AppSecEU08 SHIELDS: metrics, tools and Internet services to improve security in application developments

SHIELDS is a cooperative European project funded within the EU 7^ FP focused on increasing software security by bridging the gap between security experts and software practitioners providing software developers with the means to effectively prevent occurrences of known vulnerabilities when building software.

SHIELDS achieves this objective by developing novel formalisms for representing security information, such as known vulnerabilities and their countermeasures, in a form directly usable by development tools, and accessible to software developers. This information will be stored in an internet-based Security Vulnerabilities Repository Service (SVRS) that facilitates fast dissemination of vulnerability information from security experts to software developers. SHIELDS is also developing a new breed of security methods and tools to be constantly kept up-todate by using the information stored in the SVRS.

SHIELDS will operate in an open, distributed environment, and will be based on standard compliant federation protocols and identification services, and allow the use of established available technologies in order to provide access to a wide users community.

Among the objectives of SHIELDS there is also the idea to create a SHIELDS Compliant certification for tools and a SHIELDS Verified logo program for software developers that will offer an affordable and yet technically effective evaluation and certification method in the fight against common security vulnerabilities.

Additional informaiton can be found on the project web site: http://er-projects.gf.liu.se/~shields