A Framework for Modeling the Software Assurance Ecosystem: Insights From the Software Assurance Landscape Project
Today's operational environments are complex and dynamic. User needs and environmental factors are constantly changing, which leads to unanticipated usage, reconfiguration, and continuous evolution of practices and technologies. Operational requirements for software-reliant systems are often ambiguous, incomplete, or incorrect. New defects and vulnerabilities are continually discovered. In environments characterized by these conditions, the effects of complex interrelation-ships and dependencies among organizations are not well understood, and the incentives that drive people's behavior often form barriers to the adoption of assurance solutions for the soft-ware-reliant systems those organizations depend on.