Software systems continue to be crippled by security vulnerabilities. One of the reasons for this is that information on known vulnerabilities is not easily available to software developers, or integrated into the tools they use.
The main objective of SHIELDS is to increase software security by bridging the gap between security experts and software practitioners and by providing the software developers with the means to effectively prevent occurrences of known vulnerabilities when building software.
We will achieve this objective by developing novel formalisms for representing security in-formation, such as known vulnerabilities, in a form directly usable by development tools, and accessible to software developers. This information will be stored in an internet-based Secu-rity Vulnerability Repository Service (SVRS) that facilitates fast dissemination of vulnerabil-ity information from security experts to software developers, see figure below. We will also pre-sent a new breed of security methods and tools (some open source, some commercial) that are constantly kept up-to-date by using the information stored in the SVRS.

In addition to the SVRS, and new security tools, we will create a SHIELDS Compliant certi-fication for tools and a SHIELDS Verified logo program for software developers that will of-fer an affordable and yet technically effective evaluation and certification method in the fight against common security vulnerabilities. Commercial exploitation will be through these pro-grams, the tools, and through subscriptions to the repository (parts will be free).