Note: This page is part of the archive.

This document is part of the US-CERT website archive. These documents are no longer updated and may contain outdated information. Links may also no longer function. Please contact if you have any questions about the US-CERT website archive.


Describes best practices associated with measurement for managing the quality of software systems during development. Several measures that have been proposed to characterize specific security-related characteristics are discussed, and the current extent of the practice of software measurement with specific attention to the use of security-related measures is described.