English

Measuring Software Diversity, with Applications to Security

Cryptography and Security 2013-10-15 v1 Software Engineering

Abstract

In this work, we briefly introduce and discuss some of the diversity measures used in Ecology. After a succinct description and analysis of the most relevant ones, we single out the Shannon-Weiner index. We justify why it is the most informative and relevant one for measuring software diversity. Then, we show how it can be used for effectively assessing the diversity of various real software ecosystems. We discover in the process a frequently overlooked software monopoly, and its key security implications. We finally extract some conclusions from the results obtained, focusing mostly on their security implications.

Cite

@article{arxiv.1310.3307,
  title  = {Measuring Software Diversity, with Applications to Security},
  author = {Julio Hernandez-Castro and Jeremy Rossman},
  journal= {arXiv preprint arXiv:1310.3307},
  year   = {2013}
}

Comments

10 pages, 5 figures

R2 v1 2026-06-22T01:45:28.911Z