Measuring Software Diversity, with Applications to Security
Cryptography and Security
2013-10-15 v1 Software Engineering
Abstract
In this work, we briefly introduce and discuss some of the diversity measures used in Ecology. After a succinct description and analysis of the most relevant ones, we single out the Shannon-Weiner index. We justify why it is the most informative and relevant one for measuring software diversity. Then, we show how it can be used for effectively assessing the diversity of various real software ecosystems. We discover in the process a frequently overlooked software monopoly, and its key security implications. We finally extract some conclusions from the results obtained, focusing mostly on their security implications.
Cite
@article{arxiv.1310.3307,
title = {Measuring Software Diversity, with Applications to Security},
author = {Julio Hernandez-Castro and Jeremy Rossman},
journal= {arXiv preprint arXiv:1310.3307},
year = {2013}
}
Comments
10 pages, 5 figures