To main content

Achieving "Good Enough" Software Security: The Role of Objectivity

Abstract

Today's software development projects need to consider security as one of the qualities the software should possess. However, overspending on security will imply that the software will become more expensive and often also delayed. This paper discusses the role of objectivity in assessing and researching the goal of good enough security. Different understandings of objectivity are introduced, and the paper explores how these can guide the way forward in improving judgements on what level of security is good enough. The paper recommends adopting and improving upon methods that include different perspectives, support the building of interactive expertise, and support confirmability by keeping documentation of the basis on which judgements were made.
Read the publication

Category

Academic chapter

Language

English

Author(s)

Affiliation

  • SINTEF Digital / Software Engineering, Safety and Security
  • Norwegian University of Science and Technology

Year

2020

Publisher

Association for Computing Machinery (ACM)

Book

EASE '20: Proceedings of the Evaluation and Assessment in Software Engineering

ISBN

9781450377317

Page(s)

360 - 365

View this publication at Norwegian Research Information Repository