期刊文献+

基于威布尔分布的嵌入式软件安全性量化分析

QUANTITATIVE SAFETY ANALYSIS OF EMBEDDED SOFTWARE BASED ON WEIBULL DISTRIBUTION
下载PDF
导出
摘要 基于软件测试阶段采集的安全缺陷数据,讨论安全缺陷在航空装备嵌入式软件的生命周期过程中出现的规律,指出它的出现规律满足S曲线分布。考虑到AML模型的缺陷,引入威布尔建模理论,以软件测试数据为基础,建立某航空嵌入式软件的S曲线模型,预测软件的总安全缺陷数。对威布尔理论进行拓展,讨论转折点的选取原则。最后,通过卡方检验和预测偏差检验的方法,验证了预测模型与测试数据的匹配性。检验结果表明,威布尔模型能够消除测试过程中随机因素的影响,模拟测试过程中缺陷发掘的实际情况,预测取得了很好的效果。 Based on the safety defect data gathered during the software testing period,we discuss the occurrence rule of the safety defect in the life cycle of aviation equipment embedded software,and point out that this rule satisfies the S-curve distribution. Considering the deficiency of AML model,we introduce Weibull-based modelling theory and build the S-curve model for a kind of aviation embedded software based on the software testing data. The overall safety defect numbers of software is predicted as well. We also expend the Weibull theory and discuss the principle of transition point selection. Finally,by applying the Chi-Squire test and prediction error test methods,we verify the matching properties of the prediction model and the test data. Test results show that the Weibull-based model can eliminate random factors' effects in test process. We simulate the real situation of defects finding in software testing process,the prediction achieves applicable effect.
机构地区 [ [
出处 《计算机应用与软件》 CSCD 北大核心 2014年第4期262-265,311,共5页 Computer Applications and Software
关键词 航空装备嵌入式软件 威布尔模型 安全缺陷发掘 量化 Aviation equipment embedded software Weibull-based model Safety defects finding Quantitative
  • 相关文献

参考文献16

  • 1MIL-STD-882E[S]. United State of America,Department of America,2012.
  • 2GJB/Z104-1997软件可靠性和安全性设计准则[S].
  • 3Defense industry Daily. F-22 squadron shot down by the International Date Line[ OL]. 2007 - 3 - 1. http://defenseindustrydaily, com/F-22- squadro-shot-down-by-the-International-Date-Line -03087/.
  • 4王青,伍书剑,李明树.软件缺陷预测技术[J].软件学报,2008,19(7):1565-1580. 被引量:149
  • 5Hongpo Wang, Hongjian Zhou, Honglei Wang. Quantitative Safety Analy- sis of a Kind of Embedded Software [ C ]//IEEE International Confer- ence on Computer Science and Automation Engineering 2011:391 -397.
  • 6Rescorla E. Security holes. Who cares? [ C]//Pmc. 12th USENIX security symposium ,2003:75 - 90.
  • 7Alhazmi 0 H, Malaiya Y K. Quantitative Vulnerability Assessment of Systems Software [ C ]//PROC of annual reliability and maintainability symposium,2005 : 615 - 620.
  • 8Alhazmi O H, Malaiya Y K, Ray I. Measuring, analyzing and predicting security vulnerabilities in software systems[ J ]. Computers & Security, 2007,26(3) :219-228.
  • 9Alhazmi O H, Malaiya Y K. Application of Vu|nerability Discovery Mod- els to Major Operating Systems [ J ]. IEEE Transactions on Reliability, 2008,57 ( 1 ).
  • 10Alhazmi O H, Malaiya Y K. Modeling the Vulnerability Discovery Process [ C]//Pmceedings of the 16th IEEE International Symposium on Software Reliability Engineering (ISSRE'05).

二级参考文献9

共引文献156

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部