A Three-Dimensional Model for Software Security Evaluation

Abstract

Software security evaluation is considered as a significant and indispensible activity in all phases of software development lifecycle, and there are also many factors that should be taken into account such as the environment, risks, and development documents. Despite the achievements of the past several decades, there is still a lack of methodology in evaluating software security systematically. In this paper, we propose a comprehensive model for evaluating the software security from three different but complementary points of view: technology, management and engineering. The technological dimension is 7 security levels based on Evaluation Assurance Levels (EALs) from ISO/IEC15408, the management dimension mainly concerns the management of software infrastructures, development documents and risks, and the engineering dimension focuses on 5 stages of software development lifecycle. Experts evaluate software security through the evidence items which are collected from these three dimensions and provide their assessments. Relying on Analytic Hierarchy Process (AHP) and Dempster-Shafer Evidence Theory, assessments obtained from the experts can be combined and merged to get a score which presents the security degree of software. A case study illustrates how the evaluators may use the proposed approach to evaluate security of their system.