It can be shown that the probability of a security failure after t hours of testing is approximately K/t for some constant K. This implies that the mean time between failures (MTBF) is about t/K after t hours of testing. So, security improves with testing, but it only improves linearly. One implication is that to ensure an average of, say, 1,000,000 hours between security failures, we must test for (on the order of) 1,000,000 hours. Suppose that an open source software project has a MTBF oît/K. If this same project were instead closed source, we might suspect that each bug would be twice as hard for an attacker to find. If this is true, it would appear that the MTBF in the closed source case is 2t/K and hence the closed source project will be twice as secure for a given amount of testing t.
Discuss some flaws with this reasoning.
Try it now!
How it works?
Follow these simple steps to get your paper done
Place your order
Fill in the order form and provide all details of your assignment.
Proceed with the payment
Choose the payment system that suits you most.
Receive the final file
Once your paper is ready, we will email it to you.