security & Privacy, vol. 4, no. 4, pp. 96, July-Aug. 2006, doi:10.1109/MSP.2006.101
Usage of this product signifies your acceptance of the Terms of Use.