Skip to main content
SpringerLink
Log in

Software assurance towards better IT service

  • Original Articles
  • Published:
Journal of Service Science

Abstract

Much active research has been done on service science in order to improve productivity, efficiency and customer satisfaction of IT service. If any software application or module in IT service behaves incorrectly, service quality and customer satisfaction will decrease significantly. In order to solve such problems, research on software assurance has been drawn much attention recently. Most widely recognized research has been carried out by various government agencies and research institutes such as DHS, DoD, NIST, NASA, SAFECode, CWE™, and SANS. This paper investigates various research on software assurance and discusses the unconsidered matters that have not been studied or solved yet. Finally, a system for the improved software assurance is proposed.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  • Black PE (2006) SAMATE’s Contribution to Information Assurance. IAnewsletter 9(2)

  • Black PE (2007) Source code security analysis tool functional specification Version 1.0. National Institute of Standards and Technology

  • Black PE (2008) Software assurance tools: Web application security scanner functional specification Version 1.0. National Institute of Standards and Technology

  • Bob Martin, Mason Brown, Alan Paller, Steve Christey (2009) 2009 CWE/SANS Top 25 Most Dangerous Programming Errors, CWE™

  • Coppit D, Yang J, Khurshid S, Le W, & Sullivan K (2005) Software assurance by bounded exhaustive testing. IEEE Transactions on Software Engineering

  • Denney E, Fischer B, Schumann J, & Richardson J (2005) Automatic certification of Kalman filters for reliable code generation, Aerospace Conference. IEEE, 1–10

  • Department of Homeland Security (2008) Department of Homeland Security (DHS), http://www.dhs.gov. Accessed 2008-12-2

  • Departmenta of Defense (2008) United States Department of Defense (DoD). http://www.defenselink.mil. Accessed 2008-12-15

  • MITRE (2008) Common Weakness Enumeration (CWE), http://cwe.mitre.org. Accessed 2008-11-17

  • NASA (1989) Software Assurance Guidebook, NASA-GB-A201

  • NASA (1992) Software Assurance Standard, NASA-STD-2201-93

  • NASA (2008a) National Aeronautics and Space Administration (NASA), http://www.nasa.gov. Accessed 2008-12-22

  • NASA (2008b) Software Assurance Technology Center (SATC), http://satc.gsfc.nasa.gov/tools/index.php. Accessed 2008-11-12

  • NIST (2005) Software Assurance Metrics And Tool Evaluation (SAMATE). http://samate.nist.gov. Accessed 2008-12-18

  • NIST (2007) SAMATE Reference Dataset (SRD), http://samate.nist.gov/SRD. Accessed 2008-12-17

  • NIST (2008) National Institute of Standards and Technology (NIST), http://ts.nist.gov. Accessed 2008-11-28

  • OMG (2008) Object Management Group (OMG). http://www.omg.org. Accessed 2008-11-24

  • SAFECode (2008a) Software Assurance: An Overview of Current Industry Best Practices

  • SAFECode (2008b) Software Assurance Forum for Excellence in Code (SAFECode), http://www.safecode.org. Accessed 2008-12-11

  • SANS Institute (2008) SysAdmin, Audit, Network, Security (SANS). http://www.sans.org. Accessed 2008-12-3

  • Software Assurance Consortium (2008) Software Assurance Consortium (SwAC), http://swaconsortium.org. Accessed 2008-11-18

  • Steven M. Christey, Conor O. Harris, Janis E. Kenderdine, Robert A. Martin (2009) CWE (Common Weakness Enumeration) A Community-Developed Dictionary of Software Weakness Types, CWETM, CWE Version 1.4

  • Vecellio G & Thomas WM (2000) Issues in the assurance of component-based software, In Proceedings of the 2000, International Workshop on Component-Based Software Engineering. Carnegie Mellon Software Engineering Institute

Download references

Author information

Authors and Affiliations

  1. Dept. of Computer Science, KwangWoon University, Seoul, Korea

    WoongChul Choi & DaeHun Yoo

Authors
  1. WoongChul Choi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. DaeHun Yoo
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to WoongChul Choi or DaeHun Yoo.

Additional information

WoongChul Choi received the B.S. and M.S. degrees in Computer Engineering from Seoul National University in 1988 and 1991 and the Ph.D. degree in Computer Science from University of Illinois, Urbana-Champaign, IL., USA., respectively. He was a research scientist at Telcordia Technologies(formerly Bellcore), Morristown, NJ., USA. He is currently an associate professor in the Department of Computer Science at KwangWoon University, Seoul, Korea. He is a CISA, CISSP, CCAI, CCNA.

DaeHun Yoo received the B.S. degree in Mathematics in 2005, the M.S. degree in Computer Science in 2007 and is currently a Ph.D. Student at KwangWoon University, Seoul, Korea, respectively. His research interests include software assurance, ad hoc networks and network security.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Choi, W., Yoo, D. Software assurance towards better IT service. J Serv Sci 1, 31–56 (2009). https://doi.org/10.1007/s12927-009-0003-1

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12927-009-0003-1

Keywords

Search

Navigation