ded abstract of this technical report appeared in the Proceedings of the First Information Security Practice and Experience Conference (ISPEC 2005) [AHS05].
In the current state of practice, security properties of software systems are typically assessed through subjective, labor-intensive human evaluation. Moreover, much of the quanti...
Gwendolyn H. Walton, Thomas A. Longstaff, Richard ...
We present a static analysis framework for inference of security-related program properties. Within this framework we design and implement ownership, immutability and information ...
Systematic approaches to measuring security are needed in order to obtain evidence of the security performance of products or an organization. In this study we survey the emerging...