Software Vulnerabilities, Defects, and Design Flaws: A Technical Debt Perspective
| dc.contributor.author | Nord, Robert L. | |
| dc.contributor.author | Ozkaya, Ipek | |
| dc.contributor.author | Shull, Forrest | |
| dc.contributor.corporate | Acquisition Research Program (ARP) | |
| dc.date | 2017-03 | |
| dc.date.accessioned | 2018-06-13T17:10:46Z | |
| dc.date.available | 2018-06-13T17:10:46Z | |
| dc.date.issued | 2017-03 | |
| dc.description.abstract | Technical debt describes a universal software development phenomenon: モQuick and easyヤ design or implementation choices that linger in the system will cause ripple effects that make future changes more costly. Although DoD software sustainment organizations have routine practices to manage other kinds of software issues, such as defects and vulnerabilities, the same cannot be said for technical debt. In this work, we discuss the relationships among these three kinds of software anomalies and their impact on software assurance and sustainable development and delivery. Defects are directly linked to external quality, and vulnerabilities are linked to more specific security concerns, but technical debt concerns internal quality and has a significant economic impact on the cost of sustaining and evolving software systems. Emerging research results and industry input demonstrate there are clear distinctions that call for different detection and management methods for defects, vulnerabilities, and technical debt. We draw from concrete examples and experience to offer software development practices to improve the management of technical debt and its impact on security. | en_US |
| dc.description.sponsorship | Naval Postgraduate School Acquisition Research Program | en_US |
| dc.identifier.npsreport | SYM-AM-17-047 | |
| dc.identifier.uri | https://hdl.handle.net/10945/58921 | |
| dc.publisher | Monterey, California. Naval Postgraduate School | en_US |
| dc.relation.ispartofseries | Acquisition Research Symposium | |
| dc.rights | This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States. | en_US |
| dc.title | Software Vulnerabilities, Defects, and Design Flaws: A Technical Debt Perspective | en_US |
| dc.type | Report | en_US |
| dspace.entity.type | Publication | |
| relation.isOrgUnitOfPublication | bc7988c8-57ff-485c-9348-877f4ef91f4e | |
| relation.isOrgUnitOfPublication.latestForDiscovery | bc7988c8-57ff-485c-9348-877f4ef91f4e | |
| relation.isSeriesOfPublication | e652aa3b-f22b-4814-8e9d-6391f82531e0 | |
| relation.isSeriesOfPublication.latestForDiscovery | e652aa3b-f22b-4814-8e9d-6391f82531e0 |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- SYM-AM-17-047-003_Nord.pdf
- Size:
- 316.15 KB
- Format:
- Adobe Portable Document Format