This chapter covers methods to assess the effectiveness of security in software. Effectiveness is used to ensure that the software has sufficient security controls, and these controls are performing as expected. Software quality and effectiveness is based on assurance requirements, and such requirements are based on performance and security. Hence, parameters such as performance and security must be demonstrable. Monitoring activities such as logging plays an important role in determining the performance and the security control effectiveness of the software.
Assurance in software means that software performance is as per the design and has effective security controls available. Observe the following diagram:
In this module, you will understand the following: