Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS5261 Information Security CS 526 Topic 9-A Secure Software: Market Failure Market failure of secure software.

Published byRosa Hart Modified over 9 years ago

Similar presentations

Presentation on theme: "CS5261 Information Security CS 526 Topic 9-A Secure Software: Market Failure Market failure of secure software."— Presentation transcript:

1 CS5261 Information Security CS 526 Topic 9-A Secure Software: Market Failure Market failure of secure software

2 CS526Market failure of secure software2 Why Software Has (or appear to have) So Many Bugs? Software is complicated, and created by human Software is no more buggy, is just more targeted? Unique nature of software –Near-zero marginal cost Market failure for secure software –Market failure: a scenario in which individuals' pursuit of self-interest leads to bad overall outcomes i.e., cannot leave it to free market could lead to bad outcome –Typical reasons for market failure: Information asymmetries, externalities, public goods –Market failure for secure software means that vendor lack incentives to produce higher quality software. Materials in this and the next few slides from “Geekonomics: The Real Cost of Insecure Software” by David Rice

3 CS526Market failure of secure software3 Evidence of Market Failure: Guy Kawasaki: “The Art of Innovation” Don't worry, be crappy. –An innovator doesn't worry about shipping an innovative product with elements of crappiness if it's truly innovative. Churn, baby, churn. –I'm saying it's okay to ship crap--I'm not saying that it's okay to stay crappy. A company must improve version 1.0 and create version 1.1, 1.2,... 2.0. This is a difficult lesson to learn because it's so hard to ship an innovation; therefore, the last thing employees want to deal with is complaints about their perfect baby. Innovation is not an event. It's a process.

4 CS526Market failure of secure software4 Reasons Why Vendors Lack Incentive to Produce More Secure Software Cash flows when product starts shipping. Market dominance is key to success –being first often means becoming de facto standard Users cannot just vote for security with their money. –lack of measurement for security No liability. Bugs can be patched with little cost. No expensive recall. Thorough testing is inefficient. Let the users test it and fix only the bugs that affect users

5 CS526Market failure of secure software5 The Perversity of Patching Releasing a patch costs little Buggy software can force users to upgrade –Achieving market dominance means competing with previous versions –Stop releasing patches for old versions can force users to upgrade Patching provide an opportunity of offering new licensing terms

6 How to Write More Secure Software? See Basics of Secure Design, Development, and Test by MicrosoftBasics of Secure Design, Development, and Test –http://download.microsoft.com/download/9/3/5/935520 EC-D9E2-413E-BEA7- 0B865A79B18C/Basics%20of%20Secure%20Design %20Development%20Test.ppsx CS526Market failure of secure software6

7 CS5267 Coming Attractions … Symbolic execution Market failure of secure software

Download ppt "CS5261 Information Security CS 526 Topic 9-A Secure Software: Market Failure Market failure of secure software."

Similar presentations

Announcements: Tuesday

Announcements: Tuesday
StormingForce.com Motion. StormingForce.com StormingForce’s technology is significantly increasing productivity and quality of manual repetitive tasks.

StormingForce.com Motion. StormingForce.com StormingForce’s technology is significantly increasing productivity and quality of manual repetitive tasks.
CHAPTER 8 PRICING Study Objectives

CHAPTER 8 PRICING Study Objectives
Why Use Test Driven Development (TDD)?.  Why the need to change to TDD.  Talk about what TDD is.  Talk about the expectations of TDD.

Why Use Test Driven Development (TDD)?.  Why the need to change to TDD.  Talk about what TDD is.  Talk about the expectations of TDD.
Management the Microsoft Way David Thielen. Contact Information David Thielen news.thielen.com/thielen.books.management.

Management the Microsoft Way David Thielen. Contact Information David Thielen news.thielen.com/thielen.books.management.
1. Connect Your Enterprise 2. Integrate Your Partners 3. Engage Your Customers 4. Beat Your Competitors.

1. Connect Your Enterprise 2. Integrate Your Partners 3. Engage Your Customers 4. Beat Your Competitors.
Public and private limited companies: A contrastive view.

Public and private limited companies: A contrastive view.
6 Entrepreneurship and Small Business Management

6 Entrepreneurship and Small Business Management
Entrepreneurship and Small Business Management

Entrepreneurship and Small Business Management
Upgrading Software CIT 1100 Chapter4.

Upgrading Software CIT 1100 Chapter4.
“Economics 101” -Is Government Intervention necessary in Markets? Training Session 5 Mar 2014.

“Economics 101” -Is Government Intervention necessary in Markets? Training Session 5 Mar 2014.
BTEC Unit 29 – Lesson 02 Preparing to Change

BTEC Unit 29 – Lesson 02 Preparing to Change
Strategic Planning Chapter 9

Strategic Planning Chapter 9
Innovation and IS Kieran Mathieson. What is Innovation?  Long definition Successful innovation is the creation and implementation of new processes, products,

Innovation and IS Kieran Mathieson. What is Innovation?  Long definition Successful innovation is the creation and implementation of new processes, products,
CS350/550 Software Engineering Lecture 1. Class Work The main part of the class is a practical software engineering project, in teams of 3-5 people There.

CS350/550 Software Engineering Lecture 1. Class Work The main part of the class is a practical software engineering project, in teams of 3-5 people There.
Money is important, but it ain’t everything … Patrick Murray Watson Wyatt & Company 503.598.4445.

Money is important, but it ain’t everything … Patrick Murray Watson Wyatt & Company
CRM SOFTWARE What is CRM, Evolution of CRM software and SaaS, SugarCRM in depth, CRM SW Market.

CRM SOFTWARE What is CRM, Evolution of CRM software and SaaS, SugarCRM in depth, CRM SW Market.
Economics: Principles in Action

Economics: Principles in Action
Sul Kassicieh Anderson School of Management.   Focus your thinking  Establish realistic strategy – operating company on paper  Financing and other.

Sul Kassicieh Anderson School of Management.   Focus your thinking  Establish realistic strategy – operating company on paper  Financing and other.
Startup Essentials Peter Russo 2 Today’s Topics Business Plans Who Needs Them? How to Develop One Good and Bad Plans Business Models.

Startup Essentials Peter Russo 2 Today’s Topics Business Plans Who Needs Them? How to Develop One Good and Bad Plans Business Models.

Similar presentations

Ads by Google