Affiliations: [a] Pacific Academy of Higher Education and Research University, Udaipur, India | [b] Department of Computer Science, St. Xavier’s College, Jaipur, India | [c] Modern Institute of Technology & Research Centre, Alwar, India
Abstract: Security is an aspect which contains varied classification and dimensions. One such classification of security is software security and it’s facet is metrics. Software security metrics provides an estimation of how secure a software could be and indicates that where the loophole might occur while it is being developed. The realization of security implementation should occur during the initiation of software development, i.e. the requirements elicitation phase among the software development team. Misuse Case Oriented Quality Requirements (MCOQR) Metrics framework provides an easy and comprehensive way of identifying security loopholes in software much before it is developed. It provides 6 dimensional security indicators and estimators so that security team can have an insight into areas which needs further improvement and for proper drafting of security requirements. This research paper takes into account influence of threat predicted using the misuse case modeling for estimating the security aspect of software much before it is developed and implemented practically. In this paper an empirical study is provided that shows how security team may identify core areas where security could be enhanced further. The research work proves that if MCOQR metrics framework is applied during software development the outcome is more secure software.