Valuation of Software Exposures using Visualization, Best-Worst Method and Artificial Neural Network

Abstract

Software is one of the most important part in today’s world, with its requirements in every industry be it automotive, avionics, telecommunication, banking, pharmaceutical and many more. Software systems are generally a bit complicated and created by distinct programmers. Usually any mistake in the code by a programmer in the developing stage of a software can lead to loopholes that cause Exposure. Exposure is a software flaw that an assaulter can exploit to conduct unlawful activities within a computer system. Despite the understanding of Exposure by the academia and industry, the amount of Exposure is growing exponentially as fresh characteristics are added to the software frequently. Developers and testers are faced with the challenge of fixing large amounts of exposure within limited resources and time. Thus, prioritizing software exposures is essential to reduce the usage of corporate assets and time, which is the motivation behind the present study. In the present paper, the issue of software exposure prioritization is addressed by utilizing a new multi-criterion decision-making (MCDM) technique known as the Best Worst method (BWM). Further, to assess the vulnerabilities in terms of their critical nature, we have applied Two-Way assessment technique. The BWM utilizes two pairwise comparison vectors to determine the weights of criteria. The two- way assessment framework takes into account the perspectives of both managers/developers and stakeholders/testers to highlight the severity of software vulnerabilities. This can act as a significant measure of efficiency and effectiveness for the prioritization and evaluation of vulnerability. The findings are validated with a software testing firm from North India.