Vulnerability Discovery Analysis in Software Reliability and Related Optimization Problems

Abstract

The recent rapid advancement in technology has affected the security of software products. The number of threats and cyber-attacks are intensifying both in number and in complexity. Therefore, software system requires protection against threats and vulnerabilities. When defects in the software have an effect on the security of the software system, then these defects are called vulnerabilities. It is essential for vendors to rigorously identify and remove vulnerabilities present in the system. This chapter aims to explain the vulnerability discovery and patching process mathematically. Patch is a security update released by software developers to eliminate vulnerabilities from the system. Quantitative measures are discussed in the present study to predict the vulnerability discovery growth function by incorporating various attributes, namely, software users, operational effort, and coverage functions. Joint optimization problem for optimal software and patch time-to-market are also discussed with an aim of minimizing the cost functions. Numerical examples are provided to validate the mathematical models and minimization problem using the actual vulnerability data sets. The results indicate that the discussed models can objectively determine the vulnerability discovery paradigm. Moreover, the optimization models will assist the management team in optimal decision making pertaining to release time of software and security patch in the market.