The present invention relates to a method for measuring a software risk burden based on a multi-vulnerability life cycle which can quantitatively measure a risk burden on an external attack based on a software multi-vulnerability life cycle. The method finds the total risk burden present in software with the following formula (referring to a drawing) during a time t (t_α + t_β).
展开▼