National Institute of Standards and Technology, Dramatically Reducing Software Vulnerabilities: Report to the White House Office of Science and Technology Policy (NISTIR 8151) (Nov. 2016) (full-text).
The goal of this report is to present a list of specific technical approaches that have the potential to make a dramatic difference in reducing vulnerabilities — by stopping them before they occur, by finding them before they are exploited or by reducing their impact.
- Stopping vulnerabilities before they occur generally includes improved methods for specifying, designing and building software.
- Finding vulnerability includes better testing techniques and more efficient use of multiple testing methods.
- Reducing the impact of vulnerabilities refers to techniques to build architectures that are more resilient, so that vulnerabilities cannot be exploited for significant damage.