Require the developer of the system, system component, or system service to track security flaws within the system, component, or service.