This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
The Software Industry's "Clean Water Act" Alternative
May-June 2012 (vol. 10 no. 3)
pp. 24-31
With water, we trust that qualities harmful to its intended use aren't present. To avoid a regulatory solution to problems with contaminants that endanger software's intended use, the industry needs to implement processes and technical methods for examining software for the contaminants that are most dangerous given its intended use. By finding systematic and verifiable ways to identify remove, and verify contaminated software, software providers can improve customers' confidence in systems and possibly avoid regulatory solutions.
Index Terms:
source code static analysis, vulnerability severity, security weakness, risk, risk management, software flaws, design mistakes, coding errors, security mistakes, code assessment, application security, operational impact, prioritization
Citation:
Robert A. Martin, Steven M. Christey, "The Software Industry's "Clean Water Act" Alternative," IEEE Security & Privacy, vol. 10, no. 3, pp. 24-31, May-June 2012, doi:10.1109/MSP.2012.3
Usage of this product signifies your acceptance of the Terms of Use.