ABSTRACT
Software security is an important factor in this age of information technology, and lots of system security principles are in place that can be utilized in safeguarding the overall IT infrastructure. Assuring the security of a system is not a one-stop solution but a continuous process, and constant code improvements, bug fixes, etc. have to go side by side as the system becomes operational. Now, in order to improve the functioning of a system on different fronts, we need measurements of certain critical attributes, like security. On the software security front, we also require measurements so that security can be improved and optimized while the system is operational. This chapter provides a look at a variety of indicators that, when considered from a security standpoint, speak volumes. A comprehensive classification of existing system security measurement methods is discussed, with an accent on software security.
