An official website of the United States government
- Home
- Search Results
- Page 1 of 1
Search for: All records
-
Total Resources2
- Resource Type
-
0001000001000000
- More
- Availability
-
20
- Author / Contributor
- Filter by Author / Creator
-
-
Rice, David (2)
-
Abdelhafeez, Abdelhafeez (1)
-
Azari, Feredun (1)
-
Barry Edwards, Wilson (1)
-
Bou-Samra, Patrick (1)
-
Chang, Austin (1)
-
Delikatny, Edward J. (1)
-
Farnam, Richard W. (1)
-
Gibbs, Summer (1)
-
Greuv, Victor (1)
-
Henderson, Eric (1)
-
Izurieta, Clemente (1)
-
Karsalia, Ritesh (1)
-
Kennedy, Gregory (1)
-
Kimball, Kali (1)
-
Kohanbash, Gary (1)
-
Kumar, Anand T. (1)
-
Lee, Amy (1)
-
Lee, John Y. (1)
-
Li, Lei (1)
-
- Filter by Editor
-
-
& Spizer, S. M. (0)
-
& . Spizer, S. (0)
-
& Ahn, J. (0)
-
& Bateiha, S. (0)
-
& Bosch, N. (0)
-
& Brennan K. (0)
-
& Brennan, K. (0)
-
& Chen, B. (0)
-
& Chen, Bodong (0)
-
& Drown, S. (0)
-
& Ferretti, F. (0)
-
& Higgins, A. (0)
-
& J. Peters (0)
-
& Kali, Y. (0)
-
& Ruiz-Arias, P.M. (0)
-
& S. Spitzer (0)
-
& Sahin. I. (0)
-
& Spitzer, S. (0)
-
& Spitzer, S.M. (0)
-
(submitted - in Review for IEEE ICASSP-2024) (0)
-
-
Have feedback or suggestions for a way to improve these results?
!
Note: When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher.
Some full text articles may not yet be available without a charge during the embargo (administrative interval).
What is a DOI Number?
Some links on this page may take you to non-federal websites. Their policies may differ from this site.
-
Izurieta, Clemente; Rice, David; Kimball, Kali; Valentien, Tessa (, TechDebt '18 Proceedings of the 2018 International Conference on Technical Debt)Context: Managing technical debt (TD) associated with potential security breaches found during design can lead to catching vulnerabilities (i.e., exploitable weaknesses) earlier in the software lifecycle; thus, anticipating TD principal and interest that can have decidedly negative impacts on businesses. Goal: To establish an approach to help assess TD associated with security weaknesses by leveraging the Common Weakness Enumeration (CWE) and its scoring mechanism, the Common Weakness Scoring System (CWSS). Method: We present a position study with a five-step approach employing the Quamoco quality model to operationalize the scoring of architectural CWEs. Results: We use static analysis to detect design level CWEs, calculate their CWSS scores, and provide a relative ranking of weaknesses that help practitioners identify the highest risks in an organization with a potential to impact TD. Conclusion: CWSS is a community agreed upon method that should be leveraged to help inform the ranking of security related TD items.more » « less
