Sequence diagram defect inspection method based on safety knowledge base

A technology of security knowledge and defect detection, applied in the direction of program control device, software testing/debugging, etc., can solve problems such as being attacked, achieve the effects of eliminating ambiguity, facilitating operation and processing, and reducing costs

Active Publication Date: 2010-09-15
江苏永达电力电信安装工程有限公司
View PDF2 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

An attack mode generally corresponds to several software defects, that is, an attack mode can a

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Sequence diagram defect inspection method based on safety knowledge base
  • Sequence diagram defect inspection method based on safety knowledge base
  • Sequence diagram defect inspection method based on safety knowledge base

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] Aiming at the above objectives, the method proposed by the present invention is roughly divided into four parts, namely the security extension of the sequence diagram, the scanning and modeling of the sequence diagram, the extraction of the attack path and the defect detection with the aid of the security knowledge base. The overall structure diagram is attached figure 1 shown.

[0026] 1. Security extension of the sequence diagram: Through the UML extension mechanism, some security attributes are added to the objects and messages in the sequence diagram. These properties can be taken from the system component diagram of M. Gegick's doctoral thesis "Analyzing Security Attacks to Generate Signatures from Vulnerable Architectural Patterns". Security attributes are the abstraction and classification of software system components, which can abstract and formalize the components in the sequence diagram. For example, Apache can be abstracted as a Web server, and MySQL can b...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention belongs to the trusted computing field and relates to a sequence diagram defect inspection method based on safety knowledge base. A UML sequence diagram is utilized to describe one service logic in design phase, firstly safety attribute expanding is added on the sequence diagrams, then FSA modelling is carried out on the service logics and all the attack paths are extracted from a model, and finally defect inspection is carried out by virtue of the safety knowledge base constructed by an attack model base, a defect base and the binary relation of the two, thus generating a threat analysis report. By adopting the invention, system defect hidden in the sequence diagram can be effectively detected, leak can be discovered at the early stage of software development and can be repaired, thus reducing software development and maintenance costs, improving software safety coefficient and enhancing credibility.

Description

technical field [0001] The invention takes the drawn sequence diagram in the development and design stage of trusted software as the main detection object, is dedicated to improving software development and later maintenance costs, and improving the credibility of software, and belongs to the field of software security. Background technique [0002] With the development of the Internet, software security issues have increasingly attracted everyone's attention. Potential loopholes in software systems bring great safety hazards to users, which arouses attention to the idea of ​​safe software. How to produce high-performance and reliable software has become a hot topic in the current society. Traditional software engineering often focuses on the efficiency, practicability and reliability of software, while ignoring the credibility of software. Moreover, the security requirements in each link cannot be met, so that the security problems that arise in the requirements and desig...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F9/44G06F11/36
Inventor 李晓红孟国柱许光全徐超潘东
Owner 江苏永达电力电信安装工程有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap