SDLC-based software development security test method and system

A technology of security testing and software development, applied in the computer field, can solve problems such as extraction, lack of quantitative indicators, and lack of scientific and rigorous development security testing technology solutions to achieve the effect of ensuring security

Pending Publication Date: 2022-03-22
深圳九方科技有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The main purpose of the present invention is to provide an SDLC-based software development security testing method and system to solve the lack of extraction of quantitative indicators in the prior art for several stages most closely related to software quality problems in the software life cycle, and at the same time It has not yet formed a scientific and rigorous development of security testing technology solutions

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • SDLC-based software development security test method and system
  • SDLC-based software development security test method and system
  • SDLC-based software development security test method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the embodiments and accompanying drawings.

[0049] Such as figure 1 As shown, the SDLC-based software development security testing method provided by the embodiment of the present invention includes the following steps:

[0050] Step S1: Extracting software source codes at various stages of the software life cycle;

[0051] Step S2: identifying valuable codes in software source codes according to preset valuable data;

[0052] Step S3: Determine possible malicious user requirements according to valuable codes;

[0053] Step S4: Perform security testing on the software source code according to malicious user requirements, such as figure 2 As shown, the test methods include:

[0054] Step S41: According to the requirements of malicious users, scan the software source code for vulnerabilit...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a computer technology, provides a software development security test method and system based on SDLC, and aims to solve the problems that extraction of quantitative indexes is lacked in several stages which are most closely related to a software quality problem in a software life cycle in the prior art; and meanwhile, a scientific and rigorous development safety test technical scheme is not formed. According to the method, the valuable code is identified from the extracted software source code, the possible malicious user demand is determined according to the valuable code, and then the security test is executed on the software source code according to the malicious user demand, specifically, vulnerability scanning and fault simulation. Security testing is performed on each stage of the software life cycle from the perspective of malicious users, and important indexes most closely related to software quality problems can be extracted for detection and analysis, so that source code vulnerabilities of each stage of the software life cycle are efficiently detected, and software development security is ensured.

Description

technical field [0001] The invention relates to computer technology, in particular to an SDLC-based software development safety testing method and system. Background technique [0002] Software system development life cycle (SDLC), also known as software life cycle or system development life cycle, refers to the whole life cycle of software from production to retirement. Every stage of the software system development life cycle involves security issues, and considering security issues during the development process can help developers save a lot of bug fixing time. However, in the existing technology, due to the lack of attention paid by R&D personnel to the safety and quality of software development, the technical means of safety testing in the software development process are limited, mainly focusing on the qualitative nature of software features, which is most closely related to software quality issues in the software life cycle The relevant stages lacked the extraction ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F11/36G06F21/57G06F21/56
CPCG06F11/3616G06F11/3608G06F21/577G06F21/563
Inventor 章杰刘虎吴义敏张学勇
Owner 深圳九方科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap