Skip to main content
SpringerLink
Log in
Book cover

International Conference on COTS-Based Software Systems

ICCBSS 2003: COTS-Based Software Systems pp 178–186Cite as

Estimating the Cost of Security for COTS Software

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2580))

Abstract

This paper describes enhancements being made to the University of Southern California’s COnstructive COTS (COCOTS) integration cost model to address security concerns. The paper starts by summarizing the actions we have taken to enhance COCOMO II to model the impact of security on development effort and duration. It then relates the COCOMO II approach to the COCOTS estimating framework so that the enhancements proposed can be incorporated into the COCOTS model. After summarizing the team’s progress in developing counterpart COCOTS security cost drivers and expert-consensus cost driver parameter values, the paper points to the steps that will be taken to validate the findings and calibrate the model.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Committee on Information Systems Trustworthiness, Trust in Cyberspace. National Academy Press (1999)

    Google Scholar 

  2. Lindqvist, U., and Jonsson, E.: A Map of Security Risks Associated with Using COTS. In: IEEE Computer, June (1998) 60–66.

    Google Scholar 

  3. Abts, C., Boehm, B., and Clark, E. B.: COCOTS: A Software COTS-Based System (CBS) Cost Model-Evolving Towards Maintenance Phase Modeling. In: Proceedings of ESCOM (2001)

    Google Scholar 

  4. Boehm, B. W., Abts, C., Brown, A. W., Chulani, S., Clark, B. K., Horowitz, E., Madachy, R., Reifer, D., and Steece, B.: Software Cost Estimation with COCOMO II. Prentice-Hall (2000)

    Google Scholar 

  5. Abts, C., Boehm, B., and Clark, E. B.: COCOTS: A COTS Software Integration and Cost Model-Model Overview and Preliminary Data Findings. In: Proceedings of ESCOM (2000)

    Google Scholar 

  6. Luhn, R., and Spanbauer, S.: Protect Your PC. In: PC World, July (2002) page 92

    Google Scholar 

  7. Mackey, R: Layered Insecurity. Information Security, June (2002) 61–68.

    Google Scholar 

  8. Reifer, D. J.: Security: A Rating Concept for COCOMO II. Center for Software Engineering, University of Southern California, May (2002)

    Google Scholar 

  9. Allen, J. H.: The CERT Guide to System and Network Security Practices. Addison-Wesley (2001)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Center for Software Engineering, University of Southern California, 90089, Los Angeles, CA

    Donald J. Reifer, Barry W. Boehm & Murali Gangadharan

Authors
  1. Donald J. Reifer
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Barry W. Boehm
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Murali Gangadharan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institute for Information Technology M50, National Research Council Canada, 1200 Montreal Road, K1A 0R6, Ottawa, Ontario, Canada

    Hakan Erdogmus  & Tao Weng  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Reifer, D.J., Boehm, B.W., Gangadharan, M. (2003). Estimating the Cost of Security for COTS Software. In: Erdogmus, H., Weng, T. (eds) COTS-Based Software Systems. ICCBSS 2003. Lecture Notes in Computer Science, vol 2580. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36465-X_17

Download citation

  • DOI: https://doi.org/10.1007/3-540-36465-X_17

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-00562-9

  • Online ISBN: 978-3-540-36465-8

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation