Properties of a Good Metric

Introduction

Measuring security, both qualitatively and quantitatively, is not an easy task. It is a long-standing open problem to the research community and it is of practical importance to software industry today. Some authors have tried to characterized which criteria should meet a good metric. Among their efforts, three main ideas can be found in the literature:

  1. The SMART criterion.
  2. The PRAGMATIC criterion.
  3. The characteristics identified in the work carried out by Savola.

In the following interactive visualization, the common points among the three criteria con be seen.

Tension: