Optimal Security Patch Release Timing under Non-homogeneous Vulnerability-Discovery Processes

@article{Okamura2009OptimalSP,
  title={Optimal Security Patch Release Timing under Non-homogeneous Vulnerability-Discovery Processes},
  author={Hiroyuki Okamura and Masataka Tokuzane and Tadashi Dohi},
  journal={2009 20th International Symposium on Software Reliability Engineering},
  year={2009},
  pages={120-128}
}
This paper proposes a patch management model with non-homogeneous vulnerability-discovery processes to find the optimal security patch release times. The proposed model is an extension of Cavusoglu et al.\ (2006, 2008) by applying non-homogeneous vulnerability-discovery processes which are based on a vulnerability life-cycle model, and provides the optimal schedule for security patch release times over a software life cycle by means of cost analysis. In numerical examples, we show that the… CONTINUE READING
Highly Cited
This paper has 18 citations. REVIEW CITATIONS

Citations

Publications citing this paper.
Showing 1-10 of 11 extracted citations

References

Publications referenced by this paper.
Showing 1-10 of 21 references

Economics of security patch management

  • ——
  • The Fifth Workshop on the Economics of…
  • 2006
Highly Influential
10 Excerpts

Similar Papers

Loading similar papers…