International Journal of Engineering, Science and Innovative Technology (IJESIT)
In software metrics, developers increasingly focus on counting bugs at code level are no of vulnerabilities encountered at system level generally but the authors focus on surface attack as a measure to differentiate a version of two compareable systems to justify which is better than other. They measure a system's attack surface in terms of three kinds of resources used in attacks on the system. The attack surface metric is validated by conducting a user survey. Their measure can be used as a parameter by software developers in the development process and consumers in their decision making process.