Modeling technology-based software security test method

A security testing and security technology, applied in the field of software security testing based on defect modeling technology, to achieve the effects of ensuring test effectiveness, shortening software security testing cycle, and high social and economic benefits

Active Publication Date: 2011-01-19
PLA UNIV OF SCI & TECH
View PDF4 Cites 28 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0013] Purpose of the invention: In order to overcome the deficiencies in the prior art, the present invention provides a software security testing method based on software security functional requirements and security

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Modeling technology-based software security test method
  • Modeling technology-based software security test method
  • Modeling technology-based software security test method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0084] The present invention will be further described below in conjunction with the accompanying drawings. A software security testing method based on modeling technology, the security test case acquisition method comprises the steps of:

[0085] (a) Based on the CWE, CERT, CVE and OWASP software vulnerability databases, determine the typical defect sets of software security at the current stage;

[0086] (b) Classification and description of software data flow;

[0087] (c) Establish a pre-correspondence table between the typical defects of software security obtained through step (a) and the classification description of software data stream obtained through step (b);

[0088] (d) Based on the data flow diagram of the tested part, according to the pre-correspondence table between typical software security defects and data flow obtained in step (c), initially obtain the testing requirements for software security defects;

[0089] (e) Realize the behavioral description of th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a modeling technology-based software security test method, which comprises the following steps of: transforming a software security defect test behavior demand and a software security function test behavior demand into formalized software security test behavior demand models, and generating security test cases of a finite state machine characteristic sequence based on the acquired models; and meanwhile, extracting security defects for the acquired security test cases, and complementing a security defect library. The method provided by the invention solves the problem of security test demand extraction in the current standard and an engineering system, and ensures the coverage and validity of the software security test demands. Meanwhile, the method provides a test process system from security test demand extraction, formalized demand description to automatic generation of the test cases, forms a set of full software security test method system and support system, shortens the software security test period at the same time of improving the pertinence, and is favorable for improving the software security quality.

Description

technical field [0001] The invention relates to software safety testing technology, in particular to a software safety testing method based on defect modeling technology. Background technique [0002] With the development of computer technology, software products have been applied in more and more fields, which has brought great convenience to people's life, and is changing people's work and life style. The development of culture, culture and technology has had a profound impact. With the rapid development of software level, with the rise of new technologies such as object-oriented, component software, and distributed software, software security has become increasingly serious, and has become an important factor restricting the development and application of software technology. According to the statistics of CERT / CC (Computer Emergency Readiness Team Coordination Center) in the United States, from 1998 to 2009, software security crisis incidents increased by 4724%, with an...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F11/36
Inventor 刘晓明黄松惠战伟胡斌任正平姚奕洪宇郑长友饶莉萍蒋圆圆袁利华刘艳云
Owner PLA UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap