EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

A Framework for Estimating the Cost to Build Trusted Computer Systems

Paul R. Garvey
Additional contact information
Paul R. Garvey: The METRE Corporation

Chapter 1 in Cost Analysis and Estimating, 1991, pp 1-37 from Springer

Abstract: Abstract Advances in the field of computer network technology have allowed unprecedented levels of information sharing to be possible between users. As a result, there has been an increased need within the Department of Defense (DOD) to protect sensitive information and data sources against unauthorized access or disclosure. Reflective of this, the number of USAF Electronic Systems Division (ESD) acquisitions being directed to meet stringent security requirements is increasing. Absent from the cost analysis community has been a systematic approach for estimating the resources to build computer systems that are trusted to protect the information they process. This paper presents a framework, based on research conducted by The MITRE Corporation, that identifies and schedules the security engineering tasks necessary to build a trusted computer system. For the program manager, this framework provides for the technical planning of security-relevant engineering activities around an acquisition’s major development milestones. The framework has been constructed in sufficient detail to support level of effort costing and, as a consequence, permits the cost analysis process to be directly incorporated into a project’s specific security engineering approach. A database has been initiated on security engineering costs, and insights into the major cost drivers associated with specific security requirements are shown. The security engineering task schedules and the effort data presented in this paper, collectively provide an approach for estimating the cost to build trusted computer systems that meet DOD 5200.28-STD requirements. This research represents our first step in evolving a cost methodology sensitive to the very complex system-wide technical issues involved with building secure systems for the DOD. We offer the research summary contained in this paper, so that the defense cost and security technical communities may review, comment on, and expand upon the approach within their organizations.

Keywords: Security Policy; Security Requirement; Evaluation Class; Security Engineering; Security Class (search for similar items in EconPapers)
Date: 1991
References: Add references at CitEc
Citations:

There are no downloads for this item, see the EconPapers FAQ for hints about obtaining it.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:spr:sprchp:978-1-4612-3202-5_1

Ordering information: This item can be ordered from
http://www.springer.com/9781461232025

DOI: 10.1007/978-1-4612-3202-5_1

Access Statistics for this chapter

More chapters in Springer Books from Springer
Bibliographic data for series maintained by Sonal Shukla () and Springer Nature Abstracting and Indexing ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2026-06-26
Handle: RePEc:spr:sprchp:978-1-4612-3202-5_1