-
[show abstract]
[hide abstract]
ABSTRACT: Software cost estimation is a complex activity that requires knowledge of a number of key attributes about the project for which the estimate is being constructed. Nevertheless, security is becoming more and more important in most of the software construct. Reviews on several widely recognized parametric estimation models found the insufficient of current estimation in software security costing. Comparison of common security standards successfully highlighted software security characteristics to be considered in cost estimation. A survey based on the rating of these characteristics has been conducted. Analysis results from RASCH have validated the relative importance of these characteristics based on Multimedia Super Corridor (MSC) software developers perspective. These validated characteristics are then extended the calculation and implemented in a Function Point Analysis prototype. The paper also points to the steps of calibrating the calculation through this prototype by conducting controlled experiments.
Information Technology (ITSim), 2010 International Symposium in; 07/2010
-
[show abstract]
[hide abstract]
ABSTRACT: Software cost estimation (SCE) has been an important but difficult task since the beginning of the computer era. It considers list of parameters to estimate accurately the software cost. However, security cost is always excluded in most of the parametric cost estimation models. It is because of the security aspect is normally considered late in the software development. To overcome this problem, we proposed an enhancement to one of the parametric estimation models, which is function point analysis (FPA), to address the security concerns. The enhancement suggests potential software security characteristics during system development life cycle (SDLC). These characteristics are then integrated into FPA calculation to encounter the security cost estimation. This paper also points to the validation of a survey findings and calibration of the FPA calculation.
Industrial Engineering and Engineering Management, 2009. IEEM 2009. IEEE International Conference on; 01/2010
-
[show abstract]
[hide abstract]
ABSTRACT: Software houses are now keen to provide secure software as requested by customerspsila desire with respect to security and quality of their products especially related to the software costing estimation in the software development and implementation environment. Therefore, there is a need to identify the potential security risks while estimating the application cost. In this paper, we provide a list of potential security risks throughout the system development life cycle (SDLC). This list provides useful insights for software developers and practitioners in identifying security risks so that it can be encountered as security cost in the application.
Information Technology, 2008. ITSim 2008. International Symposium on; 09/2008
