This paper presents an approach to measuring computer security understood as a system property, in the category of similar properties, such as safety, reliability, dependability, resilience, etc. First, a historical discussion of measurements is presented, beginning with views of Hermann von Helmholtz in his 19th century work “Zählen und Messen”. Then, contemporary approaches related to the principles of measuring software properties are discussed, with emphasis on statistical, physical and software models. A distinction between metrics and measures is made to clarify the concepts. A brief overview of inadequacies of methods and techniques to evaluate computer security is presented, followed by a proposal and discussion of a practical model to conduct experimental security measurements.
Position papers of the 2014 Federated Conference on Computer Science and Information Systems, September 7–10, 2014, Warsaw, Poland
Polish Information Processing Society
Federated Conference on Computer Science and Information Systems
Scholarly Commons Citation
Zalewski, J., Drager, S., McKeever, W., & Kornecki, A. J. (2014). Measuring Security: A Challenge for the Generation. Position papers of the 2014 Federated Conference on Computer Science and Information Systems, September 7–10, 2014, Warsaw, Poland, 3(). https://doi.org/10.15439/2014F490