| 基于缺陷分析与测试评审的软件可信性评价方法 |
| |
| 引用本文: | 李晓红,王翔宇,张涛,易锦,冯志勇. 基于缺陷分析与测试评审的软件可信性评价方法[J]. 清华大学学报(自然科学版), 2011, 0(10): 1287-1293 |
| |
| 作者姓名: | 李晓红 王翔宇 张涛 易锦 冯志勇 |
| |
| 作者单位: | 天津大学计算机科学与技术学院;中国信息安全测评中心; |
| |
| 基金项目: | 国家自然基金资助项目(90718023); 天津市自然基金资助项目(10JCZDJC15700) |
| |
| 摘 要: | 该文提出一种软件缺陷分析与软件测试评审相结合的可信评价办法,用于在软件开发周期中量化评估软件可信性。本方法将软件可信性定位在正确性、可靠性、容错性、安全性、隐私性,以软件缺陷入手,评估软件的安全性、隐私性、容错性;以扩展软件测试入手,评估软件的正确性、可靠性;通过这5个素的评估,最终考量软件的可信性。通过这种方法,从以上5个维度对软件可信性进行量化评价,并发现设计初期引入的缺陷,提高了软件开发的质量和效率。
|
| 关 键 词: | 可信软件 软件安全缺陷 软件可信性评价 |
Software trustworthness evaluation based on weakness analysis and testing assessment |
| |
| LI Xiaohong,WANG Xiangyu,ZHANG Tao,YI Jing,FENG Zhiyong. Software trustworthness evaluation based on weakness analysis and testing assessment[J]. Journal of Tsinghua University(Science and Technology), 2011, 0(10): 1287-1293 |
| |
| Authors: | LI Xiaohong WANG Xiangyu ZHANG Tao YI Jing FENG Zhiyong |
| |
| Affiliation: | LI Xiaohong1,WANG Xiangyu1,ZHANG Tao2,YI Jing2,FENG Zhiyong1(1.School of Computer Science and Technology,Tianjin University,Tianjin 300072,China,2.China Information Technology Security Evaluation Center,Beijing 100085,China) |
| |
| Abstract: | This paper presents a software trustworthness evaluation method based on weakness analyses and testing assessments to evaluate the software's fitness-for-use during the development cycle.This paper focuses on five aspects of trustworthiness.To find out a weakness,the analysis starts from a weakness exposed in the software design model.The analysis considers the trustworthiness of the entire software package by evaluating the danger and influence of the software weakness.The analysis evaluates the software t... |
| |
| Keywords: | trustworthy software software security weakness software trustworthness evaluation |
| 本文献已被 CNKI 等数据库收录! |
|
