Striving for correctness

Striving for correctness

In developing information technology, you want assurance that systems are secure and reliable, but you cannot have assurance or security without correctness. We discuss methods used to achieve correctness, focusing on weaknesses and approaches that management might take to increase belief in correct...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Computers & security 1995-01, Vol.14 (8), p.719-738
Hauptverfasser: Abrams, Marshall D., Zelkowitz, Marvin V.
Format: Artikel
Sprache:eng
Schlagworte:
Assurance
Belief
Computer programming
Correctness
Cybersecurity
Formal methods
Information technology
Mathematical models
Methods
Metrics
Process models
Risk assessment
Risk management
Security testing
Silver bullets
Simulation
Studies
Systems development
Trustworthiness
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:In developing information technology, you want assurance that systems are secure and reliable, but you cannot have assurance or security without correctness. We discuss methods used to achieve correctness, focusing on weaknesses and approaches that management might take to increase belief in correctness. Formal methods, simulation, testing, and process modeling are addressed in detail. Structured programming, life-cycle modeling like the spiral model, use of CASE tools, use of formal methods, object-oriented design, reuse of existing code are also mentioned. Reliance on these methods involves some element of belief since no validated metrics on the effectiveness of these methods exist. Suggestions for using these methods as the basis for managerial decisions conclude the paper.
ISSN:0167-4048
1872-6208
DOI:10.1016/0167-4048(95)00022-4