Skip to main content
Springer Nature Link
Log in

Estimating the Cost of Security for COTS Software

  • Conference paper
  • First Online:
COTS-Based Software Systems (ICCBSS 2003)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2580))

Included in the following conference series:

Abstract

This paper describes enhancements being made to the University of Southern California’s COnstructive COTS (COCOTS) integration cost model to address security concerns. The paper starts by summarizing the actions we have taken to enhance COCOMO II to model the impact of security on development effort and duration. It then relates the COCOMO II approach to the COCOTS estimating framework so that the enhancements proposed can be incorporated into the COCOTS model. After summarizing the team’s progress in developing counterpart COCOTS security cost drivers and expert-consensus cost driver parameter values, the paper points to the steps that will be taken to validate the findings and calibrate the model.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Committee on Information Systems Trustworthiness, Trust in Cyberspace. National Academy Press (1999)

    Google Scholar 

  2. Lindqvist, U., and Jonsson, E.: A Map of Security Risks Associated with Using COTS. In: IEEE Computer, June (1998) 60–66.

    Google Scholar 

  3. Abts, C., Boehm, B., and Clark, E. B.: COCOTS: A Software COTS-Based System (CBS) Cost Model-Evolving Towards Maintenance Phase Modeling. In: Proceedings of ESCOM (2001)

    Google Scholar 

  4. Boehm, B. W., Abts, C., Brown, A. W., Chulani, S., Clark, B. K., Horowitz, E., Madachy, R., Reifer, D., and Steece, B.: Software Cost Estimation with COCOMO II. Prentice-Hall (2000)

    Google Scholar 

  5. Abts, C., Boehm, B., and Clark, E. B.: COCOTS: A COTS Software Integration and Cost Model-Model Overview and Preliminary Data Findings. In: Proceedings of ESCOM (2000)

    Google Scholar 

  6. Luhn, R., and Spanbauer, S.: Protect Your PC. In: PC World, July (2002) page 92

    Google Scholar 

  7. Mackey, R: Layered Insecurity. Information Security, June (2002) 61–68.

    Google Scholar 

  8. Reifer, D. J.: Security: A Rating Concept for COCOMO II. Center for Software Engineering, University of Southern California, May (2002)

    Google Scholar 

  9. Allen, J. H.: The CERT Guide to System and Network Security Practices. Addison-Wesley (2001)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Center for Software Engineering, University of Southern California, 90089, Los Angeles, CA

    Donald J. Reifer, Barry W. Boehm & Murali Gangadharan

Authors
  1. Donald J. Reifer
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Barry W. Boehm
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Murali Gangadharan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institute for Information Technology M50, National Research Council Canada, 1200 Montreal Road, K1A 0R6, Ottawa, Ontario, Canada

    Hakan Erdogmus  & Tao Weng  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Reifer, D.J., Boehm, B.W., Gangadharan, M. (2003). Estimating the Cost of Security for COTS Software. In: Erdogmus, H., Weng, T. (eds) COTS-Based Software Systems. ICCBSS 2003. Lecture Notes in Computer Science, vol 2580. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36465-X_17

Download citation

  • DOI: https://doi.org/10.1007/3-540-36465-X_17

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-00562-9

  • Online ISBN: 978-3-540-36465-8

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation