Share Email Print

Proceedings Paper

Secure it now or secure it later: the benefits of addressing cyber-security from the outset
Author(s): Mohammed M. Olama; James Nutaro
Format Member Price Non-Member Price
PDF $14.40 $18.00

Paper Abstract

The majority of funding for research and development (R&D) in cyber-security is focused on the end of the software lifecycle where systems have been deployed or are nearing deployment. Recruiting of cyber-security personnel is similarly focused on end-of-life expertise. By emphasizing cyber-security at these late stages, security problems are found and corrected when it is most expensive to do so, thus increasing the cost of owning and operating complex software systems. Worse, expenditures on expensive security measures often mean less money for innovative developments. These unwanted increases in cost and potential slowing of innovation are unavoidable consequences of an approach to security that finds and remediate faults after software has been implemented. We argue that software security can be improved and the total cost of a software system can be substantially reduced by an appropriate allocation of resources to the early stages of a software project. By adopting a similar allocation of R&D funds to the early stages of the software lifecycle, we propose that the costs of cyber-security can be better controlled and, consequently, the positive effects of this R&D on industry will be much more pronounced.

Paper Details

Date Published: 28 May 2013
PDF: 6 pages
Proc. SPIE 8757, Cyber Sensing 2013, 87570L (28 May 2013); doi: 10.1117/12.2015465
Show Author Affiliations
Mohammed M. Olama, Oak Ridge National Lab. (United States)
James Nutaro, Oak Ridge National Lab. (United States)

Published in SPIE Proceedings Vol. 8757:
Cyber Sensing 2013
Igor V. Ternovskiy; Peter Chin, Editor(s)

© SPIE. Terms of Use
Back to Top