Defect analysis based software creditability evaluating method

A defect analysis and evaluation method technology, applied in the field of software security, to achieve the effect of improving the accuracy of software credibility evaluation and improving development quality and efficiency

Inactive Publication Date: 2011-05-25
TIANJIN UNIV
View PDF0 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Although there is no broad consensus on the precise definition of trustworthiness, in general terms, trustworthiness can be positioned as a guarantee that a system should be trusted: whether it is in the environment interference, human error, malicious attack or design , In the case of implementation errors, the system behavior does not exceed expectations

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Defect analysis based software creditability evaluating method
  • Defect analysis based software creditability evaluating method
  • Defect analysis based software creditability evaluating method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0050] In order to make the object, technical solution and advantages of the present invention clearer, the implementation manner of the present invention will be further described in detail below in conjunction with the accompanying drawings.

[0051]In order to overcome the limitations of the existing software credibility evaluation system that only qualitatively evaluates software products, the embodiment of the present invention provides a software credibility evaluation method based on defect analysis, see figure 1 , among them, the construction of attack model library and defect library is the preparatory work before the start of the evaluation work, and is the basis of the credibility evaluation method. The attack model library realizes the evaluation of the defect threat degree based on the attack threat degree. for analysis. First build the attack pattern library and the defect library, expand the attributes of the attack pattern library and the related attributes of ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a defect analysis based software creditability evaluating method, and relates to the field of software security. The method comprises the following steps: constructing an attack model base on the basis of common attack pattern enumeration and classification (CAPEC), increasing the attribute of threat degree, and establishing a several-for-one mapping relationship between the attack mode and the software defect to acquire the threat degree of the software defect; constructing a defect base; constructing a formalized uniform software model on the basis of formal language and traditional unified modeling language (UML) time sequence diagram, and constructing a software security defect knowledge base based on the uniform software model; discovering potential software security defect in the uniform software model through a theorem proving machine; dividing the software security defects into security vital defects, privacy vital defects and fault-tolerant vital defects according to the classification standard and the defect base; calculating the creditability values of the three types of defects according to the threat degree of the defects, the corresponding software environment index and a calculation formula; and realizing creditability evaluation of the software security defect by combining a privacy quantization value, a fault-tolerant quantization value and a user experience quantization value.

Description

technical field [0001] The present invention takes the design and development stage of software as the main object, and is dedicated to quantifying software credibility evaluation, improving the accuracy of software credibility evaluation, and improving the quality and efficiency of software development. It belongs to the field of software security, and particularly relates to a defect analysis based Software credibility evaluation method. Background technique [0002] The continuous emergence of software malicious attacks and the unsatisfactory status quo of software product quality have caused more and more attention to the issue of trustworthiness. With the continuous development of trusted software technology, there is an urgent need for reasonable trust evaluation methods to examine the contribution and effect of these technologies in improving trustworthiness. At the same time, in the process of software development, software engineers can also evaluate the credibilit...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/00G06F21/50
Inventor 柳懿真李晓红石红王翔宇徐超
Owner TIANJIN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap